Security Center
Your Source For Our Latest Security & System Information
Customer Security Responsibilities
SAFEGUARD PASSWORDS
Keep your user passwords safe by following these tips.
- Use a strong password that is difficult for others to guess and avoid birthdays, names, and pet’s names. Be creative: think of a special phrase and use the first letter of each word as your password. Substitute numbers for some words or letters. For example, “I want to see the Pacific Ocean” could become 1W2CtPo
- Use more symbols and numbers in passwords. The reality is that longer, more complex logins are harder to breach.
- Never write down your password or share it with others.
- Never provide your Botdoc account login or password, credit card number, or other personal information via email or to unknown parties.
Note: Botdoc will never ask you for your password.
Exercise caution using public computers (coffee shops, library, airport, hotel): Public web browsers can cache personal data and store login details. Always log off of web sites and clear the browser cache to protect your personal information, passwords, and accounts.
SAFELY DISPOSE OF PERSONAL INFORMATION
Before you dispose of a computer, get rid of all the personal information it stores. Use a wipe utility program to overwrite the entire hard drive.
Before you dispose of a mobile device, check your owner’s manual, the service provider’s website, or the device manufacturer’s website for information on how to delete information permanently, and how to save or transfer information to a new device. Remove the memory or subscriber identity module (SIM) card from a mobile device. Remove the phone book, lists of calls made and received, voicemails, messages sent and received, organizer folders, web search history, and photos.
AVOID PHISHING EMAILS
Don’t open files, click on links, or download programs sent by strangers. Opening a file from someone you don’t know could expose your system to a computer virus or spyware that captures your passwords or other information you type.
READ PRIVACY POLICIES
Yes, they can be long and complex, but they tell you how the site maintains accuracy, access, security, and control of the personal information it collects; how it uses the information, and whether it provides information to third parties.
REPORT ISSUES
System failures, suspected breach, or general incident
If you are experiencing a system failure, suspect some type of technical incident or breach, or have a general issue, please contact us at support@botdoc.io
Suspicious Emails
If you believe you may have received a fake email, forward the entire email – including the header information – to us at: support@botdoc.io, then delete it from your mailbox.
Security Incidents/Breach
If you find or suspect a security incident, please report this to us at: support@botdoc.io
Unethical Behaviors
Please report this to us at: anonymous@botdoc.io
SECURITY ASSURANCE
Key Security Features
Security is part us, and part you. That’s why we’ve developed best practices for securing your Botdoc-powered applications.
Data Encryption
Files are encrypted in transit (only strong cipher suites) and at rest (AES-256).
Authentication
Two-factor authentication with RSA, SecurID or a digital certificate as well as Active Directory integration.
Network Security
Auto Scaling Firewalls, DDoS Protection, traffic filtering and penetration tests.
Access Controls
Access rights, permissions, and ethical walls based on users and groups.
ISO 27002:2013 & ISO/IEC 27017:2015
Botdoc is ISO27002:2013 certified through MS Azure. This is the highest level of global information security assurance available today, and provides customers assurance that Botdoc meets stringent international standards on security. ISO/IEC 27017:2015 certification, an international standard that aligns with and complements the ISO/IEC 27002:2013 with an emphasis on cloud-specific threats and risks.
Application Security
Static and dynamic application scans, comprehensive logging, and adherence to programming best practices (OWASP Top Ten, etc).
Service Organization Controls (SOC)
Annual Type 2 SOC 2 and SOC 2+ audits based on standards set by the AICPA.
PCI DSS
Botdoc maintains compliance with the current version of the PCI Data Security Standard (DSS) to ensure safe and secure handling of credit card holder information. As overseen by the Payment Card Industry Security Standards Council (PCI SSC), Botdoc places stringent controls around cardholder data as both a service provider and merchant.
HIPAA Compliant
Full compliance with the Health Insurance Portability and Accountability Act of 1996 for privacy, security, and breach notification rules for data storage.
