Security

Your Data Security is Our Priority

Learn how we protect your data and maintain the highest security standards.

Our Security Commitment

At Simma, we understand that your dance studio data includes sensitive information about your business, staff, students, and financial transactions. We take this responsibility seriously and have implemented comprehensive security measures to protect your data.

Data Encryption

We use industry-standard encryption protocols to protect your data both in transit and at rest:

  • In Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.3 (Transport Layer Security), ensuring that your data cannot be intercepted or read by unauthorized parties during transmission.
  • At Rest: All data stored in our databases is encrypted using AES-256 encryption, one of the strongest encryption standards available.

Secure Infrastructure

Our infrastructure is built on industry-leading cloud providers with multiple layers of security:

  • Physical Security: Our servers are hosted in secure data centers with 24/7 monitoring, biometric access controls, and surveillance systems.
  • Network Security: We employ firewalls, intrusion detection systems, and regular network scans to prevent unauthorized access.
  • Server Hardening: Our servers are regularly updated with the latest security patches and are configured according to security best practices.
  • Redundancy: Your data is replicated across multiple locations to ensure availability and prevent data loss.

Payment Processing Security

We take extra precautions when handling payment information:

  • We do not store credit card numbers on our servers. All payment processing is handled by PCI-DSS compliant payment processors.
  • Our payment integrations use tokenization, which means sensitive payment details are replaced with unique identification symbols that retain all the essential information without compromising security.
  • Our payment processing systems comply with the Payment Card Industry Data Security Standard (PCI DSS).

Access Controls

We implement strict access controls to protect your data:

  • Role-Based Access: Our employees only have access to the data they need to perform their specific job functions.
  • Multi-Factor Authentication: We require multi-factor authentication for our staff accessing systems that contain customer data.
  • Audit Logging: All access to your data is logged and monitored for suspicious activity.
  • Background Checks: We conduct background checks on all employees who may have access to sensitive data.

Regular Security Testing

We perform regular security testing to identify and address potential vulnerabilities:

  • Penetration Testing: We conduct regular penetration tests by independent security experts to identify and address potential vulnerabilities.
  • Vulnerability Scanning: Our systems are regularly scanned for known vulnerabilities.
  • Code Reviews: All code is reviewed for security issues before deployment.

Data Backup and Recovery

We maintain comprehensive backup procedures to protect against data loss:

  • Your data is automatically backed up multiple times per day.
  • Backups are encrypted and stored in geographically separate locations.
  • We regularly test our backup restoration procedures to ensure data can be recovered quickly in the event of an emergency.

Incident Response

We have established procedures for responding to security incidents:

  • Our security team monitors our systems 24/7 for suspicious activity.
  • We have a documented incident response plan that is regularly tested and updated.
  • In the unlikely event of a data breach, we will promptly notify affected customers in accordance with applicable laws and regulations.

Compliance

We adhere to industry standards and regulations to ensure the security and privacy of your data:

  • GDPR compliance for customers in the European Union
  • CCPA compliance for customers in California
  • SOC 2 Type II certification for security, availability, and confidentiality
  • Regular independent audits of our security practices

User Security Best Practices

We recommend the following best practices to enhance the security of your Simma account:

  • Use strong, unique passwords for your Simma account.
  • Enable multi-factor authentication for all your users.
  • Regularly review user access and remove accounts for employees who no longer need access.
  • Ensure your devices have up-to-date antivirus software and security patches.
  • Be cautious of phishing attempts—we will never ask for your password via email or phone.

Security Updates

We continuously review and enhance our security measures to address emerging threats. For the latest information about our security practices, please check this page regularly.

Reporting Security Concerns

If you believe you have identified a security vulnerability or have other security concerns, please contact our security team immediately at [email protected].

Contact Our Security Team
Key Features

Security Features You Can Trust

Our platform includes multiple security features to protect your data and your business.

End-to-End Encryption

Your data is encrypted in transit and at rest, ensuring it remains secure at all times.

Multi-Factor Authentication

Add an extra layer of security to your account with SMS or app-based verification.

Role-Based Access Control

Control exactly what each staff member can view and edit within your account.

Secure Payment Processing

PCI-DSS compliant payment processing with tokenization for maximum security.

Automated Backups

Your data is automatically backed up multiple times per day to prevent data loss.

Activity Logging

Comprehensive audit logs to track who accessed what data and when.

Ready to Secure Your Dance Studio Data?

Join thousands of dance studios who trust Simma to keep their business data secure.

Start Your Free Trial Schedule a Demo