Data Security

Privacy and GDPR

iSpring respects your right to privacy, and understands that while visiting our websites, using our products and services, or otherwise interacting with us, you prefer to control the way your personal information is stored and processed.

iSpring is committed to protecting customers’ and end-users’ data from unauthorized access. We maintain compliance with the General Data Protection Regulation (GDPR) and help our customers to comply with GDPR and other similar regulations.

We use the Data Processing Agreement (DPA) as part of the License Agreement or other written or electronic agreement between you and iSpring for the purchase of iSpring web services and Standard Contractual Clauses (SCC) as amendment to the DPA to fulfill requirements for contracts between controllers and processors in Article 28(3) and (4) of Regulation (EU) 2016/679 and of Article 29(3) and (4) of Regulation (EU) 2018/1725.

Trusted hosting providers

We work only with trusted hosting providers:

The data of customers located in the European Economic Area (EEA), the European Union (EU), Switzerland and the United Kingdom is stored and processed at AWS (Dublin, Ireland; Frankfurt, Germany) and at FirstColo (Frankfurt, Germany). The contact information of our client companies and their contact persons is stored and processed at Leaseweb (Manassas, VA, USA).

We store data of our clients from the US, Canada and other regions (except EEA, EU, Switzerland and the United Kingdom) at Leaseweb (Dallas, TX, Manassas, VA, Chandler, AZ), and process at Liquid Web (Lansing, MI) and AWS (N. Virginia; N. California, Oregon.

Regardless of where your information is stored or processed, we apply the same protections described in this Policy.

For more information to help you conduct Data Transfer Impact Assessment in connection with your use of iSpring products, please visit this page.

Data protection

iSpring stores data on multiple hosting providers to re-route traffic in case of an emergency. We use a secure HTTPS connection with a firewall to protect our customers’ information.

iSpring uses backup technologies to avoid data loss and interruption of service in case of hardware issues.

We at iSpring monitor the performance of our servers 24/7, including CPU load, RAM usage, free space on the drives, so we can guarantee the efficacy of all our services.

iSpring is continuously implementing the most up-to-date technologies to provide our customers with the highest level of information security. We perform internal and third-party penetration tests and monitor our security system for vulnerabilities on a daily basis.

iSpring Web Services are firewall friendly and can be easily integrated into the network infrastructure of most companies.

You can always contact our tech support team in case of any technical issues.

Employee access

The iSpring team comprises carefully selected trustworthy professionals. We thoroughly check the background of every employee, contractor or agent who will have access to customer data. Administrative access is granted selectively and provisionally only to those who have confirmed business needs.

iSpring Certification

iSpring takes customers’ security very seriously and regularly undergoes third-party audits and certifications to demonstrate its compliance with international information security standards.

ISO 27001

ISO 27001 is an information security standard, containing the best practices for information security management. Meeting ISO 27001 requirements helps organizations protect their information assets so they can be considered trustworthy.

Click here to request the documentation

ISO 27701

ISO 27701 is an extension to ISO 27001 that aims to reduce risk to the privacy rights of individuals. It adds requirements to the existing Information Security Management System (ISMS) to establish, implement, maintain, and continually improve a Privacy Information Management System (PIMS).

Click here to request the documentation