Keeping customer data safe and secure is a huge responsibility and a top priority for Blocks Edit. We work hard to protect our customers from the latest threats.
Everybody at Blocks Edit is trained and made aware of security concerns and best practices for their systems. Remote access to servers is via our VPN using two factor authentication, and limited to workers who need access for their day to day work.
Blocks Edit helps you produce your email content. It does not send emails to your customers. This means we do not hold or process audience lists, or any data about your customers. The scope of PII that we handle is limited to account credentials for team members that use Blocks Edit.
We use Amazon AWS. All data is written to multiple disks instantly, backed up daily, and stored in multiple locations. Files that our customers upload are stored on servers that use modern techniques to remove bottlenecks and points of failure. Our software infrastructure is updated regularly with the latest security patches.
Over public networks we send data using strong encryption. We use SSL certificates issued by GeoTrust Inc, RapidSSL CA. The connection uses AES_128_CBC for encryption, with SHA2 for message authentication and ECDHE_RSA as the key exchange mechanism. You can check our currently supported ciphers here.
Our servers — from power supplies to the internet connection to the air purifying systems — operate at full redundancy. Our systems are engineered to stay up even if multiple servers fail.
Our software infrastructure is updated regularly with the latest security patches. Our products run on a dedicated network which is locked down with firewalls and carefully monitored.
All credit card transactions are processed using secure encryption—the same level of encryption used by leading banks. Card information is transmitted, stored, and processed securely on a PCI-Compliant network.
Blocks Edit won’t hand your data over to law enforcement unless a court order says we have to. We reject requests from local and federal law enforcement when they seek data without a court order. And unless we’re legally prevented from it, we’ll always inform you when we receive such requests.