Privacy Shield Certified
Botdoc complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.
FERPA Compliant
Compliant with the US Department of Education regarding data privacy, confidentiality, and security practices related to student-level longitudinal data systems and other uses of student data.
GDPR Compliant
Compliant with processing and holding the personal data of subjects residing in the EU.
GLBA
The Gramm-Leach-Bliley Act (GLB Act or GLBA) is the United States federal law that makes it mandatory for the financial institutions to share their methodology to protect the customers’ financial information. Botdoc follows all safeguard rule requirements and practices to ensure functioning in compliance with standards at all times.
Updates and Alerts
Routine maintenance, new features, fixes, updates and other important announcements!
(For best results please clear your browser history/cache after updates)
Botdoc API Planned Maintenance – New Version Sunday April 11, 2021
Hello API Developers,
On Sunday April 11th at 1:00am MST there will be scheduled down time to perform upgrades to Botdoc API. We anticipate this planned outage will take approximately 1 hour to perform.
We’re adding some BIG features to Botdoc’s API Developers platform, which include:
- Added ability to remove Recipient(s) from existing P2 Container(s).
- Added ability to send Feature(s) to specific Recipient(s) of a Container, so only the recipient can see and perform actions on a given Feature(s).
- Added code samples for adding/removing Recipient(s) from a P2 Container as sending Feature(s) to specific Recipient(s) of a Container.
- Added one additional state to the Feature object, “created”. When creating Feature(s) on the fly for a Container that was already sent, there are a few scenarios where it may be necessary to create a given Feature in a hidden state (it won’t be visible to the user once created). Any Feature in a “pending” state is shown to the user receiving and that is the default state when creating any Feature(s). The new state “created” gives the ability to users to create Feature(s) that won’t be shown to the receiving users right after its creation considering the Container has already been sent. This allows you to perform any checks or changes to a Feature(s) before actually displaying to the receiving user. If you do create Feature(s) in this state, you will need to perform an additional call informing Botdoc your new Feature is ready to be displayed.
- Improved email validators on Developer Portal – Dashboard Wizard
- Added French translation to a P2 Container
- Added “expires_at” attribute to a Container or Request View on Developer portal
Affected Product/Service: API Production Interface ONLY (Sandbox has this version as of Mar 26th)
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc is expanding NEW features to our developers. These new updates and features expand capabilities providing more advancements to our developers regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us on Slack at https://botdoc.io/slack/ or api@botdoc.io
Thanks,
Botdoc API Team
SERVICES BACK TO NORMAL – Disruptions of Botdoc NOW product and API Service
Dear Customers,
We have confirmed with Microsoft Azure that all is functioning correctly and services are responsive therefore ALL Botdoc services are back to normal.
Even though this was out of our hands, we are sorry for this inconvenience.
Botdoc Team
Disruptions Of Botdoc NOW Product And API Services
Dear Customers,
We have an issue effecting services on Microsoft Azure, Azure DNS service is down globally and is affecting ALL Botdoc services. We are investigating it and troubleshooting and will have more information to you ASAP.
Sorry for this inconvenience.
Botdoc Team
Botdoc API SANDBOX Update/New Version March 26th, 2021
Hello API Developers,
Botdoc will have some new updates running in our SANDBOX environment on March 26th 2021 @ 8pm MST!
These updates will hit our production servers estimated Sunday April 11, 2021 at 1am MST. We will send another email next week confirming.
Remember, we are changing our LIVE deployment process.
A week or two before a Production deployment, we will make the new version available in our Sandbox environment. This will give developers/clients the opportunity to perform tests with a new version if they feel they need based on the changelog of the new version. Any tweaks and changes found by developers will take place during this testing phase in Sandbox if needed before rolling to Production.
Here are the features to Botdoc’s API Developers SANDBOX platform:
- Added ability to remove Recipient(s) from existing P2 Container(s).
