Privacy and Security

Security and Reliability Safeguards

在FreshBooks，我们知道我们的客户依靠我们作为业务流程和记录保存的重要组成部分。我们认真对客户的责任，以及构成新鲜簿应用的软件，系统和数据的安全性和可靠性是我们的首要任务。

Security

SSL.

All information traveling between your browser and FreshBooks is protected from eavesdroppers with 256-bit SSL encryption. The lock icon in your browser lets you verify that you aren’t talking to a phishing site impersonating FreshBooks and that your data is secure in transit.

防火墙

The FreshBooks application – including your data – rests securely behind firewalls.

Vulnerability scanning

FreshBooks’ servers are scanned for vulnerabilities regularly by Sikich LLP, our managed security provider. These scans test our servers both from the Internet and from inside our network, and any newly-identified problems are addressed as quickly as possible.

Strong encryption

FreshBooks uses industry standard encryption protocols and practices to responsibly transmit sensitive information (including cardholder data).

Physical security

The FreshBooks servers are located in state-of-the-art datacentres, which provide biometric access controls, constant surveillance, redundant power feeds and generators, robust fire suppression, and carefully monitored climate control to protect the servers that store your data and manage your billing.

PCI Compliance and Card Holder Data

Cardholder data should only be input by the user in areas that explicitly require it. FreshBooks handles cardholder data in accordance with PCI Data Security Standard requirements.

Where cardholder data storage is required (i.e. automatic payments on recurring templates) FreshBooks leverages PCI DSS Level 1 Compliant partners who undergo an annual audit of its infrastructure. In addition, FreshBooks maintains its PCI DSS Level 1 compliance and has its audit conducted by an independent third-party on an annual basis. A PCI attestation of compliance (AOC) can be requested tosecurity@freshbooks.com.

安全开发实践

FreshBooks developers follow the secure development practices described in OWASP. Furthermore, we subscribe and adhere to the principals of least access.

Breach Notification

If there is a security and/or privacy breach that occurs, we will notify the necessary authorities and impacted customers within the legally required timelines based on the Applicable Data Protection Law.

可靠性

冗余服务器和数据中心

FreshBooks基础架构使用冗余存储和服务器来保持应用程序和您的数据，在硬件故障的情况下可用 - 以及另一组服务器和存储在地理上单独的数据中心中的存储器，以防我们的主要数据中心无法通过灾难或其他中断。

Managed hosting

The FreshBooks Application utilizes Google Cloud Platform (GCP) for hosting requirements. With a vast array of clients with varying needs, GCP provides an environment that allows for the fast delivery of features, continued product innovation, reliable security and stability and a reduced chance of downtime.

Backups

您的FreshBooks帐户中的数据在两个地理位置中的多个数据库服务器上复制，以防止单个故障导致数据丢失。此外，该数据将夜间备份到磁带并存储在安全的场外位置，以确保即使在灾难等龙卷风或洪水的情况下，您的信息也将是安全的，您的记录可以快速恢复。

如果您有任何安全问题或问题，请随时与我们联系directly.

负责信息披露的安全漏洞

If you are a security researcher and think you’ve found a security vulnerability with our service, product, or website please see ourresponsible disclosure policypage for details on how to report it to us.