Is my data secure?

Thousands of companies trust Freckle with their time tracking data and invoices.
It's our #1 priority to keep your data safe and our servers secure. We've been in business since 2008, and have been designing and developing web-based software since the mid 90s. Freckle is self-funded and proud to be a profitable, bootstrapped company.

Redundant Protection Against Data Loss

We’re using state-of-the-art RAID 10 data storage, and we make hourly backups of Freckle’s databases as well as daily full images of Freckle’s servers. These backups are saved encrypted on storage services off-site, and are regularly tested for integrity. We keep hourly backups for several months and monthly backups long-term. We also store live copies of all our log files off-site. Sensitive data like passwords or credit card numbers are never logged.

Your Credit Card Data is Safe

While we do not store your billing information on our servers, we fully comply with the PCI DSS. Your credit card data is securely submitted to a leading, fully PCI-compliant payment gateway provider. Additionally, Freckle is regularly scanned for known vulnerabilities by a leading provider of PCI compliance certification.

Up-to-Date Infrastructure and Patches

We keep our infrastructure updated with scheduled security maintenance updates, as well as applying any patches that are recommended to be rolled out immediately. We have measures in place to only allow maintenance access to our servers on a case-by-case basis, and have our network locked down with firewalls. For added security, our support system, as well as our main site ( https://letsfreckle.com), blog and status page are not hosted by the same servers or in the same network as the Freckle application.

Physical Security

We host Freckle with one of the leading professional hosting companies, Rackspace. Rackspace provides excellent, state-of-the-art physical security, including two-factor biometric authentication, role-based secure sub-areas, closed-circuit 24x7x365 video surveillance and physical perimeter defense measures. This is in addition to redundant systems for climate control, conditioned power, routing and internet connectivity.
Our development computers all use full-disk encryption to keep security credentials safe and secure in case they are stolen or lost.

Monitoring and Fast Response

We use redundant, world-wide monitoring services to monitor Freckle’s infrastructure 24x7x365. Any errors, slow-downs or other abnormalities trigger automatic alarms and we pro-actively work on fixing any issues detected. If we detect issues with your account, we will contact the account owner by email.
If you'd like to stay informed of scheduled maintenance and outages, please  visit our status page.

Your Data is Yours, Always

We don’t share your time tracking data with anyone and if you decide to cancel your account, we make it easy for you to  download all your data. Please see our privacy policy for more details.

Reporting Incidents