Trust Center
PRIVACY, SECURITY, & COMPLIANCE
This notice is to keep you informed of our policy for privacy and security, as well as our commitment to data privacy protection and regulatory compliance. We are committed to protecting your privacy, and the security of your data and are committed to working to quickly address any potential security or privacy problem. We have taken great steps to make sure that our site and product security are up to the latest standards.
PRIVACY
At RemoteToPC we understand the concern for the security and privacy of your information. As a result, we strive to keep this information secure.
PCI COMPLIANCE
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes. The standard was created to increase controls around cardholder data to reduce credit card fraud. PCI compliance is required for organizations that store, manage and process cardholder information.
RemoteToPC is not a payment solution and we do not store our users’ credit card or financial data in our system. RemoteToPC utilizes the third-party vendor Stripe to store and manage cardholder data and conduct online transactions. We provide secure connections to our PCI compliant payment vendor to ensure compliance.
GDPR COMPLIANCE
The EU General Data Protection Regulation (GDPR) (5) is designed to harmonize data privacy laws across Europe, to protect and empower all EU citizens’ data privacy, and to reshape the way organizations across the region approach data privacy. After four years of preparation and debate the GDPR was finally approved by the EU Parliament on April 14, 2016 and is enforced starting May 25th 2018
We are committed to GDPR compliance and our services comply with the GDPR regulations. Due to the nature of RemoteToPC services providing instrumentality for Remote Desktop Access, Computer Health Monitoring & Alerts, and Remote Monitoring and Management services, you, the customer are able to access computer systems, along with, but not limited to the ability to transfer files from one computer to another. The GDPR regulations apply to the privacy of the data of all EU citizens residing in the EU. You should be aware of these regulations, and your company’s responsibilities and need for customer contracts and compliance with GDPR regulations for your accessing and monitoring of EU based computer systems.
HIPAA COMPLIANCE
The Health Insurance Portability and Accountability Act (HIPAA) sets forth standards for protecting the integrity, confidentiality, and availability of electronic health record information. RemoteToPC does not process, store, or have any access to any of the users’ computer data such as patient data or medical records. Therefore, RemoteToPC should not be considered as your business associate. There is no single product or solution can make an organization HIPAA-compliant. However, when used properly RemoteToPC, may help organizations fulfill HIPAA guidelines for the privacy and security of remote access to healthcare information and may be used within a larger system to support HIPAA compliance. Some key points to note are:
- RemoteToPC transmits but does not store the data that is streamed through our AES-256 bit + Poly 1305 AEAD cryptography encrypted tunnels.
- The username / password transmission is encrypted with HTTPS / TLS.
- The user passwords are encrypted on RemoteToPC servers,
- All remote connections are logged with timestamp, remote user, host name session information.
- RemoteToPC website login is capable of 2-factor authentication.
- Our server firewalls monitor and flag suspicious activities real-time and automatically blocks persistent suspicious activity from further access to the RemoteToPC servers
All of these measures should help you to ensure that RemoteToPC can be securely deployed in your organization without affecting HIPAA compliance.
AGENTS AND SERVICE PROVIDERS
RemoteToPC works with other companies to help us deliver our services to you on our behalf. One of these companies is STRIPE(3). Stripe is one of the top industry payment gateways responsible for the processing credit card payments. They store your credit card information, and are responsible for keeping it safe. We also use Google Analytics(4) to measure web traffic and analytics.
SECURITY
RemoteToPC works with other companies to help us deliver our services to you on our behalf. One of these companies is STRIPE(3). Stripe is one of the top industry payment gateways responsible for the processing credit card payments. They store your credit card information, and are responsible for keeping it safe. We also use Google Analytics(4) to measure web traffic and analytics.
- RemoteToPC has a registered SSL Certificate with a Internet Root Certificate Authority , and all pages with private user information on them are secured with this certificate.
- RemoteToPC’s physical servers are in a controlled access hosting facility. All communication across the internet that RemoteToPC does between Host and Join devices, and the RemoteToPC server is done through a 256 BIT + Poly 1305 AEAD cryptography encrypted tunneling technology.
- All RemoteToPC code is digitally signed to prevent tampering.
- RemoteToPC assigns unique identifiers to users, and to computers for security purposes, and has multiple layers of passworded security as well as the option of two factor authentication.
LINKS
- RemoteToPC Terms and Conditions: http://remotetopc.com/terms-and-conditions/
- RemoteToPC Privacy Policy: http://remotetopc.com/privacy/
- Stripe Privacy Policy: https://stripe.com/us/privacy
- Google Privacy Policy: https://policies.google.com/privacy
- GDPR Site: https://www.eugdpr.org/