​

This policy outlines: 1) Quantum of Value’s security practices and resources and 2) your security obligations. This policy is incorporated by reference into the Quantum of Value Terms of Service.
This Privacy Policy covers the information we collect about you when you use our products or services or otherwise interact with us (for example, by attending our premises or events or by communicating with us) unless a different policy is displayed. We refer to our products, services, and websites as “Services” in this policy.
This policy also explains your choices surrounding how we use information about you, including how you can object to certain uses of information and access and update certain information about you.  If you disagree with this policy, do not access or use our Services or interact with any other aspect of our business.
Where we provide the Services under contract with an organisation (for example, your employer), that organisation controls the information processed by the Services.”

Your Obligations

Our documentation may specify restrictions on how applications may be configured. You agree to comply with any such restrictions as specified.
You are responsible for properly configuring and using the Services and taking steps to maintain appropriate security, protection and backup of Your Content, which may include using encryption technology to protect Your Content from unauthorised access and routinely archiving Your Content. Where security controls or data backup are offered as part of the Services, you are responsible for implementing those features according to our instructions. You are ultimately responsible for determining the sufficiency of the security controls applied to your Applications and data.
Service access credentials and private keys generated by the Services are for your internal use only. You may not sell, transfer or sublicense them to any other entity or person, except that you may disclose your private key to your agents and subcontractors performing work on your behalf.
Reporting Security Vulnerabilities
If you discover a potential security vulnerability, please let us know as soon as possible. We require that you notify us in private via contact_us@quantumofvalue.com. Publicly disclosing a security vulnerability without informing us first puts the community at risk. When you notify us of a potential problem, we will work with you to ensure we understand the issue's scope and cause. 

 

Our Obligations

Without limiting any provision of the Terms of Service, we will implement reasonable and appropriate technical and organisational measures designed to help you secure Your Content (and any personal data as defined in the Data Protection Act (“DPA”)) against accidental or unauthorised loss, access or disclosure.

We will take all necessary steps to ensure that your Content and personal data are treated securely.

Transmission of information via the internet is not completely secure. We will do our best to protect your personal data; we cannot guarantee the security of your data transmitted over the Internet from your access point; any transmission is at your own risk. 

Without limiting any provision of the Terms of Service, we will implement reasonable and appropriate technical and organisational measures designed to help you secure Your Content (and any personal data as defined in the Data Protection Act (“DPA”)) against accidental or unauthorised loss, access or disclosure.
We will take all necessary steps to ensure that your Content and personal data are treated securely.
Transmission of information via the internet is not completely secure. We will do our best to protect your personal data; we cannot guarantee the security of your data transmitted over the Internet from your access point; any transmission is at your own risk. 
 

Our Security Practices
Quantum of Value information security management is aligned with the ISO/IEC 27001:2013 framework, which specifies the requirements for establishing, implementing, maintaining and continually improving a comprehensive information security system and risk management capabilities.
 

External security audits and penetration tests
We work with Web Applications and infrastructure security leaders to perform penetration tests and audits of the Performalise platform. We monitor our product for security vulnerabilities as the product grows.

 

Encrypted traffic
All transmissions to and from Performalise, including sign-on, are encrypted at 256-bit and sent through TLS 1.2, adhering to the FIPS 140-2 certification standard. 
 

Where are my files hosted?
All of your data and files are hosted in a secure physical location. Our servers are stored in multiple data centres of Amazon Web Services across the US. Amazon has outlined their security measures, which you can find here.
 

Availability
We're committed to making Performalise a highly available service you can always count on. Our services support high-availability clustering and achieved 99.88% uptime in the last 12 months.

 

Contact Information

Don't hesitate to contact us with questions or comments about this Policy, your personal information, our use and disclosure practices, or your consent choices by email at contact_us@quantumofvalue.com.

​

Dec 2022