Trust and Safety

When you create your account with fileroom, we will send you our non-disclosure agreement on request. We are also happy to sign your company’s non-disclosure agreement if you require. Only fileroom team members working on your jobs for you have access to your information and this is controlled via our Heroku and Citrix Sharefile workflow and process.

In terms of security, fileroom runs on the trusted Salesforce Heroku platform and on industry-leading cloud service provider Amazon Web Services (AWS) (Heroku itself also runs on AWS). We selected Heroku and AWS for a variety of reasons: trust, security, and reliability being top of mind.

Heroku Security Policy is published here: Heroku Security

AWS Security Policy is published here: AWS Security Policy

Fileroom staff have access to your data in your brand room, master files folder, content uploaded by you while ordering services and your delivery box. This is based on permission provided by you on sign-up and again during the ordering process. Fileroom team members will only access information in your content room if authorised by you as part of your job delivery or support request.

Heroku staff don’t access or interact with fileroom data or applications as part of normal operations. There may be cases where Heroku is requested to interact with fileroom data or applications at our request for support purposes or where required by law. Fileroom data is access controlled and all access by Heroku staff is accompanied by fileroom approval or government mandate, reason for access, actions taken by staff, and support start and end time.

The fileroom platform operates on the Heroku enterprise infrastructure designed to protect your information from threats by applying security controls at every layer from physical to application. It provides the simplicity and success of the cloud, combined with the network and trust controls historically only available with on premise, behind the firewall deployments.

Our Heroku enterprise infrastructure is hosted and managed within Amazon’s secure data centres in the United States and utilises the Amazon Web Service (AWS) technology.

For additional information see: Salesforce trust and compliance policies

Fileroom utilises Heroku postgres backups to store a full backup daily. More here: Heroku postgres backups.

Data security is of enormous importance to us, and we take vital steps to ensure we work with compliant vendors to safeguard your information. Fileroom’s credit card processing vendor Braintree uses the latest TLS technology for secure transactions. Braintree is a validated Level 1 PCI DSS compliant service provider.

Cardholder data is managed in the Braintree Vault, using multiple encryption keys with split knowledge and dual control. Your card information while accessible in your fileroom is not stored on the fileroom platform. It is accessed via an application programming interface to Braintree.