Protecting your data and privacy

At Envoy, we understand the sensitivity of your data, and we’re committed to ensuring confidentiality and reliability as critical components of our service to you.

Download PDF

Keeping your data secure

Envoy’s secure infrastructure, commitment to reliability, and third-party testing work together to safeguard your data.

Read more

Protecting your privacy

Keeping your visitors’ and employees information safe is a responsibility we take incredibly seriously. Our policies and controls are designed to protect the collection, use, and disclosure of this information.

Read more

Supporting your compliance needs

We’re committed to helping you meet your compliance strategies, in addition to enhancing our own body of certifications.

Read more

Keeping your data secure

Keeping your data secure

Our infrastructure

Data encryption

All customer data is transferred securely using TLS v1.2 and above from the iPad app and Envoy dashboard to the cloud. All requests are routed through Cloudflare which acts as a firewall. At rest, data is encrypted using AWS for databases and Cloudflare for object storage. Both AWS and Cloudflare use AES256 for disk encryption. Our IT infrastructure is 100% cloud-based.

Data storage

When your iPad or mobile device is connected to a network, data syncs to Envoy automatically, and all records are stored in Envoy’s database. Backups are taken every day and stored off-site in either the AWS US-East-1 data center in Virginia, US-West-1 data center in California, or US-West-2 data center in Oregon. AWS oversees the physical security of these facilities and tightly controls who has access.

Diagram of Envoy's data storage systems

Data retention

Envoy customers have options when it comes to what data they retain and which responses they retain from employees and visitors.

For companies on Visitors Basic and Standard plans, Envoy stores visitors’ responses to your sign-in and purges employees’ responses to your Protect health check. Companies on Premium and Enterprise plans can choose to save or purge the responses to both their visitor sign-in and employee health check. Retention settings can also be managed on a question by question basis for additional flexibility.

When you choose to purge responses, responses will be sent to Envoy’s server to determine if that person is approved or denied entry. This occurs in sub-seconds and then the data is deleted and not saved to our database. We run periodic jobs to ensure all data, except for the screening result (approved or denied) is deleted within 24 hours on all of Envoy’s databases.

We only delete or purge data upon explicit request. Customer data is available for download as a CSV file through the dashboard or via our API. Data can be anonymized, which removes all personally identifiable information from your Visitor Log, upon request. Envoy may retain customer data for up to 30 days after the termination of the contract.

Reliability

Up time

We understand the importance of reliability and aspire to a 99.9% uptime. Envoy proactively protects against denial-of-service (DoS) attacks using CloudFlare’s advanced distributed DoS protection. We continually monitor uptime through third parties like Pingdom. You can view our current uptime and product status by visiting status.envoy.com.

Offline mode

If devices become disconnected from a network connection, visitors can continue to sign in on the iPad, and their data will be stored locally on the device. Upon reestablishing network connectivity, all locally stored visitor data will sync to Envoy. While offline, ID scanning and host notifications will be unavailable.

Third-party verification

Vulnerability testing

We seek out and proactively address vulnerabilities and exposures in Envoy’s code and dependencies through automated tools, peer-review, penetration tests, and a public bug bounty program. All public access to our applications is proxied through Cloudflare which detects and automatically blocks unexpected traffic. Contact us to submit a bug to our bug bounty program.

Service Organization Controls (SOC)

Our security processes and controls are verified to meet SOC 2 Type II security standards. This includes using two-factor authentication, encrypting computers, logging administrator actions, tracking access grants using verified policies, and following repeatable processes for a consistent and secure customer experience.

Protecting your privacy

Protecting your privacy

Privacy policy

We have a strict policy to respect the privacy of sensitive customer data: we will never sell your visitor or employee data, and we will not contact your visitors or employees without explicit permission. Our support team will only access your account in the event of a technical support issue that requires real-time access.

Employee and visitor privacy

If you choose to ask questions about your employees’ or visitors’ health, you can choose to discard their responses and keep them private to those individuals. If you choose to discard responses, your team will not have access to this data in any form, whether through a dashboard, report, or otherwise. To help your team keep your workplace safe, administrators can see if someone was approved or denied entry based on their responses.

Access management

Envoy makes it easy to centrally manage data and permissions for multiple facilities, no matter where you’re located. Role-based administration allows customers to provide the right Envoy access to specified team members on global- or location-specific levels. And SAML can be utilized to integrate with your single sign-on identity provider to further regulate access.

EU General Data Protection Regulation (GDPR)

We have made significant efforts to ensure we are in compliance with the General Data Protection Regulation (GDPR) and to help our customers comply with GDPR contractual obligations. To enter into Envoy’s Data Processing Addendum (DPA), please contact [email protected] to receive a copy for review and signature.

California Consumer Privacy Act (CCPA)

Envoy complies with the CCPA (California Consumer Privacy Act), which became effective January 2020. As currently defined in CCPA, Envoy will operate as a Service Provider under CCPA to its customers.

When you visit our website or use our services, we realize you are entrusting us with your information. We are committed to keeping that trust, and that starts with sharing our privacy practices including helping our customers and users understand and exercise their rights under the CCPA.

Please contact us at [email protected] for the following actions related to CCPA:

  • More general information or questions on how Envoy is complying with CCPA
  • To request a copy of our Data Processing Agreement (as it pertains to CCPA)
  • For Business Customer requests to review, correct, update, delete or otherwise modify any of their data that may been collected through Envoy
  • To unsubscribe from marketing emails (please put “unsubscribe” in the subject line)

Supporting your compliance needs

Supporting your compliance needs

We understand the impact that compliance requirements have on your business. That’s why we're committed to providing features that may help you with your compliance strategies, in addition to enhancing our own body of compliance certifications.

Envoy helps support compliance with the following standards and regulations:

  • EU General Data Protection Regulation (GDPR)
  • Service Organization Controls (SOC)
  • International Traffic in Arms Regulations (ITAR)
  • FDA Food Safety Modernization Act (FSMA)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Gramm-Leach-Billey Act (GLBA)
  • Customs-Trade Partnership Against Terrorism (C-TPAT)
  • Federal Information Security Modernization Act (FISMA)

Learn more about how Envoy can help you comply with these regulations on our compliance certifications page. You can also request to view our compliance documents.