Is Communal Secure?

Ensuring Data Security and Compliance: How Communal Protects Your Information with PIPEDA and PCI-DSS Standards
Written by Communal Support
Updated 1 month ago

Software Security 

At Communal, your data's security is our top priority. We use the Laravel framework to build our application because it includes advanced security features that protect your information. By using Laravel, we ensure proper safeguards are in place when handling your data. Additionally, we regularly apply patches and security updates to all the frameworks and libraries we use, ensuring that our system is always up-to-date and safe. Your data is securely stored in a password-protected database with encryption, so it's protected from unauthorized access.

Person Information Protection 

Our servers are housed in-country just outside of Toronto. This means that we comply with strict Canadian data protection laws. In Canada, data protection is primarily governed by the Personal Information Protection and Electronic Documents Act (PIPEDA), a federal law that applies to private-sector organizations across the country. PIPEDA sets the rules for how businesses handle personal information in the course of commercial activities.

Key Principles of PIPEDA:

  1. Consent: Organizations must obtain an individual’s consent before collecting, using, or disclosing their personal information.
  2. Limiting Collection: Only personal information necessary for the stated purpose can be collected.
  3. Use and Disclosure: Personal information must only be used or disclosed for the purpose for which it was collected, unless the individual consents otherwise or the law requires it.
  4. Safeguards: Personal information must be protected by security measures appropriate to its sensitivity.
  5. Openness: Organizations must be transparent about their data management practices and policies.
  6. Access: Individuals have the right to access their personal information held by an organization and request corrections if necessary.

Payment Processing

When it comes to payments, we partner with Stripe, a leading payment processor that is fully PCI-DSS compliant. This means Stripe meets the highest standards for handling and securing credit card information. They’ve been independently audited and are certified as a PCI Level 1 Service Provider, which is the highest level of compliance. Since Stripe processes all payments, Communal doesn’t access or store any credit card information—everything goes directly and securely through Stripe. You can trust that your transactions are handled with the utmost security and care.

Did this answer your question?