Security in Lime Go

Authorisation

Access to certain functions can be set per user in Lime Go via the user’s profile settings.

Transport security

All data sent to and from Lime CRM are encrypted with 256-bit AES-encryption. All endpoints accept only connections via TLS and we only use recognised safe encryption algorithms.

Password

We do not store passwords at all, just an identifying hash that is undecipherable. The hash is used to check whether the password the user has entered is correct.

Product development

Our developers continuously undergo safety training and take for example OWASP Top 10 into account when developing Lime Go. Safety critical codes are always reviewed by at least two developers.

Data management

Our services are provided by Amazon Web Services’ (AWS) EU-based data centre in Ireland. This is also where your data are stored.

Backup

All data are backed up every day and backup copies are stored for 30 days.

Storage

All data, including backup copies, are stored in an encrypted format even when dormant. We have countless check-ups to ensure that your data don’t go astray.

Access

Access to customers’ data is only granted to authorised employees who need it to perform their tasks, e.g. support, and we always ask for consent beforehand.

Supervision

We constantly supervise all operational environments to discover and prevent both operational and security incidents. If an incident should occur anyway, we have well-documented procedures for how to handle and prevent such incidents in the future.

Training

All employees undergo a mandatory security training every year.

Security framework

At Lime we have an elaborate and clear framework for information security with policies, practical procedures and continuous follow-up and improvement.

Confidentiality

All our employees have signed a confidentiality agreement covering work with customer data in relation to their employment.