Our founder-led engineering team has over a decade of prior experience securely and durably managing petabytes of highly confidential data for some of the world's biggest companies. Here are some ways we keep your data secure at Ampll.
At this point in time, Ampll does not charge for use of our services. When we do, your credit card and billing information will only be stored securely via PCI-compliant industry-leading payment services.
Ampll's preference is to establish account authorization using OAuth. OAuth is an industry standard for authorizing secure delegated access to external apps and service providers. When connecting Ampll via OAuth, we never receive or store your password and you can revoke our access at any time.
For instances where OAuth authorization is not used, Ampll allows you to connect using a traditional username and password system. In these cases, Ampll uses encryption to securely store a representation of your password.
You are responsible to choose secure passwords and to keep them safe. Ampll cannot be responsible for data that is compromised due to an insecure or stolen user password. If using OAuth to authenticate, those underlying passwords must also be kept secure by you.
We take the following steps to keep your data secure at rest and as it transits networks:
In addition to security, it's critical to be able to access your data and services you rely on at all times. We do the following to keep Ampll accessible to you at all times:
Our technical team is governed by a comprehensive Security Trust Policy based on industry best practices.
If you are a security researcher or you believe you have encountered a problem in Ampll's security, please review the following.
Please report any security concerns to firstname.lastname@example.org. If you want to send an encrypted message, please request our public key.
We ask you provide us with a reasonable amount of time to address reports before publishing security-related information.
You are legally restricted from conducting any security research that could result in the destruction of data, interruption or degradation of service. This includes the use of automated tools or scanners: they are likely to cause your IP address to be banned from our network.