We get it. We understand that trusting a third-party platform with your company data is a massive decision.
And just like you, we’re also cautious to who and what gets involved with our business, so we don’t blame you.
At SaaSi Hub, founder Michael Cook is our IT operations veteran, backed by a solid and experienced team who have a lifetime of participation in retailing, data protection, client account security and customer service. Within our business, we strive to utilise best practices, policies and procedures that goes along with that, which within SaaSi Hub we continuously adopt, improve and expand upon as part of our day-to-day operations.
“We designed our architecture with a ‘security first’ mindset to ensure
– Michael cook, founder
yourdata is isolated, encrypted, and safe.”
We’re registered with the Information Commissioner’s Office Registration Reference ZC089944.
See our certificate here (PDF).
All of our payment processing is completed through Stripe, one of the most popular and secure payment processing platforms for businesses.
Our website doesn’t run with a basic 128-bit SSL, but with 256-bit SSL, offering much better security for data transmission across our retail site and platform.
SaaS integrations into our platform use OAuth 2.0 where possible, providing industry-standard authorization protocol for accessing user data.
Security At A Glance
- Data encrypted in transit using TLS 1.2+
- Data encrypted at rest using AES-256
- Hosted on secure Google Cloud infrastructure
- OAuth 2.0 used for SaaS integrations where available
- Payments processed securely via Stripe (PCI DSS Level 1)
- Continuous vulnerability monitoring and patch management
Infrastructure & Hosting
SaaSi Hub’s internal platform is hosted on Google Cloud, leveraging their world-class physical and network security. All data sent between your browser, your SaaS applications, and our internal platform servers is encrypted using TLS 1.2+ (transport layer security). Additionally, database volumes and backups are encrypted using AES-256 standard encryption.
Our frontend retail website is hosted with a ISO27001-certified secure server provider, backed by 4,000Gbps DDoS protection, 256-bit SSL and real-time scans against viruses, malware and suspicious uploads.
Data Residency
All customer platform data is hosted within secure Google Cloud infrastructure located in the United States and European regions.
Authentication & Access (For SaaS Integrations)
We use OAuth 2.0 for all SaaS integrations where it is available for us to do so (Google Workspace, Slack, etc).
We never see or store your passwords, whether using OAuth 2.0 or manual authentication with a username/password.
When integrated to your actively used SaaS apps, we only request the minimum scopes necessary to identify license usage and user status in order to show the information within your SaaSi Hub dashboard and reports.
You can revoke SaaSi Hub’s access at any time directly from your SaaS provider’s admin console.
Payment Security
All payments are processed via Stripe, a PCI-DSS Service Provider Level 1.
We can not see, and do not store any debit, credit or AMEX card information of any type when using our online billing system.
Data Protection and Compliance
SaaSi Hub processes personal data in accordance with applicable data protection laws including GDPR and UK GDPR. Further details can be found in the following documents:
What SaaSi Hub Does Not Access
When connecting to your HR and/or SaaS tools, platforms and applications, SaaSi Hub does not access or store the content of your organisation’s communications or files, including email content, calendar events, documents, or file contents.
When connecting integrations such as Google Workspace or Microsoft 365, we only access metadata required to identify licence usage and user status, including; user account lists, license assignments, last login information and account statuses.
Your Data Always Belongs to You
All data stored within the SaaSi Hub platform remains the property of your organisation.
SaaSi Hub processes this data solely to provide the functionality of the platform, including identifying unused licences, monitoring SaaS spend, and supporting employee offboarding workflows.
You can export your reports and platform data at any time, and request deletion of your organisation’s data if you choose to close your account.
Access Control
Access to SaaSi Hub systems and customer data is restricted to authorised SaaSi Hub personnel who require such access in order to perform operational, support, maintenance, or security related tasks.
Administrative access to infrastructure and production environments is limited to a small number of trusted technical personnel. SaaSi Hub employees and authorised personnel who may interact with production systems are subject to internal security policies and confidentiality obligations.
Vulnerability Management
We perform regular automated scans of our dependencies and infrastructure to identify and patch vulnerabilities immediately.