- Added ability to send Feature(s) to specific Recipient(s) of a Container, so only the recipient can see and perform actions on a given Feature(s).
- Added code samples for adding/removing Recipient(s) from a P2 Container as sending Feature(s) to specific Recipient(s) of a Container.
- Added one additional state to the Feature object, “created”. When creating Feature(s) on the fly for a Container that was already sent, there are a few scenarios where it may be necessary to create a given Feature in a hidden state (it won’t be visible to the user once created). Any Feature in a “pending” state is shown to the user receiving and that is the default state when creating any Feature(s). The new state “created” gives the ability to users to create Feature(s) that won’t be shown to the receiving users right after its creation considering the Container has already been sent. This allows you to perform any checks or changes to a Feature(s) before actually displaying to the receiving user. If you do create Feature(s) in this state, you will need to perform an additional call informing Botdoc your new Feature is ready to be displayed.
- Improved email validators on Developer Portal – Dashboard Wizard
- Added French translation to a P2 Container
- Added “expires_at” attribute to a Container or Request View on Developer portal
Affected Product/Service: Botdoc API Sandbox only
Why we’re doing this:
This will give developers/clients the opportunity to perform tests in the SANDBOX with a new version if they feel they need based on the changelog of the new version.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us on Slack at https://botdoc.io/slack/ or api@botdoc.io
Thanks,
Botdoc API Team
Botdoc NOW Planned Maintenance March 21, 2021
On Sunday, March 21, 2021 at 1am MST there will be scheduled down time to perform upgrades to Botdoc. We anticipate this planned outage will take approximately 1 hour to perform.
We’re adding some BIG features to Botdoc’s platform, which include:
- Security updates
- Instagram link added to Personal profile/URL pages
- Owners can now create custom fields/Icons to Personal profile/URL pages
- Billing and Pricing updates
- New Website design – check us out https://botdoc.io/
Note: Not all features and updates are supported by Internet Explorer
Affected Product/Service: Botdoc Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@botdoc.io
Thanks,
Botdoc Team
Botdoc API Planned Maintenance – December 19, 2020
Hello API Developers,
On Saturday, December 19, 2020 at 1:00am MST there will be scheduled down time to perform upgrades to Botdoc API. We anticipate this planned outage will take approximately 1 hour to perform.
We’re adding some BIG features to Botdoc’s API Developers platform, which include:
- Added ability to remove an Apikey from the account
- Added ability to generate a new Apikey code
- Added a new endpoint for the PushFileDownload object. From this endpoint you may retrieve all downloads for a given object PushFile.
- Added a new transport method for Office 365 via oAuth
- Added a new transport method for Google via oAuth
- Add iFrame P2 feature (beta)
- Added attribute “max_files” to PushPull object
- Improved the callback functionality. Increase retries to 10, increase backend timeout to 30 seconds.
- Add a new attribute to the callbacks called “callback_identifier”. That is a unique hash generated from the contents of the payload and the callback type. That is a unique field among all your callbacks.
- Callback of type “container_feature_push_file_download” has been added. This callback will be executed when each file inside a P2 – Push is downloaded.
- Added ability to enable/disable a P2 session chat
- Added additional charts to the Billing panel to retrieve expenses
- General bug fixes
- NOTE: Botdoc has two new additional IP addresses. If you control the IPs in your firewall you should allow/add the following new IPs: 52.189.65.58 and 52.154.218.78
Affected Product/Service: Botdoc API Sandbox and API Production Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc is expanding NEW features to our developers. These new updates and features expand capabilities providing more advancements to our developers regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us on Slack at https://botdoc.io/slack/ or api@botdoc.io
Thanks,
Botdoc API Team
Botdoc APP Planned Maintenance Outage/Updates November 8, 2020
On Sunday November 8, 2020 @ 2am MST there will be scheduled down time to perform upgrades to Botdoc. We anticipate this planned outage will take approximately 1 hour to perform.
