Planet NEXTgen Technologies (P) Ltd. and its subsidiaries is hereinafter referred as ‘Planet NEXTgen’ is committed to respect your privacy and data while using our services. The statement highlights our data security practices.

Data Security Statement

A. Physical Security

The Planet NEXTgen development center in Mumbai is under 24x7 security protection. Critical locations in the shared office are accessible only to authorized individuals. Important documents are stored in cabinets that can only be accessed by pre-authorized individuals. Fire alarms and water sprinklers are in place to detect and mitigate damage in the unlikely event of a fire. A policy has been implemented to approve and regulate visitor access to the building. The office is provided with 24x7 power supply, supported by an alternative uninterrupted power supply system to ensure smooth functioning in the event of a power failure. Planet NEXTgen hosts its application and data in industry-leading Data Centre which have been thoroughly tested for security, availability and business continuity.

B. Application Security

All of Planet NEXTgen’s products are hosted in Ctrl-S servers. The infrastructure for databases and application servers is managed and maintained by Ctrl-S. At Planet NEXTgen, we take a multifaceted approach to application security, to ensure everything from engineering to deployment, including architecture and quality assurance processes complies with the highest standards of security.

C. Application Architecture

The application is initially protected by firewall which is equipped to counter regular DDoS attacks and other network related intrusions. The second layer of protection is Planet NEXTgen’s own internal firewall which prevent external IPs, users and spam. While the application can be accessed only by users with valid credentials, it should be noted that security in cloud-based products is a shared responsibility between the company and the individuals who own those accounts on the cloud, it should be noted that all account passwords that are stored in the application are one-way hashed and salted. Planet NEXTgen uses a micro service model to host all its applications.

D. Application Engineering and Development

Our lead engineers are trained in industry-leading secure coding standards and guidelines to ensure our products are developed with security considerations from the ground-up. Security reviews are a mandatory part of application engineering (development and construction) process at Planet NEXTgen.

E. Quality Assurance

Besides functional validation and verification, the quality assurance process at Planet NEXTgen also subjects application updates through a thorough security validation.

F. Deployment & Post Deployment

Deployments to production servers are performed only by trusted and authorized engineers. Only few pre-authorized engineers have access to Planet NEXTgen’s production environment. An information security team carries out periodic comprehensive tests. The tests are performed with the help of static analysis tools and aided by manual analysis.

G. Data Security

Our database resides within an internal network in Ctrl-S. It is set not to be accessed from anywhere other than the application. Also it is password protected. The database is hosted with a feature called multi zone availability - which ensures a standby copy of the database is available in a different zone in case of failure. Apart from these, Ctrl-S performs daily backups. Our application is designed to make use of scopes - a user can manipulate only his/her own records. So even if a user tries to misuse any credentials, his own data will be affected.Data of other users will be secure and cannot be viewed or tampered.

H. Network Security

All Planet NEXTgen's products are hosted in Ctrl-S, with security managed by Ctrl-S.

I. Regulatory Compliance

As the processors of personal information on behalf of our customers, we follow their instructions with respect to the information they control to the extent consistent with the functionality of our service. In doing so, we implement industry standard security, technical, physical and administrative measures against unauthorized processing of such information and against loss, destruction of, or damage to, personal information.

Ctrl-S data centers are ISO 27001, SSAE-16 and HIPAA compliant.

J. Reporting issues and threats

If you have found any issues or flaws impacting the data security or privacy of Planet NEXTgen’s users, please write to support@planetngech.com with the relevant information so we can get working on it right away.

Your request will be looked into immediately. We might ask for your guidance in identifying or replicating the issue and understanding any means to resolving the threat right away. Please be clear and specific about any information you give us. We deeply appreciate your help in detecting and fixing flaws at Planet NEXTgen, and will acknowledge your contribution to the world once the threat is resolved.

K. Get in touch with us

If you have any questions or doubts, feel free to get in touch with us at support@planetngech.com, we’ll get back to you right away.