Safety & Security

The safety of your business relies on the tools that you use. Elevation goes the extra mile to make sure our Service is secure, reliable and worth your trust.

Physical security

Elevation is hosted in secure-by-design Amazon Web Services facilities that continually manage risk and undergo recurring assessments to ensure compliance with industry standards. This includes independent policies for physical access, monitoring & logging, surveillance & detection, device management, operational support systems, infrastructure maintenance, and governance & risk. For more information on the AWS physical security processes, click here.

System Security

Elevation’s system installation is using a hardened, patched OS with dedicated IAM user keys to access and password to limit access and protect against attacks. We also employ industry-leading solutions to mitigate DDoS attacks.

Data exchange

All private data to and from Elevation is transmitted over SSL. All communication with the repository is done over SSH authenticated with keys.

Payment details

Users can optional add a credit card to their profile, we’ll ask for the details of a user’s credit card including: card number, expiration date, security code, and zip code. We do not store this information on our servers: we are using Stripe, an external provider used by companies like Lyft, Kickstarter, instacart and Pinterest. All servers are PCI Compliant and monitored by Stripe security and auditing departments.

Passwords and Credentials

Passwords in Elevation are salted and hashed by one-direction encryption scripts. Passwords and access keys used in delivery actions (FTP details, SSH, Amazon Access Keys, etc.) are salted and encrypted with two-direction encryption scripts and kept in this form in production servers.

Elevation employee policy

Our employees have access to user data which is only viewed when required for support reasons, data migration, or Tier 1 support. On rare occasions, we may need to clone a copy of the production database to approved company machines. All cloned databases dumped into approved company local machines are deleted as soon as the support issue has been resolved.

The employee policy applies to all type of private data stored in Elevation, such as server authentication details, authentication data with third-party integrations, or personal user information. All data is stored in encrypted form and can only be accessed by our team for development, security or maintenance, or for support reasons.

All Elevation personnel is trained towards security compliance and subject to privacy agreements. New employees follow a structured onboarding process to get familiar with tools, processes, systems, policies, and procedures. Compliance audits are performed so that employees understand and follow the established policies.

Backup and Maintenance

System maintenance is scheduled for every Sunday at 10:00pm (MST) and takes up to 60 minutes unless stated otherwise stated via in-app or email to onsite staff, and user population. In case of large updates or Tier 1 classified support ticket, client will be notified in advance via email within 48 hours.

All data is backed up in real-time to AWS infrastructure daily. Elevation IT employees are the only ones with access to backed-up data and infrastructure for support reasons.

Service Level Agreement

Elevation has a 99.99% uptime of our servers every given month, excluding scheduled weekly maintenance and/or updates.In case of a Tier 1 support issue, which includes: Outages or Data breach we will communicate with onsite staff as well as with client via email within 48 hours.

Vulnerability reports

In case you’ve found a security vulnerability, please see our Responsible Disclosure Policy.


If you have any questions regarding the safety and security of our Service, drop a word to [email protected] and we'll get back in a snap.


50% Complete

Two Step

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.