Security

Learn about our security features




How users access your app

Inside the CMS you have five privacy options:

Private: Selecting this option means that only users that you invite by email can gain access to your app.

Public: Selecting this option means that anyone can access your app providing they go through the sign up process and complete the sign up form with fields defined by the administrator. Mandatory fields are always Name and Email.

Public Open: Selecting this option means that anyone can gain access to your app without signing up. Only when they want to interact with the app; e.g. Send a message, answer a poll, fill out a survey etc...

Authorized Emails / Allow Any Email: Selecting this option means that anyone can gain access to your app as long as they enter their email

Authorized Emails / Only Authorized Emails: Selecting this option means that only pre-authorized email addresses can gain access to your app. To gain access, the Attendees, Exhibitors or Speakers must enter their email address.


When you first set up your app you must choose one of these settings. You can change these privacy settings at anytime by going to Edit Your App in the CMS. It is important that you understand which privacy setting is best for your app and the material you will be including. If you include any sensitive data you should always use the Private setting.

All In The Loop will never use any data or material you upload to your app regardless of the privacy setting.

How users keep their information private

Users choose how much or how little they would like to include in their user profile for other users to view. Contact information such as email address and phone number cannot be viewed by another user except if they request their contact information in the app using the MyContact feature. When one user requests the contact information of another user both parties can view each others contact information.

The creator of the app may choose to ask for further details in the sign up process to gain access to the app. These details are not visible on a user profile and cannot be accessed by other users in any circumstance. The app creators may use any data submitted in the future. You will be able to find their policies on data and privacy on their websites in their privacy policies. If you cannot find these policies please contact the app creators to obtain them.

All In The Loop collects data from users usage of our apps. From time to time, All In The Loop might use this data to improve our services, develop new products, and launch services for other purposes. We will never pass on this data to advertisers or third parties.

All In The Loop Security and Reliability Compliance

The All In The Loop platform has been developed with corporate and personal data an absolute priority and the organization continue its commitment to provide class leading secure applications.


Privacy and Encryption

All user passwords have brute force protection with an option to allow access only to users after system invite with secure key.

Communications between user devices and the platform have ‘end to end’ encryption fully protected by Secure Socket Layer Encryption (SSL) to protect your data from third party attacks and eavesdropping.

Regular penetration testing is carried out on platform checking for vulnerabilities in all modules.


Data Hosting and Retention

Primary servers are located in our data center in Bend, Oregon USA. The facility implements multiple phase access authorization with Bio-metric verification security scanners, 24 x 7 security monitoring and onsite security enforcement.

Our Bend data center is fully compliant and built to Tier III standards, meeting the highest quality requirements. It is directly located on major fiber routes giving it optimal connectivity. The facility is carrier-neutral with diverse fiber connections to regional and national carriers.


Reliability and Disaster Recovery

Our state of the art facility in Bend has independent on demand power generators, 5MW Pacific Power service, N+1 diesel generators and a substantial onsite fuel storage.

The power systems are ultra power distribution systems with N+1 configuration, overhead A & B Starline bus service with 120V and 208V service & 15A, 20A, & 30A circuits. Cooling is via indirect evaporative coolers again with N+1 configuration.

In the rare event of an outage at our primary data center we have fully mirrored failover servers located in Los Angeles USA (also fully compliant tier 3 data center) providing redundancy backup. All data synced between the two servers is fully encrypted with our private key.


In App Secure Payment Processing

Payment made on the platform for tickets, donations and items by default go through our fully PCI compliant payment partner Stripe. Secondary PCI compliant merchant integrations can also be used.