We’re adding some BIG features to Botdoc’s platform, which include:
- P2 (Botdoc 2.0) – Remotely and digitally transact ALL phases of business within ONE encrypted container/session – BETA
-
- Push Data/Docs
- Pull Data/Docs
- Chat – real time with your customers
- E-Sign
- Google and Outlook 365 SMTP options
- UI Improvements
- Terms of Service update
- Security Updates
- Bug Fixes
Current Botdoc Users: We encourage you to review the Terms of Service update and familiarize yourself with the changes that are being made. If you continue to use Botdoc after November 8, 2020 you agree to be bound by these new terms.
Note: Not all features and updates are supported by Internet Explorer
Affected Product/Service: Botdoc Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@botdoc.io
Thanks,
Botdoc Team
Botdoc APP Planned Maintenance Outage/Updates August 30, 2020
On Sunday August 30 @ 4am MST there will be scheduled down time to perform upgrades to Botdoc. We anticipate this planned outage will take approximately 1 hour to perform.
We’re adding some BIG features to Botdoc’s platform, which include:
- NEW Paid Custom Features (PUSH side – View user details) – Contact us for details
- Activity Reports improved
- Security Improvements
- Viewable PUSH documents inside details page
- Bug Fixes
Note: Not all features and updates are supported by Internet Explorer
Affected Product/Service: Botdoc Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users regarding secure transport of data between two points.
Why we’re doing this:
Botdoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@botdoc.io
Thanks,
Botdoc Team
Botdoc APP Planned Maintenance Outage/Updates July 26, 2020
On Sunday July 26 @ 4am MST there will be scheduled down time to perform upgrades to Botdoc. We anticipate this planned outage will take approximately 2 hours to perform.
We’re adding some BIG features to Botdoc’s platform, which include:
- NEW Push and Pull Link pages, new layout and increased Web Accessibility
- NEW Paid Custom Features – Contact us for details
- Team Usage Report (see how many Requests your users send out)
- Team Reports generated in XLSX instead of CSV
- Email method (SMTP) using only SPF Record on your DNS
- Added Pull Request 14 day trackable timeline
- Email Request Page Disclaimer is now showing on all Pull Request Links (SMS request links included)
- Team Admins and Owners now have changed privileges/permissions
- 2FA login can now be re-sent to mobile or email
- Bug fixes
Note: Not all features and updates are supported by Internet Explorer
Affected Product/Service: Botdoc Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@botdoc.io
Thanks,
Botdoc Team
Botdoc APP Planned Maintenance Outage/Updates June 8, 2020
On Monday, June 8 at 3am MST there will be scheduled down time to perform upgrades to Botdoc. We anticipate this planned outage will take approximately 1 hour to perform.
We’re adding some BIG features to Botdoc’s platform, which include:
- Support Access via Dashboard
- Help Desk Access via Dashboard
- Training video Access via Dashboard
- Team logo added to all user dashboard
- 2FT updates (get code vs auto generate)
- Custom configurations for DNS white label
- Bug fixes
Note: Not all features and updates are supported by Internet Explorer
Affected Product/Service: Botdoc Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@botdoc.io
Thanks,
Botdoc Team
Botdoc APP Planned Maintenance Outage/Updates May 11, 2020
On Monday, May 11 at 3am MST there will be scheduled down time to perform upgrades to Botdoc. We anticipate this planned outage will take approximately 1 hour to perform.
We’re adding some BIG features to Botdoc’s platform, which include:
- Password Policy for Teams; A Team can now setup password expirations to force its users to update passwords; When password Policy is on, we do not allow the user to use the same last 7 passwords
- Updated Email Template
- Team Emails and Public pages have branding which includes Team logo and background color
- Bug Fixes on the SMTP Configuration
- Integration with Mailgun to send emails using the API instead of SMTP
- Search feature on Push, Pull and audit pages
- Search by status on Pull pages – pending download, completed or last updated
- Team can export a CSV report which includes users login and transaction activity
- IP GEO location added to Push, Pull and Audit details page – to better identify metadata of the Requests
- Add a custom message on email Push and Pull notifications
- Super User Team Admin – change a user’s password to allow Admin access to account
- Bug fixes
Affected Product/Service: Botdoc Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@botdoc.io
Thanks,
Botdoc Team
Botdoc API Planned Maintenance – April 17, 2020
On Friday, April 17, 2020 at 3:00am MST there will be scheduled down time to perform upgrades to Botdoc API. We anticipate this planned outage will take approximately 1 hour to perform.
