Security

Worcade helps you to easily communicate with other organisations. For this, Worcade stores the data you exchange. In this page, we explain how we carefully handle your data to ensure its security.

Do you have any questions or remarks about Worcade security? Send us an email at hello@worcade.com or fill out our contact form.

OWASP and penetration tests

Our developers keep an eye on the recommendations published by the Open Web Application Security Project (OWASP).

An external bureau checks Worcade for known security issues on a regular basis.

Architecture

Worcade operates using Amazon Web Services (in Ireland). Amazon provides Point In Time backups, so we can restore easily when required.

All connections to Worcade are encrypted using HTTPS. Worcade is listed for HSTS preloading so web browsers will always connect to Worcade via HTTPS.

Email messages sent by Worcade are protected against abuse using techniques like Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM) and Domain Message Authentication Reporting & Conformance (DMARC).

TOPdesk integration

Is your organisation using Worcade via TOPdesk? Then it’s good to know that the organisations you collaborate with will connect to Worcade. Other organisations do not need direct access to your TOPdesk environment.

If, for instance, a TOPdesk operator starts a Worcade conversation via a call, Worcade sends the supplier an email message with a link to the conversation. The link opens Worcade. If the supplier hasn’t set a Worcade password yet, Worcade will send a link to log in automatically. Such a link is valid for 14 days.

Access to data

All our employees have signed a confidentially agreement as a part of their employment contract. Our starting point is to allow data access to as few people as possible. For support purposes, we developed a separate tool that limits data access.

Systems are guarded with ip restrictions, unique passwords and two-factor authentication where available.

User accounts

We ask Worcade users to set a password of at least 8 characters which is strong. We store passwords encrypted (including salt).

Privacy statement

We don’t sell your data but make money by selling Worcade Pro accounts.

Worcade keeps your personal data safely within EU boundaries or with organisations for which an adequacy decision of the European Commission is provided. Most of our data is stored at Amazon Ireland.

American organisations we work with all joined Privacy Shield.

You can read more about this in our privacy statement.