Security is our highest priority
Customers worldwide trust ALLO with billions of documents, events, and files, relying on our dedication to data privacy and security. This page explains our methods for protecting your data. As we continually improve and strengthen our security, we will update this information to keep it accurate and complete.
ALLO utilizes Amazon Web Services (AWS) as the hosting platform for our testing, staging, and production environments, and these are fortified with robust security measures such as secure perimeter defenses, extensive camera monitoring, biometric authentication, and around-the-clock security personnel. We also use MongoDB Atlas for data storage and management. Both AWS and MongoDB Atlas adhere to key compliance standards like SOC1, SOC 2, SOC 3, ISO 27001, HIPAA, among others, confirmed by independent third-party audits. These stringent measures contribute to the high level of security and compliance we maintain for our customers' data. Learn more
Secure Software Development
ALLO incorporates an assortment of manual and automated measures for data security and vulnerability assessments throughout the software development lifecycle, known as S-SDLC.
ALLO upholds a robust policy that implements potent administrative, technical, and physical measures to safeguard customer data. Our strategy aims to efficiently identify, detect, shield against, react to, and recover from security incidents.
We ensure the resilience of our operations by creating backups of all crucial data, allowing for recovery in the event of a disaster. Our system is designed with distributed fault tolerance and automated data recovery features. Additionally, all our backups are encrypted for enhanced security.
We employ TLS 1.2 encryption, a top-tier, bank-grade method, to protect data during transit. Additionally, all data at rest is securely encrypted using the robust AES-256 standard.
Protection of Credit Card Information
When you input your credit card details on ALLO, all the related data is managed by Stripe, a company specializing in safeguarding sensitive information on servers that comply with PCI standards. Stripe's compliance has been verified by a PCI-certified auditor and holds the highest level of certification (PCI Service Provider Level 1) in the payment industry. Rest assured, no credit card information is stored on our servers. Learn more
Security Certification by
App Defense Alliance
App Defense Alliance
Under the stringent evaluation of the App Defense Alliance (ADA), an initiative co-founded by Google, ALLO has triumphantly cleared the Cloud Application Security Assessment (CASA). By satisfying and surpassing the requirements of CASA TIER 2, we underline our unswerving commitment to fortifying security measures and augmenting the protection of user data, mirroring the industry's standards for app excellence across the digital landscape.
And, notable angel investors including former CTO of Engineering Director of have joined our journey.