We’re adding some BIG features to Botdoc’s API Developers platform, which include:
- Chat feature added to P2 Container. This new feature allows you to have a real-time conversation with all Recipients within the same Container
- General bug fixes in the DocuSign Feature
- Added type link on the RecipientItem entity. This type won’t send anything out of our API. It will instead return an attribute called link filled with the URL for that RecipientItem session. Keep in mind that this attribute is available only after you send a Container, otherwise it will be set as null
- Added the attribute link of a RecipientItem to the response of the endpoint call to send a Container.
Affected Product/Service: Botdoc API Sandbox and API Production Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc is expanding NEW features to our developers. These new updates and features expand capabilities providing more advancements to our developers regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us on Slack at https://botdoc.io/slack/
Thanks,
Botdoc API Team
Botdoc API Planned Maintenance – January 9, 2020
On Thursday, January 9, 2020 at Midnight MST there will be scheduled down time to perform upgrades to Botdoc API. We anticipate this planned outage will take approximately 2 hours to perform.
We’re adding some BIG features to Botdoc’s API Developers platform, which include:
- New Functionality called P2 Container released in Beta, the container can have multiple features, this way is possible in the same session to perform multiple actions without needing to send more than one URL, the container now have these features:
- Pull
- Push
- DocuSign (Beta); requires a DocuSign account to configure and use.
- White labeling function had a few layout updates to accommodate the new functionality.
- There’s a new tool on the developer dashboard that helps the users understand how the flow of Botdoc requests work, providing a CURL code of the process.
- Update on the request view on the developer dashboard.
- Twilio API Account can now be configured as new SMS Transport Method can be configured.
- TFA of the requests are now using default custom transportation method SMTP/SMS configured per API Key.
- Extra Security on the account verification email.
- Audit trails now have support for page count and total entries, also extra filters for improved audit trail search
- Improvements and Bug Fixes.
Affected Product/Service: Botdoc API Sandbox and API Production Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc is expanding NEW features to our developers. These new updates and features expand capabilities providing more advancements to our developers regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us on Slack at https://botdoc.io/slack/
Thanks,
Botdoc APP update regarding enabling SMTP configurations
Due to a current change on
our Outbound IP Address Strategy, we now have several IP Addresses that the
connection could come from. This IP address does not normally change, but
if it does Botdoc will send an email in advance letting you know.
If you or your company has an IP Blocking Limitation due to Security, you will
have to enable this List of IP Addresses on your SMTP Firewall ,
52.165.168.40,52.165.227.9,52.165.224.93,13.89.185.131,13.89.186.120,13.89.191.30,13.89.185.138,52.173.147.98
Why we are doing this:
Timeout Errors may occur during SMTP set up, which means Botdoc servers cannot
connect and send to the SMTP server to send the Test Email to validate the
credentials inputted on the system.
If you have any questions or concerns you can reach us at support@botdoc.io
Thanks,
Botdoc Team
Botdoc APP Planned Maintenance Outage/Updates May 8, 2019
On Wednesday,
May 8 at 3am MST there will be scheduled down time
to perform upgrades to
Botdoc. We anticipate this planned outage will take approximately 1 hour
to perform.
