Security is about preventing unauthorized access to your information: protecting your data from people who are not supposed to hold of it.
Privacy is about preventing inappropriate use of your information: making sure your data are not misused by us, or any of our business partners.
Every connection you make with Kerika is secured using 256-bit Transport Layer Security (TLS v1, v1.1 and v.1.2), the industry standard for browser protection.
(If you are working with a Whiteboard, and you add content from somewhere else onto your Kerika canvas, your browser might warn you about "mixed content". This just means you are viewing a mix of Kerika data and other people's data; it does not mean your Kerika data are at risk.)
We use secure (encrypted) cookies.
We never see your Google or Box password.
We never store your credit card information.
When you upgrade to a paid Professional Account, from inside the Kerika app, your payment is processed by Stripe; Stripe tells us how much you paid, but never shares your credit card information with us.
Some people choose to pay using PayPal. Same deal: PayPal tells us how much you paid, but never shares your credit card information with us.
We use Amazon Web Services to store your project and account information. Access to these servers is strictly controlled within the Kerika team and we rely upon Amazon to safeguard the actual computers.
We use Amazon Web Services' US data centers, which means your data are stored in the United States even if you live somewhere else.
Our databases, application and web servers, search engine, etc. are not directly accessible from the Internet because all connections go through an Elastic Load Balancer which is secured with SSL 2.0.
We use various monitoring tools to watch for unusual user activity, such as people trying to gain automated access to the Kerika servers using scripts, or displaying unusual patterns of making requests.