REVIEW OPTICS

SECURITY POLICY

Will you use my data to build advertising products or sell it to third parties?

No. For more details, visit our Privacy Policy.

Will you disclose or sell the data and PII that I provide you about my customers?

No. We use the data you provide us about your customers only to provide your services and for no other purpose.

How is my password secured?

We securely encrypt your passwords. Passwords are one-way encrypted using the bcrypt algorithm, with a random salt for each password. This means that only the original creator of the password knows its value. This type of encryption is extraordinarily difficult to break. When passwords must be retrieved, public/private key encryption is used, with a key length of 4096 or greater. Access and retention of passwords are strongly controlled and logged.

How do you protect Credit Card and Financial Information?

Review Optics does not store credit card numbers and security information. If you provide a credit card number to purchase a service, it is turned into a secure token by our credit card processing company. We only store the secure token on our systems. We DO NOT collect or store personal financial data, Social Security Numbers, National Insurance numbers, or government-issued ID numbers of any kind.

How can I protect my Review Optics account?

  1. Do not share your Review Optics password with anyone.
  2. Make sure that your password includes both numbers and capital letters and is at least 8 characters in length.
  3. Update your password on a regular basis.

In what country (or countries) is my data stored both on your infrastructure and for backups?

Our customer data is stored on secure servers in the United States on a secure cloud computing platform at Hostgator.

Review Optics solutions are rated as Enterprise-Ready by the prestigious Hostgator program. Services with this designation satisfy the most stringent Cloud Security Alliance (CSA) requirements for data protection, identity verification, service security, business practices and legal protection.

What level of security is in place at your data centers? Amazon Web Services Security

The Hostgator cloud infrastructure represents that it has been designed and is managed in alignment with regulations, standards, and best practices, including:

  1. HIPAA
  2. SOC 1/SSAE 16/ISAE 3402 (formerly SAS70)
  3. SOC 2
  4. SOC 3
  5. PCI DSS Level 1
  6. ISO 27001
  7. FedRAMP(SM)
  8. DIACAP and FISMA
  9. ITAR
  10. FIPS 140-2
  11. CSA
  12. MPAA

Is the data flowing between the business and the vendor's cloud-computing infrastructure secured?

Yes. A proven, standard algorithm with at least a 1024-bit key is used for all communications between cloud servers.

Are you HIPAA Compliant?

Yes. Our products are HIPAA complaint, with employees required to complete HIPAA. Our Business Associates Agreement is available upon request and online.

Are you PCI Compliant?

Yes. Review Optics is PCI DSS 3.1 Compliant.

Do you do background checks on your employees?

  1. Employees go through a background check and a reference check before they are hired.
  2. Employees and contractors all sign a confidentiality agreement.

Where can I learn more about protecting my privacy and security on Review Optics.com?

For more information on protecting your privacy and security, please review our comprehensive Privacy Policy available on our website.access here.

If you have any further questions or concerns regarding our privacy practices, please contact us at info@Review Optics.com or by mail at the following address: Review Optics Inc. Attn: Privacy Officer 345 Sentinel Rd, Suite 1006 Toronto, ON M3J 1V2