Security

At Doozy we value your security and privacy, ensuring we follow industry best practices to keep your data safe and secure.

Secure Infrastructure

Google Cloud

We utilise Google Cloud for our primary backend infrastructure.

Your data is stored in Firestore and automatically encrypted using 256-bit advanced encryption. Learn more

Google Cloud is SOC 2 and ISO 27001 certified. You can learn more about Google Cloud compliance here.

Vercel

Our front-end app is hosted on Vercel and all requests are secured with industry standard encryption.

Vercel is SOC2 and GDPR compliant.

Learn more about security at Vercel here

Daily.co

We use Daily.co to provide the Video + Audio features with Doozy. Daily.co are an industry leader using the latest best practices in Security. All calls are encrypted and no audio or video data is stored on ours or Daily.Co's servers.

Daily.co are SOC2 and GDPR compliant.

You can learn more about Daily.co and their security practices in their Security Centre

Operational security

We have a number of policies in place to ensure our systems stay secure.

• We require 2FA to access production systems and we operate on the principle of least privilege. Access to our core systems is audited and reviewed regularly.
• All code changes must be reviewed and tested before being deployed.
• Dependencies are regularly updated and we use Dependabot to alert us of security vulnerabilities.
• We run on serverless infrastructure so security patches are automatically applied by Google and Vercel.

PCI Obligations

All payments are made through Stripe. Details about their security setup and PCI compliance can be found at Stripe’s security page.

If you have any questions, get in touch with the team at security@doozy.live