Data Security Overview

Momently protects the confidentiality of customer data in several ways:

• Our Momently terms of service, which all customers must adhere to, prohibit sending personally identifiable information (PII) to Momently. PII includes any data that can be used to reasonably identify an individual, including (but not limited to) names, email addresses, or billing information.
• Momently data may not be shared without customer consent, except under certain limited circumstances, such as when required by law.
• Momently security and engineering team take measures to guard against external threats to data. Internal access to data (e.g., by employees) is regulated and subject to access controls.

Momently does not store IP addresses.

Momently requires that all of our third party vendors abide by our confidentiality and security measures, and obey similar restrictions.

• Data ingress: Momently supports encryption via HTTPS for all data being sent to Momently systems, and strongly encourages all customers to only send data via HTTPS.
• Data egress: All Momently APIs supports sending data via HTTPS. Momently dashboards only support HTTPS.
• Encryption at rest: Where feasible, sensitive data is stored under encryption. Passwords and other highly sensitive information are hashed and salted.

All Momently servers are hosted on Amazon Web Services, which in turn employs industry standard protections. More information from AWS can be found here.

Permissioning: We restrict access to all Momently servers to only those employees with a need to access. All servers employ role-based permissioning.

For more information, please contact our data protection officer at legal@momently.com.