We’re adding some BIG features to Botdoc’s platform, which include:
- Copy and Paste multiple emails and mobile numbers to Requests
- Push/Pull language added to the Dashboard
- 2 Factor Authorization upgrades
- Privacy Policy Update
Click here to view Botdoc’s new Privacy Policy. If you do not agree to the new Privacy Policy, please do not use our website, mobile apps or online services after May 8th, 2019. Your continued use of our website, mobile apps or online services is your consent to the new Privacy Policy.
Affected Product/Service: Botdoc Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@botdoc.io
Thanks,
Botdoc Team
Botdoc API Planned Maintenance – March 6, 2019
On Wednesday, March 6 at Midnight MST there will be scheduled down time to perform upgrades to Botdoc API. We anticipate this planned outage will take approximately 1 hour to perform.
We’re adding some BIG features to Botdoc’s API Developers platform, which include:
• New endpoint for media integrity check (implementation details on the documentation)
• Increased the length and security of the URL short code
• Change password rules to follow strong password methodologies
• Improvements in the dashboard white label layout
• bug fixes
Affected Product/Service: Botdoc API Sandbox and API Production Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc is expanding NEW features to our developers. These new updates and features expand capabilities providing more advancements to our developers regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us on Slack at https://botdoc.io/slack/
Thanks,
Botdoc API Team
BotDoc Planned Maintenance Outage/Updates Dec 23 2018
On Friday, November 23rd at 9pm EST there will be scheduled down time to perform upgrades to Botdoc. We anticipate this planned outage will take approximately 1 hour to perform.
Affected Product/Service: Botdoc Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc has received great feedback from its USERS therefore our team is expanding NEW features and upgrades to our clients. These new updates and features expand capabilities providing more advancements to our users regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@botdoc.io
Thanks,
Botdoc Team
08/20/2017 BotDoc Planned Maintenance Outage/Updates
On Monday, August 20th at 9am UTC (7 ET, 6 CT, 5 MT, 4 PT) there will be scheduled down time to perform upgrades to Botdoc. We anticipate this planned outage will take approximately 1 hour to perform.
We’re adding some BIG features to Botdoc’s platform, which include:
- Mobile and Office phone now available on virtual business card snapshot on completed Requests
- Re-send button available on Requests and Sends
- Stop/Kill button on Sends
- Enhancements of large file size downloads
- Drag-and-Drop feature for uploads (grab multiple files at once)
Affected Product/Service: Botdoc Interface
Expected Behavior:
Botdoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
Botdoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users regarding secure transport of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@botdoc.io
Thanks,
Botdoc Team
GDPR UPDATE
The General data protection regulation
The EU’s new data privacy law, the General Data Protection Regulation, goes into effect on May 25, 2018 and applies not only to EU-based organizations, but also to anyone who has customers or contacts in the EU.
We are actively preparing our business and compliance processes for the GDPR to take effect, and this guide is intended to help our customers do the same. Please note that this guide is for informational purposes only and should not be relied upon as legal advice. We encourage you to work with legal and other professional counsel to determine precisely how the GDPR might apply to your organization.
What and Who
The GDPR is a European Union (EU) privacy law that will affect businesses around the world when it becomes enforceable on May 25, 2018. It regulates how any organization that is subject to the Regulation treats or uses the personal data of people located in the EU. Personal data is any piece of data that, used alone or with other data, could identify a person. If you collect, change, transmit, erase, or otherwise use or store the personal data of EU citizens, you’ll need to comply with the GDPR.
The GDPR will replace an older directive on data privacy, Directive 95/46/EC, and it introduces a few important changes that may affect Botdoc users.
A regulation such as the GDPR is a binding act, which must be followed in its entirety throughout the EU. The GDPR is an attempt to strengthen, harmonize, and modernize EU data protection law and enhance individual rights and freedoms, consistent with the European understanding of privacy as a fundamental human right. The GDPR regulates, among other things, how individuals and organizations may obtain, use, store, and eliminate personal data. It will have a significant impact on businesses around the world.
Who does it affect?
