Data Security

Below is an overview of how Zelt manages customer data; however, for more information, contact hello@zelt.app

1. What data does Zelt store?

In line with GDPR principles, any personal data collected by Zelt is for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes. Essentially we will only collect and store mission-critical information to help you manage your company’s operations and improve the overall employee experience.

This means we never store your passwords, payment information or cookies from other websites (we only use secure cookies, which don’t store any personal information locally).

We will also never sell or share your data with third-party providers without your explicit consent, i.e. when connecting a chosen third-party app to Zelt.

Read more about GDPR and our ICO Register

2. Where and how is data stored?

With Zelt, all your data is stored using Amazon Web Services (AWS). AWS is a recognised provider of secure network architecture to protect your information, identities, applications, and devices.

The data is stored in the AWS EU (London) Region that is designed and built to meet rigorous compliance standards, including ISO 27001, ISO 9001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC3, PCI DSS Level 1, and many more.

Read More about AWS security

​3. Does my data get transferred?

Every time you access Zelt services on the website, you transfer some data across to the browser. We encrypt each transfer at 256-bit and send it through TLS 1.2 (HTTP over TLS), adhering to the FIPS 140-2 certification standard. Each session is limited to 2 hours of idle time.

​4. Who can see and access my personal data inside and outside of my account?

Zelt employees do not have access to your company’s user accounts inside the app.  Within the application, we have created Permission Groups, so you can be in control of your company’s internal data governance and can set visibility rules on a needs basis. As a standard user (i.e. regular employee), you don’t have to worry about sharing certain sensitive personal information, such as your address or bank account details, as only admins can see them.

5. Is my data backed up?​

Our uptime is >99.9%; however, in the unlikely event of data loss, we save the last working version of Zelt every day and can restore it in a matter of a few minutes.

​6. Is my activity monitored on Zelt?

​For the purposes of user experience improvements and general usage statistics, we keep a record of anonymised logins and high-level actions such as “Application added” or “Device added”. For audit purposes, we also keep track of changes made to users’ profiles that you can see at the bottom of each user’s profile if you have the necessary permissions.

​7. What are Zelt’s other security practices?