Security is about preventing unauthorized access: protecting your data from people who are not supposed to hold of it.
Privacy is about preventing inappropriate access: making sure your data are not misused by us, or any of our business partners.
Every connection you make with Kerika is secured using 256-bit Transport Layer Security (TLS v1, v1.1 and v.1.2), the industry standard for browser protection.
(If you are working with a Whiteboard, and you add content from somewhere else onto your Kerika canvas, your browser might warn you about "mixed content". This just means you are viewing a mix of Kerika data and other people's data; it does not mean your Kerika data are at risk.)
We use secure (encrypted) cookies.
We never see your Google or Box password.
We never store your credit card information. When users want to upgrade to a paid Professional Account, we invoice them using PayPal (for smaller enterprises) or traditional invoices (for larger enterprises).
We use Amazon Web Services to store your project and account information. Access to these servers is strictly controlled within the Kerika team and we rely upon Amazon to safeguard the actual computers.
We use Amazon Web Services' US data centers, which means your data are stored in the United States even if you live somewhere else.
Our databases, application and web servers, search engine, etc. are not directly accessible from the Internet because all connections go through an Elastic Load Balancer which is secured with SSL 2.0.
(Want to learn more about VPC at AWS?)
We use various monitoring tools to watch for unusual user activity, such as people trying to gain automated access to the Kerika servers using scripts, or displaying unusual patterns of making requests.