Security Statement

Data Center

  • Happenn system is running on cloud-based architecture with Amazon Web Services. AWS is a service provider that is certified with various categories of global standard certification such as ISO 27001, ISO 27701, ISO 27018, SOC 1, and SOC 2, to name a few.
  • We chose AWS as the primary data center to ensure that our products and services are always available, accessible, and protected.
  • AWS has a global infrastructure securely monitored 24/7 with low latency, low packet loss, and high overall network quality. Plus, the power backup, temperature control, fire detection, and suspension for the on-site physical protection.
  • The AWS data centers are located in various countries worldwide, including the European countries where General Data Protection Regulation (GDPR) is applied. But regardless of location, we strictly follow the compliance mentioned earlier to ensure that your data will be protected under the up-to-date online communication standards.
  • We can provide some of our features to run on the customer's server (based on their requirements). But in that case, we cannot guarantee the security will be at the same level as our primary data center.
  • Additionally, Happenn provides our customers with a white label product, which means you can always customize everything. That includes the data center. If AWS does not match your in-house policies, we are always open to talking about another option.

    • Data Center

  • Happenn system is running on cloud-based architecture with Amazon Web Services. AWS is a service provider that is certified with various categories of global standard certification such as ISO 27001, ISO 27701, ISO 27018, SOC 1, and SOC 2, to name a few.
  • We chose AWS as the primary data center to ensure that our products and services are always available, accessible, and protected.
  • AWS has a global infrastructure securely monitored 24/7 with low latency, low packet loss, and high overall network quality. Plus, the power backup, temperature control, fire detection, and suspension for the on-site physical protection.
  • The AWS data centers are located in various countries worldwide, including the European countries where General Data Protection Regulation (GDPR) is applied. But regardless of location, we strictly follow the compliance mentioned earlier to ensure that your data will be protected under the up-to-date online communication standards.
  • We can provide some of our features to run on the customer's server (based on their requirements). But in that case, we cannot guarantee the security will be at the same level as our primary data center.
  • Additionally, Happenn provides our customers with a white label product, which means you can always customize everything. That includes the data center. If AWS does not match your in-house policies, we are always open to talking about another option.

    • Data Protection

  • Every data communication, such as login or forms, on Happenn's platform will be encrypted with 256 bit SSL/TLS. Typically, we will encrypt every information with the 256 bit SSL/TLS algorithm. But if this encryption does not match your in-house policies, we can always change it to your preferred one.
  • Passwords of all accounts on Happenn's system are hashed (never stored in plain text), and none of our staff can view them. We provide the feature to reset a password when you lose it, but there is no way to retrieve the current one in any format possible.
  • The data access is protected by role-based authentication. This means no one will be able to view any of your data and information unless you permit them first.
  • We regularly do the off-server data backup.
  • We internally and constantly monitor our system and look for any vulnerabilities from time to time. Not just from the system itself but also social engineering, phishing, and scam.
  • Our platform entirely complies with the electronic meeting law for business in Thailand. We are currently in a preparatory phase before submitting our platform for a review by the Electronic Transactions Development Agency (ETDA) shortly. We will update the information as soon as possible with more details when it is certified.
  • We also hire third-party companies to perform the security penetration tests annually to find, fix any vulnerabilities, and continuously improve our protection. The reports are available on request. Please get in touch with hello@happenn.com for more information.

    • Data Protection

  • Every data communication, such as login or forms, on Happenn's platform will be encrypted with 256 bit SSL/TLS. Typically, we will encrypt every information with the 256 bit SSL/TLS algorithm. But if this encryption does not match your in-house policies, we can always change it to your preferred one.
  • Passwords of all accounts on Happenn's system are hashed (never stored in plain text), and none of our staff can view them. We provide the feature to reset a password when you lose it, but there is no way to retrieve the current one in any format possible.
  • The data access is protected by role-based authentication. This means no one will be able to view any of your data and information unless you permit them first.
  • We regularly do the off-server data backup.
  • We internally and constantly monitor our system and look for any vulnerabilities from time to time. Not just from the system itself but also social engineering, phishing, and scam.
  • Our platform entirely complies with the electronic meeting law for business in Thailand. We are currently in a preparatory phase before submitting our platform for a review by the Electronic Transactions Development Agency (ETDA) shortly. We will update the information as soon as possible with more details when it is certified.
  • We also hire third-party companies to perform the security penetration tests annually to find, fix any vulnerabilities, and continuously improve our protection. The reports are available on request. Please get in touch with hello@happenn.com for more information.

    • Data Privacy

  • EU's GDPR: We strictly maintain compliance with the European Union's General Data Protection Regulation (GDPR). Not only for our EU customers but also to take action as an industry standard for customers from all over the world. To learn more about how we do with the GDPR, you can visit this page to learn more.
  • Thailand's PDPA: We also follow the guidelines of local laws of each country where we provide services. For example, we are also compliant with Thailand's Personal Data Protection Act (PDPA) because our base and clients are there.

    • Data Privacy

  • EU's GDPR: We strictly maintain compliance with the European Union's General Data Protection Regulation (GDPR). Not only for our EU customers but also to take action as an industry standard for customers from all over the world. To learn more about how we do with the GDPR, you can visit this page to learn more.
  • Thailand's PDPA: We also follow the guidelines of local laws of each country where we provide services. For example, we are also compliant with Thailand's Personal Data Protection Act (PDPA) because our base and clients are there.

    • Internal Privacy Protocol

  • Our office is secured by keycard and face recognition access.
  • The office network is robustly monitored for suspicious activity.
  • All of our staff have already passed the background check for credit and criminal history before the employment begins. They also signed an agreement to protect all of its confidential information, including the customer's information.
  • We train all employees to understand the importance of data security and privacy and the consequences of getting hacked, scammed, or phished.

    • Internal Privacy Protocol

  • Our office is secured by keycard and face recognition access.
  • The office network is robustly monitored for suspicious activity.
  • All of our staff have already passed the background check for credit and criminal history before the employment begins. They also signed an agreement to protect all of its confidential information, including the customer's information.
  • We train all employees to understand the importance of data security and privacy and the consequences of getting hacked, scammed, or phished.

    • Responsible Disclosure

    If you have discovered any of our potential vulnerabilities, we kindly ask you not to share them publicly. Instead, let us know by submitting that information to us via email at hello@happenn.com or just quickly filling in the form below. We will review all security concerns and respond to you within 24 hours about the progress.

    Responsible Disclosure

    If you have discovered any of our potential vulnerabilities, we kindly ask you not to share them publicly. Instead, let us know by submitting that information to us via email at hello@happenn.com or just quickly filling in the form below. We will review all security concerns and respond to you within 24 hours about the progress.