Security at Homifax

This page outlines the administrative, technical, and physical safeguards implemented by Homifax to protect your data, as well as our commitment to SOC 2 Type 2 compliance. At Homifax, we treat your records with the same rigorous security as a Swiss bank vault, ensuring your trust and peace of mind through industry-leading practices.

‍

Homifax is engineered to collect and manage data securely. We adhere to stringent industry standards to safeguard your information and maintain SOC 2 Type 2 compliance. This certification confirms that Homifax meets exacting requirements for security, availability, and confidentiality in our data handling and processing systems.

For additional inquiries regarding our security practices, please contact security@homifax.com. Our team will respond promptly.

Security Features

In addition to adhering to industry best practices, Homifax provides advanced security features to further protect your data:

• External Storage Options: Homifax offers the ability to store record submission responses exclusively in offline external databases, rather than on Homifax servers, giving you greater protection over your data loss.
• Approval Confirmation: Homifax ensures that all data-related approvals, including access requests and configuration changes, are processed through secure, auditable workflows. Upon successful verification, approval confirmations are issued promptly via encrypted communication channels to authorized users. For inquiries about approval processes or to verify a confirmation, please contact support@homifax.com.

‍

Data Collection and Storage

For details on the data we collect and store, please refer to our Privacy Policy.

‍

Infrastructure and Network Security

Security is a core pillar at Homifax. We implement the following measures to ensure the integrity and confidentiality of your data and account.

‍

Hosting

Homifax leverages secure, enterprise-grade cloud infrastructure with data centers located in the United States. Upon request, customers may opt for data storage in European Union data centers. Our hosting provider employs state-of-the-art physical and logical access controls, undergoes regular third-party audits, and maintains robust security certifications.

Access to Homifax infrastructure is strictly limited to authorized personnel on an as-needed basis. All employees use dedicated accounts protected by two-factor authentication (2FA).

‍

Encryption

• Data in Transit: All communications between you and Homifax servers are encrypted using HTTPS/TLS protocols.
• Data at Rest: All stored data is encrypted and replicated to ensure durability and availability.

‍

Application Security

‍

Business Continuity and Disaster Recovery

Business Continuity

Homifax maintains daily and point-in-time encrypted backups to ensure data integrity. In the unlikely event of data loss, we can restore customer data from these secure backups.

Disaster Recovery

Our infrastructure is designed for portability and resilience. In the event of a regional outage, Homifax can deploy a duplicate environment in an alternate region to ensure uninterrupted service.

Vulnerability Reporting

We value the contributions of security researchers and welcome responsible disclosure of vulnerabilities. If you identify a potential security issue, please email security@homifax.com with detailed information. Homifax operates a bug bounty program to reward researchers who help us maintain the highest security standards.

Contact Us

For questions about our security practices or to report a concern, please reach out to security@homifax.com. We are committed to addressing your inquiries promptly and transparently.

Homifax reserves the right to update this Data Security Statement as needed to reflect changes in our practices or legal requirements. Please review this page periodically for the latest information.

‍