Skip to content
Sluit
Contact
Phone +31 (0)85 3012 283Email info@productflow.com
Start now
Phone +31 (0)85 3012 283Email info@productflow.com
Start now

All-in-one solution: ProductFlow is the first platform that combines an Integrator with a PIM system, Basic WMS, Repricer and Dashboarding/Insights.

Koopblok winnen met de ProductFlow Repricer
ProductFlow Repricer

Win the buybox within 10 to 30 minutes and optimize your selling price.

Read more

Marketplaces
Integrator

Offer your products easily and quickly on multiple marketplaces and/or webshops.

Read more

Producten
PIM System

Efficient management of all your content on multiple sales channels.

Read more

Bestellingen
Basic WMS

Overcome logistical challenges as you scale your e-commerce business.

Read more

Datatool
Dashboarding & Insights

View and adjust all data from your sales channels in one dashboard.

Read more

Click here to view all sales channels. You can easily and efficiently manage both webshops and marketplaces in ProductFlow.

Marketplaces

Offer your assortment on marketplaces within a few clicks.Marketplaces in ProductFlow platform-1

View all marketplaces here.

Webshops

Manage your webshops easily and quickly from ProductFlow.Webshops in ProductFlow platform-1

View all webshops here..

Security measures

It's our duty to keep your data secure. While we don’t like to expose too much detail — as secrecy is part of security — the following technical and organizational measures may give you some confidence:
TABLE OF CONTENTS
loading...

Service scope

ProductFlow provides Product Information Management and Order Management services, providing clients a single interface from which they manage all there product content and order fulfilment tasks.

Data centers

ProductFlow's physical infrastructure is hosted and managed within Amazon’s secure data centers on Amazon Web Service (AWS) technology. These data centers are certified under a number of security standards, including:

  • ISO 27001
  • SOC 1 and SOC 2/SSAE 16/ISAE 3402
  • PCI Level 1
  • FISMA Moderate
  • Sarbanes-Oxley (SOX)

AWS enforces a high level of physical security to safeguard their data center with military grade perimeter controls and security staff at all points of ingress. As for environmental protection, AWS has sophisticated fire detection and suppression equipment, fully redundant power infrastructure with integrated UPS units and high-end climate control systems to guarantee an optimal working environment for the hardware. For a more in-depth view, we refer you to the AWS Security Center.

SysOps

A multi-tier security strategy is employed. On the inside, each Node is built around a hardened Linux kernel, which enforces strong privilege and resource separation mechanisms at OS level. All operating systems and software components are kept up-to-date.

At the next tier, each Node exists within isolated virtual containers, which guarantee complete logical separation of Apps. Each App runs within its own isolated environment and cannot interact with other applications or areas of the system. In addition, the container technology allows hard resource capping, which reduces the bad neighbor effect of shared environments to a bare minimum. The setup is designed in a flexible manner to isolate or boost resources quickly.

Penetration testing

Third party security testing is performed by independent security researchers at irregular intervals. Findings from each vulnerability assessment are reviewed with the assessors, risk ranked and resolved swiftly.

Abuse monitoring

User and system activity is monitored for signs of abuse — by algorithms and humans.

Firewalling

On the outside, network firewalling and hardened TCP/IP stacks to mitigate resource exhaustion attempts are utilized. Sniffing and spoofing attacks are prevented through the underlying infrastructure.

By default all outgoing traffic on all ports, except for standard ones (http, https, dns etc)

Web interface

All communication with the Web interface is encrypted via TLS. By default users are going to get logged out after some time of inactivity. For "dangerous actions" re-authentication is required. 2FA is available.

Internal protocols

All employees are trained in safety aspects and best security practices, including how to identify social engineering, phishing scams, and hackers. All employees agree to privacy safeguard policies outlining their responsibility in protecting client data.

Binding internal security policies that are evaluated on a regular basis are in place. It is regularly checked whether all responsibilities have been clearly assigned and that they are practicable. There are documented rules and contingency plans.

The computer systems of employees are secured by encrypted file systems and password authentication.

Access control

All server accesses are equipped with individual minimum rights and are transmitted in encrypted form. SSH access is "jailed" with outbreak prevention. Access will only be via key-pair authentication and where possible through multi-factor authentication. All connections to the server are via encrypted channels and protocols.

Cryptography

All Personal Identifiable information (PII) and sensible access data is stored "hashed + salted". Asymmetric encryption and AES (Advanced Encryption Standard) encryption are used.

Data Retention

All Personal Identifiable information (PII) will be purged after 30 days after creation. If it is required by law to retain archival copies of PII for tax or similar regulatory purposes, then this should be requested directly from the Marketplace itself.

Supplier relationships

All subcontractors are tested for privacy and security suitability. There are appropriate terms in place.