Compliance at ReCollect
ReCollect conducts annual security audits with a third party security auditor. This auditor is certified by the Information Systems Audit and Control Association (ISACA) as a Certified Information Systems Auditor, certified in Risk and Information Systems Controls (CRISC), and Certified in the Governance of Enterprise IT (CGEIT). To keep customer data as safe as possible, we make use of best-in-class security tools and modern software development practices to maintain a high level of security.
All of ReCollect’s services operate exclusively over TLS (SSL) by use of HTTP Strict Transport Security (HSTS). This includes our public website, web widgets, REST APIs and admin tools.
Our security team rapidly investigates all reported security issues. If you believe you’ve discovered a vulnerability in ReCollect’s security, please get in touch at firstname.lastname@example.org (optionally using our PGP key). We will respond as quickly as possible to your report. We request that you not publicly disclose the issue until it has been addressed by ReCollect.
ReCollect conducts annual accessibility audits with a highly regarded, CPWA certified accessibility auditor. ReCollect’s web tools have been certified as conforming to the applicable Level A and Level AA success criteria of the W3C WCAG 2.0 Guidelines. ReCollect tools are designed for inclusion, and we believe that they should be easy to use by everyone, regardless of age or disability. Additionally, you can rest assured that providing ReCollect’s service to your residents or customers will not open you up to lawsuits under the many accessibility laws around the world. ReCollect’s mobile apps are currently being audited, and are expected to be certified compliant during the summer of 2018.
ReCollect web tools have also been certified as compliant with Section 508 of the Rehabilitation Act of 1973. This is a law in the United States that requires federal agencies to meet a strict set of accessibility requirements. Additionally, many states also require compliance with Section 508, and the American Disability Act prohibits requires that all public websites are accessible to people with disabilities. Our Voluntary Product Accessibility Template® may be requested by emailing email@example.com. Read more about Accessibility at ReCollect in our blog.