At Ballpark we take the security and privacy of our user's data very seriously, and for very good reasons. We are constantly monitoring and improving Ballpark to meet the growing demands and challenges of security.
Every person and team using our service expects their data to be secure and confidential, as such we have gone to extensive measures to protect it. As a rule we don't like to expose too much information about our security practices, ironically for security reasons. However, we understand that security is very important to our customers, so we have decided to share the following information. We hope you find it useful.
Ballpark is EU hosted
Our infrastructure is hosted on servers located in the European Union.
This allows us to meet specific regulatory and compliance requirements of organisations in Europe, including financial institutions, consultancies and government entities. Our data center provider Google Cloud Platform located in Belgium and Germany maintains multiple certifications, including SOC 1, SOC 2, SOC 3 and ISO27001.
Encryption at rest and in transit
All data is encrypted both in transit and at rest using strong encryption.
Secure sockets layer
All user data is transported securely, as all traffic is encrypted in transit via SSL. Encrypting the data protects it from unauthorised modification and man-in-the-middle attacks. We use 256-bit SSL/TLS.1.2 encryption, utilising both the ECDSA and RSA algorithms.
Data centre security
Our hosting environment is Fully-Redundant with disaster recovery procedures. Our cloud hosting providers maintain multiple certifications for its data centers, including ISO 27001 compliance, PCI certification, and SOC. For more information about their certification and compliance, please visit the Google Cloud platform security and compliance website and the Amazon AWS security website.