Test event 2
Login

Existing Attendee? Sign In

Infrastructure

HeySummit servers are hosted by Amazon Web Services (AWS), primarily in their North Virginia (US) region. We rely on AWS's infrastructure to ensure high availability, resilience, and world-class security for customer data.

  • AWS is certified under internationally recognized standards including ISO 27001, SOC 2, PCI DSS, and is also certified under the EU-US Data Privacy Framework (DPF) to support lawful data transfers from the UK and EU to the US.

  • All data is stored in highly secure AWS data centres.

  • AWS ensures that all data is encrypted in transit with TLS across all services.

Protecting Your Data

Protecting your data is of paramount importance and a constant focus here at HeySummit.

  • Data is backed up daily and in some cases, more frequently than that.

  • All access to the HeySummit website is restricted to HTTPS encrypted connections.

  • All data retrieval (and posting) to connected social accounts is done via HTTPS and using a unique, per user, access token (which you can revoke at any time).

  • We never store credit card or payment details in our database. This is strictly stored and managed by Stripe to ensure maximum security. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification available.

  • User passwords are encrypted. Passwords are never stored in plain text. Even our engineering team have no way to know what the password is.

Employee Access

Access to infrastructure and other aspects of the HeySummit environment, as well as customer data, is strictly limited to those within our team that absolutely need it.

  • Only our Engineering team has access to our production environment. SSH keys are required for console access to servers in all of our environments.

  • Whilst we will often use aggregated snapshots of customer data to help us understand and identify performance, financial and business insights, we will only access individual customer records if it is necessary to do so in order to carry out a customer support request or a significant systems issue.

International Data Transfers

As HeySummit stores data in the United States using AWS, we have put legal safeguards in place for international transfers of personal data. This includes using Standard Contractual Clauses (SCCs) in our agreements and relying on AWS's EU-US Data Privacy Framework certification, which ensures an adequate level of protection under GDPR.

How to Report a Security Incident

To report an incident of suspected abuse, misuse, or a security issue you have discovered you should contact [email protected] immediately. For incidents that affect a single account, please reach out to us via our usual support channels.

  • HeySummit's will acknowledge your report, usually within 1 business day.

  • A point of contact will be assigned. This person will be responsible for keeping track of the issue, as well as keeping you updated. Please note that this person may need to liaise with you to better understand the reported issue and the circumstances around it.

  • We will investigate the issue and determine the impact.

  • In most cases, for security reasons it is likely that we will be unable to disclose details of the issue until our investigation has been completed.

  • Once the issue has been resolved, we will post an update along with thanks and credit for the discovery.

Contact Us

Have a question or concern? Please email us at [email protected].

© Copyright 2025 Create Engage. All Rights Reserved.

Powered by HeySummit

Submit Close

Download

We use cookies

This website (and some third-party tools) use cookies. These are important as they allow us to deliver an exceptional experience.

By clicking 'Accept', you agree to the use of cookies.

Accept Reject

Configure | Privacy Policy

We use cookies

Press the 'reject' button to only accept essential cookies. See below for a list of the cookies we use and their purpose.

_ga, _ga_* Google Analytics

These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website.

Duration: 2 years
Accept Reject

Privacy Policy