top of page

Data Security on Insta Charter

Updated: Jun 15


Data Security

Data Security is a topic of concern for the Air Charter Industry in general. In particular, Air Charter brokers are very sensitive about the information of their clients and the effects of its potential mishandling. Since some of our products deal with the storage and handling of information of users, the security of data is of prime importance at Insta Charter.


Data Protection.


By the very architectural design of our applications, the sensitive information is restricted at various levels. Every user interacts with two datasets:-


  1. The Public Datasets such as Airport information, Aircraft information, etc. These datasets are used in the application through 'filters'. This is common to all users. Filtering may give a different experience to each user. For example - do not show the active status of the aircraft to a particular user. For any user to get access to this entire data is not difficult because it exists in the application.

  2. The Private Datasets are those that are created and stored by you such as customers, contacts, companies, plans, etc. These are protected which means that a particular user only interacts with his dataset. This dataset is not available in the application of the other user and therefore even by advanced network monitoring access to this cannot be obtained.

Private Air Charter Data

What constitutes a private dataset?


Any Module that prefixes 'My' constitutes a private dataset.



Physical and Network Security.


All data and servers are hosted on Google Cloud Platform (GCP) and Amazon Web Services (AWS). GCP and AWS certify their physical security with comprehensive compliance and controls, including allowing physical access to personnel with a validated business need, logged and monitored access, electronic surveillance and professional security personnel at all datacenter entry points.


Both are accredited against multiple security industry certifications including ISO27001 and SOC-2 by AICPA. More details are available from their respective website.



Common questions on Data Security


  1. Can you see my data? Insta Charter is AES 256-bit encrypted at rest and in transit. If you have a support ticket or need us to investigate an issue, we obtain your consent before using the key. The access to this key is restricted to key personnel only such as the CTO and is authorised only after your consent by means of a code.

  2. Can someone else log into my account? If he/she has access to your email, he/she can. You must keep access to this email confidential and restricted to yourself.

  3. Can I use the same login email for multiple people in my team? You are compromising your data security.

  4. TLS 1.2? Yes.

  5. How long do you keep logs? 30 days.

  6. What is your data retention policy? 30 days – meaning if you delete something from Insta Charter, it’s permanently deleted after 30 days.

  7. Can anyone create an account on your application? No, there is no Sign-up on most Insta Charter products which means that no one can create an account by visiting our website or the application. We create the required datasets and then allow the user to log in. Active Charter is the only product that has sign up and does not use any private database.

  8. What if I forget my password? Insta Charter does not store or manage your passwords. That is insecure. For each login, you will get an OTP on your email. When you clear the cache memory of your browser you will need to log in.

  9. What is your stack? Glide, Java

  10. What sensitive data is transmitted by the apps without user action? None.

  11. Do you track location? No.


To know more about us, Schedule a demo with us and understand how Insta Charter can help you with charter business.





4 views0 comments

Comments


bottom of page