.png)
Byga believes data security and information privacy is a valued part of the overall Byga service, and therefore, the company has proceeded with a thoughtful and multi-tiered approach in both the design and operation of the Byga application and service. The Byga approach to data privacy and security is supported through a three tiered data and security implementation: (a) datacenter hosting, hardware and network tier, (b) application tier and (c) policy tier. This Byga approach is then used by the individual client clubs’ to support their internal policies and procedures.
- Datacenter hosting, hardware and network tier: The Byga application is hosted on Amazon Web Services (AWS), a leading provider of data hosting in the world. As part of that relationship, Byga leverages datacenter, network and physical security infrastructure designed to thwart data or hacking intrusions or physical theft. Additional information on the security capability of our hosting provider is available via the following link: https://aws\.amazon\.com/products/security/?nc2=h\_l3\_db\.
- Application tier: An important of overall security is the Byga application layer itself. The Byga application has roles and permissions, in part set by the client club, that limits or allows access to sensitive information. Roles like ‘registrar’, ‘coach’ and ‘manager’ all have different access levels to data. Further, in many cases, the application functionally allows certain actions like emails, but supports that functionality without exposing sensitive information like the email addresses. Passwords are required by each user to access the application in all cases. Credit card, debit card and bank information is stored in a secure, non-reversible token provided by our payment partner, nor is the raw information (eg. a 16 digit credit card PAN) available in the Byga application.
- Policy tier: along with the individual client club’s policies and procedures, Byga has developed, and continues to update, a data privacy policy ensuring that data is appropriately collected, used and also destroyed after an appropriate period of inactivity. Byga requires each user to agree to the privacy as well as the terms of service upon initial application sign in. The privacy policy is posted here: https://www.byga.net/privacy.
Data privacy and security concerns continue to evolve. Challenges in preventing negative activity have increased over time, and likely will continue to do so as new technologies are made available. While short of never sharing any information online, no policy, datacenter or application is perfectly secure, Byga believes it has taken necessary steps to ensure a thorough data privacy and security footprint. Along with the clubs’ own data privacy and security policies and practices, both entities can provide an effective and transparent data privacy and security effort.
Disclaimer: Byga, including it’s employees and contractors, do not control, nor can provide any comment, advice or insight as to either Byga competitors’, client clubs’ or client clubs’ vendor’s data privacy and security capabilities, policies or procedures. Questions regarding a specific club’s policy and policy implementation should be directed to the individual club.
_