Security Practices

Peel applications are hosted on Amazon Web Service Fargate which meets the standards for PCI DSS Level 1, ISO 9001, ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3, and HIPAA eligibility. We store customer account data in encrypted Amazon RDS databases and have an additional encryption layer for your data source credentials not to allow our staff to have access to them. Additionally, thanks to Fargate, our application servers are not accessible to anyone on our team. Our website and servers use HTTPS over SSL (TLS 1.3) to protect your data.

Database access and data storage

Peel accesses your database directly from our application servers using TLS encryption when available, and stores all data in private Amazon S3 buckets monitored by Amazon Security. Only our applications are granted access to the data on S3 when updating or reading and analyzing them. All files are deleted within 60 days or sooner automatically. By design, Peel will never ask you for Personally identifiable information (PII) about your users or customers not to ever download or store it.

Shopify connection

Similar to databases access, Peel only ever accesses Shopify orders for analytics personal data is never retrieved. We store all data in private Amazon S3 buckets monitored by Amazon Security. The data from your account is only ever used for analyses on your account.

We know how critical the stability of our clients’ stores is and we do not request “write” access never to influence the content of the stores in any way. 

Sign-in with Slack

Peel uses Sign-in with Slack. Slack interfaces with SSO providers, handles two-factor authentication, and confirms email addresses but will not share your password with Peel. Peel will store your Slack User identifier, your username on Slack and your email address; they will all be updated each time you login to Peel. 

Slack notification

Peel uses Slack’s standard “incoming webhook” to send messages to the one channel your or your teammates specified during setup. We find that this is the least intrusive access level and it does not grant Peel the ability to read messages on your Slack workspace. 

Did this answer your question?