We take information security very seriously at El Toro and we have been asked quite a bit about our data security. Our clients share sensitive and private data with us daily, their security is our top priority.
Security starts with the process for data ingestion. We have developed a secure HTTPS portal for clients to upload their data to the El Toro data append system. This ensures that your data is encrypted during the upload process using Transport Layer Security.
Once uploaded, data is on-boarded into one of our secure data centers, which are all located in the United States to avoid issues with data expatriation for our US-based customers. Each data center provider has passed a rigorous SSAE 16 SOC2 Audit. The SSAE 16 Audit requires our colocation and infrastructure providers to comply with and attest to a rigorous set of controls including security, confidentially and availability.
The most important part of data on-boarding security is that our file format limits you to only the data required to run a campaign - which is name, mailing address and customer number / unique ID (if desired). We do not ask for, or accept, sensitive data elements including social security numbers, credit card numbers, HIPAA information, demographics or other extraneous information.
Once ingested into one of our data centers, your data is appended to our master database that matches physical addresses to IP addresses. This append file, which contains only IP addresses, is then securely uploaded via API to one of our Demand Side Platforms. An appended version of your original list, showing who we can and cannot target is available via secure download from our portal. Internally our system administration and development teams use two-factor authentication and customer data segregation to further enhance the security of our system. Finally, old customer supplied data is purged from the system at periodic intervals.
If you have any further questions about the data security of the measures El Toro takes to protect customer information, please contact us.