The team at Matrix Booking take the security of your data seriously and have rigorous controls in place to ensure the confidentiality, integrity and availability of the data is maintained.
Matrix Booking is provided by Matrix Booking Limited. Matrix Booking Limited is certified to ISO27001:2013 and regularly audited for compliance with the standard by a UK Accreditation Service accredited auditor – our certificate can be found here.
The Matrix Booking system is penetration tested annually by a third party.
Platform Security – Matrix Booking is hosted on robust cloud infrastructure provided by leading cloud suppliers, and components hosted in tier one data centres. We review the security accreditation of our suppliers to ensure they maintain the same standards as us. The data centres have 24x7x365 physical security, including access cards and biometrics. The cloud platform is installed on a segregated network with intrusion detection onto a hardened infrastructure.
Resilience – Matrix Booking is installed on a leading cloud platform in a resilient data centre with regularly tested redundant power and fire suppression systems. All hardware is configured in resilient pools with failover, and the site is monitored for availability.
GDPR – Matrix Booking is working to ensure all of our systems and processes are fully compliant with the new GDPR regulations relating to handling of EU resident data. For more information on our GDPR statement please visit our GDPR page.
Data security – Matrix Booking data is stored in the EU only. Data is regularly backed up, with transmission to a second data centre for further resilience. The Matrix Booking team reviews our solution for compliance with relevant privacy and data protection legislation. All data transmission in our ‘out of the box’ solution is encrypted using TLS with system logs shipped to an immutable third-party store for audit.
Authentication & Authorisation – All access to the Matrix Booking engine requires authorisation. Matrix Booking supports Single Sign-on standards to allow your users to authenticate against your trusted directories – meaning access for your user’s can be integrated into your identity management processes. Data is segregated in the system, with configurable authorisation roles to determine which users can see which data, and the level of operations they can perform.
Reporting a security concern – Matrix Booking’s security team will investigate any reports of security vulnerabilities that may impact the solution. If you have a security concern, or you are evaluating Matrix Booking and would like further information on the security of the solution, please contact firstname.lastname@example.org.