Security and Confidentiality

Ensuring confidentiality and protecting your information requires a multi-faceted approach:

1) Physical and cloud security of the data and servers housing your information is handled by Google Cloud Data Centre Security. This is a paid commercial service completely unlike Google’s free services (eg. Gmail) which are not confidential. Google Cloud Services are used by organizations around the world to secure some of the most sensitive personal information imaginable, such as the DNA of millions of humans as part of the Human Genome Project.
Read more here: https://www.google.com/about/datacenters/data-security/


2) User credentials (username + password) are a common attack point for hackers seeking personal information. It’s for that reason AvvyPro doesn’t use them. Instead users access their information via ephemeral (time sensitive) login links sent directly to their personal email inbox. If you’re in control of your inbox, you’re in control of the one and only key to your personal information.


3) Anonymized aggregate reporting on the system is handled from a secondary database to the one users access via their dashboards. The reporting database’s information has been disassociated from the users, and contains an anonymized set of aggregate answers which are not attributable to any individual.


4) Third party sharing of personally attributable data is never done by AvvyPro. The one and only exceptions are legal regulatory programs explicitly requiring it (eg. mandatory audits), in which case the user is made fully aware their personally attributable information will be seen by their regulator.