Overview

At Watermelon we take the privacy of your data very seriously and we work as hard as we can to protect it. Watermelon runs daily checks and tests to make sure your data is safe.

Watermelon recommends you read this security policy carefully, as well as our general conditions and privacy policy.


Our Team

The infrastructure and security team of Watermelon includes people who are experienced in software development and its exploitation and protection.

For more information check out www.considerati.com .

Watermelon employees do not have access to the contents of your data. If for any reason Watermelon needs to access your data, we will only do so after obtaining your explicit permission.

Circumstances may arise which make it necessary for Watermelon employees to access the systems which store your data. If so, Watermelon will always make sure employees do not access your data directly.

All Watermelon employees receive periodic security training and are asked to read a security manual which they then sign to confirm it has been carefully read. This manual extensively discusses the subjects of data security, availability and reliability.


Servers

Watermelon doesn’t have its own physical servers, routers or DNS servers. All of our servers and routers are in the cloud and are hosted by Leasweb in Amsterdam and Almere. This organisation meets the ISO27001 and NEN7510 norms.

All our servers are located in a virtual cloud with network access control lists to ensure that any unauthorised requests do not end up in our internal network.


Backup and Service Levels

At Watermelon the continuity of our service is one of our top priorities. Watermelon safeguards your data by means of a routine backup procedure.

First we make backups of all your saved data at least once every day. Backups are saved onsite once a day as well as offsite at least once every two days.

Your data is spread out over several data centres, which means your data will still be safe even if one of the data centres fails.

Watermelon saves all backups for a maximum period of 90 days. Backups over 90 days old will be destroyed.

In case of emergency, backups can be used for contingency procedures, utilising buildings, infrastructure and hardware owned by third parties, with whom Watermelon has concluded an agreement, as fall-back facilities.

Watermelon aims for an availability rate of 99,9% or higher. Check out the current status of Watermelon’s services at https://status.watermelon.co/ .


Data

Your data is stored at locations which store details of several customers. We don’t offer individual data storage locations.

All of your data will be stored encrypted.

The computer centre where Watermelon servers are located, is located in The Netherlands. Physical access to the computer centre can only be obtained after authorisation has been granted. The computer centre’s security meets every standard of security, management and continuity to be expected from a professional computer centre. Watermelon has concluded agreements with the aforementioned computer centres to the effect that customer data, including backups, will always be stored in The Netherlands.

Watermelon further ensures that customers can at no time access each other’s data.


Data Transfer and Access Levels

All data sent to and from Watermelon is encrypted. Watermelon uses an SSL connection.

All of Watermelon’s services are kept safe using a Secure Socket Layer (https). Watermelon uses two-factor authentication and strict password policies for GitHub, Google, Leasweb and Watermelon software to make sure our services are protected.

Watermelon uses access levels for employees with access to Watermelon software. These levels determine access to payments and/or customer data and/or the ability to send messages.


Audit

Watermelon regularly has an audit conducted by an independent external party in order to guarantee that it complies with this security policy.


Security Log

Watermelon keeps a detailed log of the security, monitoring, availability, accessibility and other statistics concerning services offered by Watermelon.


Data Leak Notification

In case of a security breach Watermelon shall notify you as soon as possible of all unauthorised access to your data. Watermelon has a policy and procedures to deal with such events.

Watermelon B.V. is registered with the Dutch Data Protection Authority. Watermelon’s registry number is: 1646183.

Do you have any questions about our security policy? Please contact Watermelon at: contact@watermelon.co


Try us, it’s free!

We’re just as flexible as Watermelon Messenger. Create a free account, or start a free 14-day trial of all our features. No strings attached.

Start Free Trial Create Free Account