Security

A common concern for buyers of cloud services is data security and privacy of data.

The following information relates to our security practises and is provided as deliberately high-level and generic as this webpage is in the public domain. Further technical details can be provided to qualified buyers upon request.

Data Centers

PoolCar exclusively uses Rackspace data centers and servers. Rackspace is the world's number one managed cloud provider. Our servers are located in Australia, UK and the United States.

For thorough and detailed information relating to how Rackspace handle security, please refer to this page in particular. It providers a general overview with links to drill down for more information.

Data Sovereignty

Customers who choose PoolCar will be hosted on the most appropriate server, geographically speaking. Data sovereignty refers to how data travels across countries and different legislation. Data belonging to customers who are hosted on a cloud server of a given country will remain in that country and not be transmitted offshore.

Data Encryption

PoolCar database backups are stored as encrypted files and retained for a specified period of time. In addition to database backups we also backup the entire server image.

Data can be optionally encrypted in transit with our  complimentary shared SSL certificate and also encrypted at rest using industry standard encryption technologies.

Data Privacy

As PoolCar is an Australian domiciled company, the Australian Privacy legislation applies.

Our Privacy Policy can be downloaded here.

Multi-Tenant Architecture

Each customer has its own separate database running off the one application version, commonly referred to as multi-tenant. This means your data is not stored in a big bucket with everyone else's data - it is fenced and partitioned off inside its own separate database.

Data Ownership

Our standard Service Level Agreement (SLA) has a clause that clearly states the customer owns their data. PoolCar does not own the data and in the unlikely event a customer should wish to change providers, PoolCar can provide a quote to extract the data into Microsoft Excel so that it can be imported into another system.

Penetration Testing and Vulnerability Scanning

PoolCar takes security seriously with a posture that reflects being a good house-father of customer data. We use industry leading tools such as Tenable products and Kali Linux for automated vulnerability scanning and penetration tests. Scan results are available to qualified buyers upon requests.

If you are currently evaluating different vendors for fleet management software or vehicle booking systems, don't be afraid to ask them about their security practises and see how theirs compares!