Keeping your data safe
Juro operates on servers that comply with strict international standards. These standards include ISO 27001, ISO 9001, ISO 27017, ISO 27018, C5, Cyber Essentials Plus, DoD SRG, FedRAMP, FIPS, PCI DSS Level 1, SEC Rule 17-a-4(f), SOC1, SOC2 and SOC3.
Access to infrastructure at Juro is securely controlled via VPN. Access to critical third party software providers used by Juro are limited to VP-level employees only and protected by 2-factor authentication.
Data is stored in the EU region by default on AWS servers and is continuously backed up. Our data centres are protected by physical access controls, intrusion and fire detection systems and 24/7 professional security staff. Authorised staff must pass two-factor authentication a minimum of twice before accessing data centre floors. Visitors are continually escorted on the premises.
Connections to Juro are encrypted using 256-bit SSL with integrity assured by the SHA2 ECDSA algorithm.
All contracts are version controlled by AWS S3 by defaults, so there’s a permanent trail not only on the database level but also on the storage level. All connection details (including passwords) are encrypted when stored on our servers.
Juro’s audit trail delivers a permanent record of transactions in Juro incorporating IP addresses and user information. Documents are timestamped backed up instantly by AWS services. Customer and activity data and audit trail is backed up on an automated basis every 6 hours and stored in AWS. Managed MongoDB instances are protected by 2-factor authentication and can be encrypted on demand.
We have continuous resource and infrastructure access monitoring in operation 24/7, 365 days a year. Any alerts generated by our monitoring system are sent to senior team members immediately and actioned. Juro uses various third parties (including Sqreen.io and Cloudflare) for vulnerability testing and app protection (WAF).
Regular third party audits are conducted at Juro to ensure we use the latest technologies and best practices to protect data. All employees at Juro are trained in data security and are bound by strict confidentiality provisions.
Security testing is an essential part of our quality assurance process when releasing updates or new features. All of our people are trained in these development processes prior to joining Juro as full time employees.
Our servers on AWS comply with applicable EU data protection laws and the AWS Data Processing Agreement incorporates the Article 29 Working Party Model Clauses.
By default, Juro offers leading data security technologies and procedures. However, should customers wish to enhance this further we offer additional security options. These include:
Hello. We are Juro Online Limited (known by humans as Juro). Here's a summary of how we protect your data and respect your privacy.
The following services help us keep Juro running by storing or processing your data on our behalf:
We collect data from people browsing our website, customers of Juro and people who view / sign contracts through Juro, when...
DATA YOU GIVE
DATA WE COLLECT
You browse any page of our website
You request a demo of Juro
We call you
You use Juro
You receive emails from us
You view and sign contracts
You chat with us for customer support
You connect integrations (like Slack)
You opt-in to marketing messages