Security Statement | Dolphin Computer Access

Introduction 

At Dolphin Computer Access protecting your data is our highest priority. To do that, we employ corporate security policies, physical and environmental security procedures, operational security processes, secure systems development, maintenance and more. 

Security Policies & Procedures 

Dolphin Computer Access understand the importance of ensuring the privacy of your personally identifiable information as well as being legally compliant with privacy laws and regulations. 

Our Software Development Lifecycle 

Changes to our application code go through a full suite of automated tests, and then go through a round of manual reviews. Application code changes pass through multiple review stages before being released publicly. 

If application issues are discovered, Dolphin has procedures in place to ensure software patches are delivered to our customers. 

Security at the Dolphin Computer Access Workplace 

Our office is secured via security tag access, and visitors are recorded at our front desk. We closely monitor the availability of our office network and all network devices on it. We collect logs produced by network devices such as firewalls, DNS servers, DHCP servers, and routers. Network logs are retained for our firewall, wireless access points, and switches. 

Software Security Standards 

Dolphin Computer Access designs its applications to follow various security standards such as GDPR to ensure our customers are also in compliance and secure. 

GDPR Compliance 

Dolphin’s products are compliant with the General Data Protection Regulation legislation (GDPR) which ensures identifiable customer information remains private and secure by utilizing an array of robust data features. 

Secure Application Standards 

Dolphin’s products leverage security protocols such as Socket Security Layer (SSL), Open Authentication (OAuth) and others to ensure data and data communication remains secure. 

Data Storage 

Dolphin hosts all data internally at its headquarters in Worcester, United Kingdom. 

Personnel Access 

Only senior members of Dolphin’s Technical team have access to production environment for the purposes of maintenance. 

Disaster Recovery 

Dolphin’s technical team have disaster recovery processes in place which we test on a regular basis. 

Data Backups 

Dolphin has regular scheduled backups of data and machines. Backup data is stored in multiple locations including an offline storage. No backups are saved beyond 3 months. 

Product Specific 

SuperNova & Dolphin ScreenReader 

SuperNova Enterprise Configuration 

We have developed SuperNova & Dolphin ScreenReader with privacy and security in mind. Using the SuperNova Enterprise Configuration utility, you can disable any features of SuperNova & Dolphin ScreenReader that has the potential to be used in a malicious way to compromise your environment, you can also disable any features that send anonymous data to Dolphin as part of our product improvement program. 

Metrics 

SuperNova will send anonymous data upon launch to allow for the calculation of meantime between failure which is a quality metric we track. This is a feature that can be disabled globally for all users via the Enterprise Configuration Utility. 

Personal Data 

SuperNova does not collect any personal data. 

Access to Google Drive 

If configured this feature of SuperNova will only communicate with Google APIs. No user data will be shared with Dolphin or any third party.  

SuperNova stores your credentials on your computer for you to use later. 

Applying general Google Drive restrictions in your environment will remove the ability for users to make use of this feature in SuperNova. 

Product Improvement Program (PIP) 

Dolphin can anonymously collect data if the Product Improvement Program is opted into. This is a feature that can be disabled globally for all users via the Enterprise Configuration Utility. 

Application Security 

Dolphin code sign applications that we develop, this ensures that you can verify that we are the author of the applications, and that the applications have not be tampered with. 

Crash Reporting 

The crash feedback feature can automatically feedback to Dolphin when a crash occurs, the information sent can contain user data.  This is a feature that can be disabled globally for all users via the Enterprise Configuration Utility.