Explore our privacy and
security safety measures

When you use Mirro, we know you are trusting us with one of your most valuable assets: private data. So we take all the necessary steps to protect it as we operate our service. Here’s how we do it.

It’s all in the cloud

Like many Fortune 500 companies, startups, and governments, we use Microsoft Azure’s cloud computing platform.

Because we can rely on their industry-leading privacy policies, compliance programs, and security measures, they’re our vetted provider in the cloud ecosystem.

head-in-cloud

How we keep your data safe and secure

No unauthorized access to your data

Your safety is always on our minds. That’s why we take several organizational and technical measures to protect your data.

Here are a few of them:

Our access to your data is not a given

At Mirro, you have full ownership of your data. Our guarantee is that we’re keeping it safe for you, stored in Western Europe using Microsoft’s Azure infrastructure.

Few people inside Mirro can access your data, which is limited to fulfilling contractual obligations in a secure manner. For example, our Customer Support team can do so, but only to reply to your inquiries. And if you ever need some debugging, our Tech Support team operates with full action traceability.

To make things extra safe, anyone at Mirro with data access privileges undergoes a background check and has a confidentiality agreement in place.

Back-ups are the norm

Microsoft Azure powers our back-ups on a schedule:

We’re happy to report all of them are protected by AES 256-bit encryption.

It’s all HTTPS

Whenever you connect to Mirro, your data is secure. One of the reasons for this is that we use an HTTPS connection. If you want to get technical, we support TLS version 1.2 and 1.3.

But it’s not just that. We limit the duration of Mirro sessions for admin accounts to one hour, and our account access tokens are not transferable.

Strong passwords are mandatory

We take good care of your Mirro password. Keeping it in clear text is an absolute no-no for us, so we hash and salt it. Because we use bcrypt, it’s resistant to brute-force search attacks.

We also have strict requirements in place for the length and complexity of passwords. And since we monitor our platform at all times, accounts are automatically deactivated if the wrong password has been inserted one too many times.

We meet rigorous requirements

Our backbone, Microsoft Azure, is the cloud platform leading the industry with over 90 compliance offerings.

Mirro is GDPR-compliant. We meet European regulations, as no data is transferred outside the European Union.

Our people also go through regular GDPR training, so our collection and use of information are on point.

We put our system through the wringer

To make sure we’re always at the top of our game, Mirro undergoes regular internal security tests, automated testing batches, and penetration tests.

Code Reviews

Before making it to the app, every modification is thoroughly reviewed with security in mind.

Security updates

Our automation ensures that our platform and the services we offer are always up to date.

High availability

Mirro is designed to have high availability. In the unlikely case of something going wrong, we’ll let you know.

Secure environments

Our production and testing environments are separated. That’s to make sure no mishaps find their way to you.

We regularly review our privacy policies and codes of conduct to address your evolving needs and expectations of us as a client. You’re in good hands with Mirro!