Unauthorized access to janitorial data translates into physical or operational threats for both cleaners and their clients. Clean Smarts is built to help businesses scale to even the most sensitive client locations, like hospitals or government buildings.
At Clean Smarts, data security and integrity as a top-level priority overseen directly by our Chief Technology Officer. Technology is only part of that solution. Our internal focus on security extends to employee who works on our platform.
Cleaning teams operate at all hours. Clean Smarts is built to do the same. Our infrastructure is designed for always-on resilience and near-zero downtime so teams are never stalled by software.
Clean Smarts uses multi-cloud storage with Digital Ocean as primary hosting provider. To maximize availability, some Clean Smarts infrastructure is hosted on additional platforms to protect your operations from being impacted by regional outages.
Clean Smarts offers a 99.9% uptime guarantee for Service Level Agreement, with a Content Delivery Network (CDN) providing robust DDoS mitigation to protect against malicious attacks.
In the rare event of a platform outage, Clean Smarts users receive real-time status updates via email and the in-app help widget. Incident history is documented and available to clarify access issues and recovery timelines.
Clean Smarts conducts disaster recovery simulations and quarterly full-scale recovery exercises. Data is backed up daily and can be restored to any point within the last 7 days. Recovery Time Objective (RTO) is estimated at 4 hours for applications and 25 minutes for database restoration, with a Recovery Point Objective (RPO) within 24 hours.
Janitorial data is operational intelligence. Information about people, locations, and schedules feed reporting and compliance workflows. Cleaning teams generate hundreds of logs across multiple sites, including sensitive client information.
Managers need control over who can (and, just as importantly, can not) access this information. Clean Smarts offers industry-standard encryption and access controls that protect against risk.
Network requests to and from the Clean Smarts platform are encrypted using TLS to reduce exposure if systems get compromised. Data files and backups are encrypted at rest. Only authorized users and systems can read or view company information.
Clean Smarts uses a permission-based access model; administrators can grant, adjust, or revoke which modules a user can access in real-time. Authorization can be scoped by service location so staff only see what's relevant to their job.
Clean Smarts users with administrative access can access a comprehensive record of user activities within teams. Logs document user ID and action taken, including the user's IP address, to ensure full visibility for compliance and accountability.
Unauthorized access to janitorial logs creates safety and legal risk. Clean Smarts is always watching. We proactively harden our system and test defenses to protect against bad actors. Account data is protected by industry-leading safety standards.
Clean Smarts data infrastructure is monitored around the clock for performance (CPU, memory, disk utilization) and security threats. An automated alert system triggers immediate escalation and action to block malicious IPs, disable compromised accounts, change access credentials, or refresh API keys.
Clean Smarts is designed to restore systems from clean backups and pursue immediate patches for vulnerabilities. All potential indicents are documented with timestamps and actions taken. Affected customers would be notified within 24 hours of the discovery of any data breach with legal counsel support if disclosure is required.
Independent security firms are brought in for periodic security assessments. Recurring audits fortify operating system patches, firewall configurations, and web server settings.
Clean Smarts monitors OWASP security advisories and deploys biannual upgrades to mitigate potential vulnerabilities. Access to code repositories is restricted by role.
Cleaning records are compliance artifacts. They protect staff and can aid clients during legal disputes. Janitorial teams in highly regulated facilities, like medical or government buildings, are often required to maintain and store detailed documentation to support accreditation and oversight standards. Records that appear incomplete or altered create contractual and legal exposure.
Clean Smarts is built to preserve record integrity. Clear data ownership ensures defensible controls as information enters and exists the platform.
Clean Smarts has a dedicated Technical Operations Team that coordinates securely during onboarding to ensure end-to-end data protection during data migration. All transferred data is encrypted, then tested post-migration, to validate records remain intact.
Clean Smarts account owners retain all rights to data ingested or generated within the platform. Clean Smarts acts solely as a data processor and will never disclose or sell customer information.
Clean Smarts data management adheres to GDPR and CCPA data privacy requirements and align with OWASP security best practices. Regular policy reviews are conducted to maintain ongoing compliance with industry standards and protocols.
Upon cancellation, Clean Smarts account owners can export all data from the platform. Clean Smarts will retain data for 7 years for legal compliance or perform permanent deletion upon written request.
If you have questions about our security program or technical architecture, reach out. Your inquiries will be directed to our Chief Technology Officer (CTO).
.png){kind=logo}
