About EntryCentral - Security

Users frequently ask how we secure their data, and we welcome such requests. We collect your data according to our Privacy Policy. We can share some high-level details of the security measures we have in place, without giving hackers enough information to use against us.

Dedicated Servers

Servers we use may only be accessed by EntryCentral staff. No other users share our severs with e.g. other websites or databases

Cloudflare

Cloudflare Security Services protect and secure Internet applications and APIs against denial-of-service attacks, customer data compromise, and abusive bots. Connections to EntryCentral come to us through Cloudflare, who screen out connections from bad actors.

Firewall

Our servers only accept https connections from Cloudflare servers. Users cannot avoid routing through Cloudflare.

Penetration Testing

We use website security company Tinfoil Security to independently scan our systems for any code vulnerabilities. Tinfoil Security compares favourably against other website security services. Click the badge to check EntryCentral's certification:

Storage of incomplete card details

Your payment card number goes straight to Stripe without touching our servers. Stripe give us a reference to your payment (should you be eligible for a refund later), the card type and the last 4 digits (so that you have clues about which card you used for a payment) - but we do not store enough detail about your card for anyone to take a payment from it. There is no need for us to store your card details, so we don't do it.

Encryption

Your personal details are encrypted both at rest (in the database) and in transit (https/tls)