Privacy and Encryption

This document summarizes how 20minds handles encryption for the hosted products and services. It is informational only and does not modify the Terms and Conditions or Privacy Policy.

Summary

Data in transit is protected with transport layer security (TLS) for the site and APIs.
Data at rest is encrypted by default.
Data is stored on an encrypted volume.

In Transit Encryption

The public site and APIs are served over secure HTTPS.
HTTP traffic is redirected to HTTPS.

At Rest Encryption

The data and app volume is protected with Linux Unified Key Setup (LUKS).
Applications and data are located on the encrypted volume.

Data Storage

Data volumes are additionally encrypted at rest by the cloud provider.

Key terms

TLS

Transport Layer Security, TLS, is the security layer that encrypts data while it travels across the internet. It stops other people from reading or changing information between your browser and our servers.

HTTP

Hypertext Transfer Protocol, HTTP, is the basic way browsers talk to websites. By itself it is not encrypted, which is why we redirect HTTP traffic to secure HTTPS (HTTP + TLS).

LUKS

LUKS is a technique that locks a disk with encryption. The data on that disk looks like random noise.

References

For legal terms, see: