Compliance at ReCollect

Security

ReCollect conducts annual security audits with a third party security auditor. To keep customer data as safe as possible, we make use of best-in-class security tools and modern software development practices to maintain a high level of security.

Kobalt found that ReCollect’s security program was at or above the expected levels of maturity as measured against the CIS Top 20 framework for an organization of their size in the areas of Information Security Policies, Security Controls, Secure Software Development Life Cycle and Incident Response Procedures.

Kobalt also performed a Cloud Audit on Recollect’s AWS environment against the CIS benchmark for AWS. 

Our security team rapidly investigates all reported security issues. If you believe you’ve discovered a vulnerability in ReCollect’s security, please get in touch at security@recollect.net (optionally using our PGP key). We will respond as quickly as possible to your report. We request that you not publicly disclose the issue until it has been addressed by ReCollect.

Read more about Security at ReCollect in our blog.

Accessibility

certified-accessible-badge-wcag2.1-AA-davidbermancom-2022

ReCollect conducts annual accessibility audits with a highly regarded, CPWA certified accessibility auditor. ReCollect’s web tools have been certified as conforming to the applicable Level A and Level AA success criteria of the W3C WCAG 2.1 Guidelines. ReCollect tools are designed for inclusion, and we believe that they should be easy to use by everyone, regardless of age or disability. Additionally, you can rest assured that providing ReCollect’s service to your residents or customers will not open you up to lawsuits under the many accessibility laws around the world.

ReCollect web tools have also been certified as compliant with Section 508 of the Rehabilitation Act of 1973. This is a law in the United States that requires federal agencies to meet a strict set of accessibility requirements. Additionally, many states also require compliance with Section 508, and the American Disability Act prohibits requires that all public websites are accessible to people with disabilities. Our Voluntary Product Accessibility Template® may be requested by emailing support@recollect.netRead more about Accessibility at ReCollect in our blog.

Privacy

ReCollect is built using the principle of Privacy by Design. We only collect the minimal amount of information required to offer our service, and personal data is removed as quickly as reasonably possible once it is no longer needed. ReCollect complies with all applicable privacy laws in jurisdictions where it operates, including the GDPR in the European Union which came into effect on May 25, 2018. If you would like more details on our Privacy Policy or have any questions about ReCollect’s privacy practices, please contact our Data Protection Officer at privacy@recollect.netRead more about Privacy at ReCollect in our blog.

Read about our 2022 Re-Certifications here.