Security

We understand that security is a top priority for you, and we want to assure you that our web application prioritizes the protection of your data.

At our company, we prioritize the security and confidentiality of our client's data, recognizing the immense value of trust in handling sensitive information. To ensure the utmost protection, we have implemented strict measures. Firstly, we do not store any data related to data analysis. This means that the information within your charts and tables is never stored in our databases. Instead, we solely collect the necessary information required to provide our clients with the services they have specifically requested.

It is important to note that all the information you view, such as charts, tables, and key performance indicators (KPIs), is directly sourced from your Qlik Cloud tenant during runtime. We do not store any of this data in our environments.

In terms of tracking usage and performance, we do maintain certain non-sensitive data in our database. This includes the hostname of your tenant and the email address you use to access the platform. By storing this limited information, we can effectively monitor the number of users and gain valuable insights into how our platform is performing, ultimately ensuring we deliver optimal value to our clients. We appreciate your trust in our web application and our commitment to ensuring the utmost security for your data. Here's an overview of the security features we have implemented:

  1. OAuth and Secure Transmission:

    • We use advanced security technology called OAuth, which ensures that your Qlik Cloud credentials are securely authorized without us storing them.

    • Additionally, all the data transmitted between our web application and Qlik Cloud is encrypted and protected, safeguarding your information from unauthorized access.

  2. Access Token Handling:

    • We take extra measures to keep your information secure by not storing access tokens in our web server.

    • These tokens are only used during runtime when needed, which reduces the risk of unauthorized access to your data.

  3. Inherited Role-Based Access Control (RBAC) from Qlik Cloud APIs:

    • Our web application inherits the role-based access control (RBAC) capabilities provided by Qlik Cloud APIs.

    • This means that the access control mechanisms are managed by Qlik Cloud, ensuring that users can only access the themes and cards they are authorized to use.

    • By leveraging these capabilities, we maintain consistency with Qlik Cloud's established security practices, providing you with a reliable and secure access control system.

  4. Password Security:

    • To protect your sensitive information, we do not store your passwords in our system. We use Qlik's Oauth to authenticate to our backend service.

    • By implementing this measure, we minimize the risk of password-related breaches and further enhance the security of your user accounts.

  5. Error Handling and Logging:

    • Our web application has error-handling mechanisms and comprehensive logging in place.

    • This allows us to actively monitor and track unusual activities, promptly addressing any potential security incidents and maintaining a secure environment.

  6. Terms and Conditions and Privacy Policy:

    • We have clearly defined terms and conditions, as well as a privacy policy, which outlines how your data is handled and used.

    • These policies provide transparency and ensure compliance with relevant regulations, protecting your privacy and rights.

  7. Data stored:

    • We collect and store users' email addresses obtained from Qlik Cloud to accurately identify individuals accessing our services.

We continuously review and update our security measures to address emerging threats and adhere to industry best practices. If you have any questions or require further information, please contact our support team (support@newhub.com).

Last updated