PrivaTalk Privacy, Technical Specifications and Security

Privacy

No USA PATRIOT Act, No Cybersecurity Information Security Act (CISA)

PrivaTalk prides itself in storing and processing your information in politically and economically stable and neutral country, Switzerland. Switzerland does not abide by the USA PATRIOT Act or CISA. This ensures that your information is safe from competing predators or agencies and entities with personal motives who would pry into your privacy and steal your data without your knowledge.

PrivaTalk is fully compliant with the following:

  • Swiss Federal Act on Data Protection (FADP),
  • Health Insurance Portability and Accountabilty Act (HIPAA),
  • Payment Card Industry Data Security Standards (PCI-DSS).
  • All email data is stored in Switzerland.
  • All messaging, voice and video processed in Switzerland.
  • Voice and Video data is never stored in servers or device.
  • Self Destruct messages delete all messages from devices and servers in Switzerland.

System Support

PrivaTalk supports any operating system and computer hardware capable of running on the latest Chrome browser

PCI-DSS certified hardware architecture including:

  • Third party real time monitoring of all servers, network devices and environment
  • Fully redundant web application servers with full failover capabilities
  • Fully redundant database servers with full failover capabilities
  • Failover network connections
  • Biometric access to all facilities
  • Cameras with motion detection system
  • Fully automated internal backup system to enable quick recovery in the unlikely case of catastrophic failure
  • Hardened, green data center facilities – Swiss data center is 100% green-tech powered
  • Background check for all employees (including executives)
  • All data is stored in a Tier 3 data centre in Switzerland.
  • Data centre is ISO 9001:2008 certified by SGS and ISO 27001:2005
  • Data centre complies with SFB commission security guidelines (Swiss Federal Banking)
  • SLA of 99.999%
  • Follows ITIL®
  • Complete Swiss security and confidentiality assured!

Encryption

At PrivaTalk, all the data, including the user authentication information, is transmitted over the Internet and stored on our servers in encrypted form.

All connections to our servers, for all users, are protected with 2048bit SSL encryption.

Physical Security

PrivaTalk is hosted in a world class Swiss data centers located in Switzerland, renowned for its exacting standards and quality control. PrivaTalk has the physical environment necessary to keep the servers up and running 24 hours a day seven days a week even in case of power shortages and major natural disasters.

These world-class facilities are custom designed with raised floors, HVAC temperature control systems with separate cooling zones and seismically braced racks. They offer the widest range of physical security features, including state-of-the-art smoke detection and fire suppression systems, motion sensors, 24 X 7 secured access, video camera surveillance and security breach alarms.

Network Security

In compliance with the Payment Card Industry Data Security Standard (PCI DSS) we have a 24×7 third party monitoring of our network infrastructure to check for known application and service vulnerabilities. Then we have a yearly on-site audit lasting multiple days where every aspect of the system is audited: from software development to hardware deployment, from personnel policies to passwords management. There are more than 200 criteria that PrivaTalk has to meet in order to keep its compliance level.

Open Web Application Security compliance

PrivaTalk is developed according to the Open Web Application Security Project (OWASP) guidelines and all developers are trained on OWASP. According to the PCI DSS requirements, PrivaTalk developers address all top ten OWASP vulnerabilities.