Security Notice

• We leverage Google Cloud Platform (GCP) to provide infrastructure services to host our environment.
• By using GCP, Aliro is able to take advantage of their sophisticated security environment, logging, identity, and intrusion protection systems, and focus on our software and your data.
• Aliro has multiple geo-located environments and backups ready to go live in the event of a disaster.
• All databases are encrypted at rest and over transmission.

• Aliro routinely scans its applications for vulnerabilities and security issues, and we promptly remediate any issues we find.
• Aliro utilizes an exercised Assessment and Response Policy to monitor and respond to any risks or incidents.
• Referral encrypts all data and traffic.

• We have a security policy for securing the integrity, confidentiality, and availability of customer data, and protecting customer data against any unauthorized or unlawful acquisition, access, use, disclosure, or destruction.
• All of our employees with access to confidential information or customer data are required to read and acknowledge our security and acceptable use policy.
• We conduct annual security awareness training and quarterly threat briefings to ensure our team is aware of the latest attack trends.
• We limit access to the production database and servers to a few select senior staff.
• Our security team is involved throughout our development and operations processes and cycles to ensure we incorporate security best practices into the product and environment.

We want to ensure we’re protecting your customer data. If we see accounts with signs of suspicious activity, we take immediate action. If you have any questions, please email us at security@onaliro.com.

• Our CEO and CTO work with our developers to make sure our services comply with applicable privacy laws.
• We never sell your customer/member data.