CommPeak’s Security Commitment

Here, you’ll find the robust security measures and practices that CommPeak adheres to regarding your data protection. We go to great lengths to secure our customer’s information on every level, ensuring effectiveness and profitability.

Security Overview

Your calls, messages, and information are safe with CommPeak. We respect your privacy, which is why we’ve taken many measures to ensure its protection.

Moreover, the robust protocols we uphold to provide our customers and site visitors with a safe experience are more than mere legal obligations (i.e., General Data Protection Regulation). CommPeak firmly believes every company has an ethical responsibility to safeguard privacy as well.

Security Level

Physical Security

Our services are hosted on AWS, GCP, Hetzner, LeaseWeb, and others. All of our hosting partners are ISO 27001:2013 compliant.

The certification attests that these data center parks are fully protected from fires and other natural disasters. Only authorized personnel can gain access via electronic control terminals with a transponder key or admission cards. Furthermore, data parks are under 24/7 surveillance and are equipped with diesel power generators for autonomous mode.

Network Security

CommPeak networks’ security teams protect your data against even the most sophisticated electronic attacks. We utilize the best, proven practices of network security.

CommPeak provides the following preventive measures:

  • Network firewalls
  • DDoS prevention
  • Network posture assessments

Application Security Layers

  • Firewalls are in place, exposing only the necessary ports through the internet and between different servers.
  • CommPeak validates all requests to ensure security on the application level.
  • Data is transmitted from the visitor’s browser to the CommPeak system using HTTPS.
  • All data transfers are encrypted by SSL protocol and ciphers.

Certifications and Compliances

EU GDPR

CommPeak is undergoing measures to obtain its ISO 27701:2019, which simultaneously complies with the EU GDPR. We expect the process to be complete May 2021.

PCI DSS

CommPeak utilizes WorldPay and PayPal to accept customer payments. Both financial services companies are certified PCI Level 1 Service Providers, the most stringent security certificate available in the payments industry. CommPeak does not store or process any of our customers’ payment information.

ISO/IEC 27001:2013

As a part of the ongoing commitment to data protection and security practices, CommPeak attained our ISO 27001:2013 certification on Feb 3, 2021. To view our certificate, click here.

How to Report a Security Vulnerability

If you believe you’ve discovered a security vulnerability in our platform, please contact us immediately at [email protected]. Please include the following information to help us investigate the case:

  • A description of the location and potential impact of the perceived vulnerability.
  • A detailed description of the steps required to reproduce the perceived vulnerability. POC scripts, screenshots, and screen captures are all helpful.

Need More Information?

If you have any questions, suggestions, or require further information, don’t hesitate to contact us at [email protected].