Worcade helps you to easily communicate with other organisations. For this, Worcade stores the data you exchange. In this page, we explain how we carefully handle your data to ensure its security.
OWASP and penetration tests
Our developers keep an eye on the recommendations published by the Open Web Application Security Project (OWASP).
An external bureau checks Worcade for known security issues on a regular basis.
Worcade operates using Amazon Web Services (in Ireland). Amazon provides Point In Time backups, so we can restore easily when required.
All connections to Worcade are encrypted using HTTPS. Worcade is listed for HSTS preloading so web browsers will always connect to Worcade via HTTPS.
Email messages sent by Worcade are protected against abuse using techniques like Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) and Domain Message Authentication Reporting & Conformance (DMARC).
Is your organisation using Worcade via TOPdesk? Then it’s good to know that the organisations you collaborate with will connect to Worcade. Other organisations do not need direct access to your TOPdesk environment.
If, for instance, a TOPdesk operator starts a Worcade conversation via a call, Worcade sends the supplier an email message with a link to the conversation. The link opens Worcade. If the supplier hasn’t set a Worcade password yet, Worcade will send a link to log in automatically. Such a link is valid for 14 days.
Access to data
All our employees have signed a confidentially agreement as a part of their employment contract. Our starting point is to allow data access to as few people as possible. For support purposes, we developed a separate tool that limits data access.
Systems are guarded with ip restrictions, unique passwords and two-factor authentication where available.
We ask Worcade users to set a password of at least 8 characters which is strong. We store passwords encrypted (including salt).
We don’t sell your data but make money by selling Worcade Pro accounts.
Worcade keeps your personal data safely within EU boundaries or with organisations for which an adequacy decision of the European Commission is provided. Most of our data is stored at Amazon Ireland.
American organisations we work with all joined Privacy Shield.
You can read more about this in our privacy statement.