Security at Mooncamp

Enterprise-grade data protection

Mooncamp includes a powerful set of data protection product features that give you the control and flexibility you need to manage all your security challenges.
Data protection

Secure and reliable infrastructure

Hosting

Mooncamp is hosted on Hetzner Cloud servers in a data center located in Germany. Hetzner Online GmbH is a leading German "Infrastructure as a Service" provider serving numerous German and international customers. The data centers we use are subject to the highest security standards and guarantee high availability and fail-safety, which are certified according to ISO 27001, among others.

Encryption

Data is encrypted in-transit using bank-grade TLS 1.2, the safest and most robust method available today. Data is encrypted at-rest using industry-standard 256-bit encryption.

Single Sign-On

Single Sign-on (SSO) allows you to authenticate users in your own systems without requiring them to enter additional login credentials for Mooncamp.

Permission management

Mooncamp's powerful administrative access controls allow for extremely granular permission management. Create roles with custom rights and assign them to different users or groups (Role-based Access Management). Configure access (read, edit, admin) of entities based on custom properties you can create and assign to each user (Entity-based Access Management).

Monitoring

Our developers closely monitor Mooncamp's application status and are immediately notified by our monitoring system, once internal errors or potential errors of our various integrations are logged. This usually allows us to identify the problem within minutes and quickly resolve the situation.

Recovery

Mooncamp's databases are backed up hourly and can be restored if the software or server should ever fail. The backups are stored in various European data centers for additional security. Please note that we cannot restore individual customer accounts. If you delete something in your account, it will actually be deleted.

Enterprise-ready Compliance

GDPR Compliance

The GDPR, or General Data Protection Regulation, is a European privacy law that went into effect in May of 2018. It regulates how personal data of individuals in the EU can be collected, used, and processed by businesses. The law impacts both European companies and businesses with European contacts. Mooncamp provides safeguards to protect your data by design and by default in order to comply with all GDPR requirements. Furthermore, we’re committed to helping Mooncamp customers and users understand, and where applicable, comply with the GDPR. Mooncamp has specific customer tools and processes to ensure compliance with GDPR requirements.

A list of the GDPR-compliant subcontractors Mooncamp relies on to provide its services can be found here:

List of Subcontractors

A transfer of data to a state that is neither a member of the European Union nor of the European Economic Area is only carried out in compliance with the General Data Protection Basic Regulation (GDPR) and only if the specific requirements of Article 44 et seq. of the GDPR are met. In particular, such a transfer requires a clearly regulated, contractual agreement between Mooncamp and the respective service provider, which guarantees at least the same level of data protection. This can be done, for example, in accordance with the standard contractual clauses established by the European Commission.

Incident Response

Security breaches will be communicated and vulnerabilities are fixed ASAP. Custom response time policies are available for enterprise clients.

Data Processing Agreement (DPA)

As soon as you become a customer, both parties can sign a DPA. This contract defines how we may treat your data, which security measures are contractually guaranteed and which rights you have. The contract is required to be fully compliant with the GDPR.

Service-level Agreements (SLA)

Mooncamp offers custom service-level agreements to enterprise clients to make sure all aspects of the service – quality, availability, responsibilities – are meeting the requirements of the service user.

Commitment to Security

Secure Software Development

Secure software is the result of security aware software development processes where security is built in and thus software is developed with security in mind. Mooncamp utilizes a variety of manual and automatic data security and vulnerability checks throughout every stage of the software development lifecycle.

Security Team

Mooncamp has dedicated staff roles in place that ensure that our security and privacy policy are reviewed, updated, tested, and maintained continuously.

Disclosure Policy

If you’ve discovered a vulnerability in the Mooncamp application, please submit a report to us via the button below. We review all security concerns brought to our attention, and we take a proactive approach to emerging security issues. Mooncamp strives to stay on top of the latest security developments both internally and by working with external security researchers and companies.