YouLi Security Policy

SECURE SOFTWARE FOR ORGANIZING TRIPS

Less Stress Organizing Group Trips

We take security seriously and recognize our responsibility to keep your data secure. We continually review our code and processes for potential vulnerabilities and we take new measures wherever possible to further ensure the security of your data. 

On this page we share some of the core things YouLi does to maintain security. To do a security or GDPR audit, please start a chat with us to arrange at your convenience.

Easy to Use Software for Organizing Group Trips

Customer data

We know that the data you enter about trips and collect from travelers can be free-form, and could contain all kinds of information about our customers and other people they correspond with, including data of the most confidential sort.

For this reason, we treat all personal data belonging to our customers as Customer Confidential (“your data”), which is the highest level of protection within our data modeling.

To provide the services we offer, it is necessary for our computer systems to process unencrypted and unobfuscated data (for example: to build the search indexes, or to send automated notifications). However, this is only done on secured servers that only authorized staff have access to.

Files that are uploaded are stored encrypted at rest as well as in transit.

secure access to trips

An HTTP Strict Transport Security header is sent with all of our webpages. This tells all modern browsers to only connect to us over an encrypted connection, even if you have a bookmark, click a link or type a URL to an insecure page at our site.

That is why your Travelers can trust that they sending their personal information securely to our servers and you can only view them over a secure connection.

content security policy

We do not allow the inclusion by Users of 3rd party Javascript or other scripting into our Trip Pages to ensure no malicious code is delivered to travelers via the Trip Pages we host on your behalf.

We only allow necessary connections

Many unexpected forms of attack come from failing to close potential vulnerabilities, including database port access, SSH port access, and so forth. We use port level + IP access restrictions to only allow connections to the services provided by each machine from necessary hosts.

we keep track of software updates

All software contains bugs, even software from Microsoft and Apple. So we track the software we rely on and install any security patches as soon as possible once they are made available.

We apply OS security patches as soon as possible. In most cases, an update for a security problem will be available within hours of the original report. 

All software contains bugs, even software from Microsoft and Apple. So we track the software we rely on and install any security patches as soon as possible once they are made available.

We apply OS security patches as soon as possible. In most cases, an update for a security problem will be available within hours of the original report. 

physical location security

Our main servers are located in US Amazon data centers. Their facilities are high security and video monitored; with backup power, air conditioning, fire systems, 24x7x365 monitoring, and onsite technical support. 

staff access to your data

We limit staff access to customer data as strictly as their roles require.

Due to the nature of their jobs, it is necessary for our operations staff to have access to the systems where customer data is processed. The staff who do require access to production servers for their jobs are aware of their responsibility to protect the confidentiality of your data, and only access that data where it’s required either to provide customer support or for operational necessity.

Where possible, our systems are designed to allow our support and operational staff to perform their duties without being exposed to your data. Where possible, obfuscated data is presented (like to debug display problems). Where possible, your explicit consent is sought if viewing unobfuscated data is necessary.

Due to the nature of their jobs, it may be necessary for our security and fraud staff to have access to deobfuscated customer and payment data or other personal information.

Sometimes we anonymize your information, for example creating a test case that reproduces a bug found with your data, by making a case which will trigger the same bug without containing any confidential or personally identifying information.

Password encryption

Where you are using a password to access our systems, we store that password in a non-reversible encryption scheme using current best practices.

Where we are storing a key used to access other systems on your behalf (for example, connecting to Stripe or Square) only the public key is stored in accordance with modern API security.

Connections to Xero require session based authentication and the tokens are only stored long enough to complete the requested push.

transfer of confidential data with third parties

YouLi’s value proposition is “service in exchange for money”. We don’t ever sell or monetize confidential data or even “aggregate customer data”.

As part of our commitment to the technical community, we do sometimes share statistical data (for example the average time to create a trip, or the percentage of pages that process online payments or in written particular languages) which is useful to help us all build better software.

We use third party hosted services for bug tracking, support, exception alerting and communications. While we don’t send bulk data through any of these services, small pieces of your data may wind up in core dumps, in support ticket updates, inside bug descriptions (we obfuscate where possible, but sometimes the raw data is needed) or in chat messages where colleagues share snapshots of what they’re looking at.

destruction of data

Some of the features of our products are designed specifically around not losing data, so while you want us to retain your data, it is replicated to multiple systems and backed up.

When you request destruction of your data by deleting specific items, or closing your account, the data is removed in a time-delayed manner. This both allows you to change your mind (undo, or restore from backup), and allows for the possibility that if your account is compromised and the attacker tries to delete everything, we can recover the data.

We also collect some data which is personally identifiable as a side effect of the system monitoring and logging which we require for our operational stability.

Destruction of system logs

System logs are retained for 180 days before being deleted. We have a legitimate interest in having those logs available both to ensure the reliable operation of our systems, and to provide evidence of activity when users report unexpected states in their account.

Destruction of backup data

The backup copies of data are pruned on an “as-needed” basis based on the ratio of space that would saved by re-compacting them. At the moment there is no guarantee that a particular trip or user will be purged on a timeline, however our support can perform an immediate prune for a particular account on request.

Destruction of data after account closure

After an account is terminated, data and backups are purged within a timeframe of between 37 days to 1 year after closure depending on how long the account was active for, and whether the account was explicitly closed or lapsed due to lack of payment.

 

Limitations

While communication between your computer and our servers is encrypted, any email that you send using YouLi may have to pass over the internet in an unencrypted form (although our service providers attempt to encrypt it wherever possible). This is why we only ever send alerts that prompt you to log in securely to YouLi as a Planner or to view a Trip Page securely with a Magic Link as a Traveler.

We won’t release any data without the required legal authorisation from an Australian court. As an Australian company, we do not respond to US court orders.