The scope of the GDPR is very broad. The GDPR will affect (1) all organizations established in the EU, and (2) all organizations involved in processing personal data of EU citizens. The latter is the GDPR’s introduction of the principle of “extraterritoriality”; meaning, the GDPR will apply to any organization processing personal data of EU citizens—regardless of where it is established, and regardless of where its processing activities take place. This means the GDPR could apply to any organization anywhere in the world, and all organizations should perform an analysis to determine whether or not they are processing the personal data of EU citizens. The GDPR also applies across all industries and sectors.
There are a few definitions that will aid the understanding of the GDPR’s broad scope.
What is considered “personal data”?
Per the GDPR, personal data is any information relating to an identified or identifiable individual; meaning, information that could be used, on its own or in conjunction with other data, to identify an individual. Consider the extremely broad reach of that definition. Personal data will now include not only data that is commonly considered to be personal in nature (e.g., social security numbers, names, physical addresses, email addresses), but also data such as IP addresses, behavioral data, location data, biometric data, financial information, and much more.
Sensitive personal data, such as health information or information that reveals a person’s racial or ethnic origin, will require even greater protection. You should not store data of this nature within your Botdoc account.
What does it mean to “process” data?
Per the GDPR, processing is “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.” Basically, if you are collecting, managing, using or storing any personal data of EU citizens, you are processing EU personal data within the meaning prescribed by the GDPR. This means, for example, that if any of your Botdoc accounts contain the email address, name, or other personal data of any EU citizen, then you are processing EU personal data under the GDPR.
Do you need to comply with the GDPR?
You should consult with legal and other professional counsel regarding the full scope of your compliance obligations. Generally speaking, however, if you are an organization that is organized in the EU or one that is processing the personal data of EU citizens, the GDPR will apply to you. Even if all that you are doing is collecting or storing email addresses, if those email addresses belong to EU citizens, the GDPR likely applies to you.
Data Controllers and Data Processors
GDPR carries over the concepts of data controllers and data processors from the Directive. Similar to the Directive, data controllers and data processors have different obligations under GDPR. Therefore, it’s important to understand whether you’re acting as a data controller or a data processor in relation to the various categories of personal data you process.
WHO IS A DATA CONTROLLER?
GDPR defines a data controller as “the natural or legal person, public authority, agency or another body which, alone or jointly with others, determines the purposes and means of the processing of personal data.” In other words, if your organization processes personal data for your own organization’s purposes and needs—not merely as a service provider acting on behalf of another organization—then you are likely to be a data controller.
When Botdoc processes your Customer Account Data, meaning you have created an account, the Botdoc entity with whom you are contracting is acting as a controller.
WHO IS A DATA PROCESSOR?
Businesses or organizations that process personal data solely on behalf of, and as directed by, data controllers are data processors. In other words, when a data controller outsources a data processing function to another entity, that other entity is generally a data processor.
When our customers use our Services, we process and store certain information on their behalf as a data processor. For example, when a customer (or the customer’s Authorized Users) uploads or downloads files or other documents for review we act primarily as a data processor and process information on the customer’s behalf and in accordance with their instructions. In those instances, the customer as the data controller is responsible for most aspects of the processing of the information.
Will Botdoc comply with the GDPR?
Botdoc is excited about the GDPR and the strong data privacy and security principles that it emphasizes, many of which Botdoc instituted long before the GDPR was enacted. At Botdoc, we believe that the GDPR is an important milestone in the data privacy landscape, and we are committed to achieving compliance with the GDPR on or before May 25, 2018.
Botdoc’s GDPR preparation started more than a year ago, and as part of this process we are reviewing (and updating where necessary) all of our internal processes, procedures, data systems, and documentation to ensure that we are ready when the GDPR goes into effect. While much of our preparation is happening behind the scenes, we are also working on a number of initiatives that will be visible to our users. We are, among other things:
- Updating our Data Processing Addendum to meet the requirements of the GDPR in order to permit you to continue to lawfully transfer EU personal data to Botdoc and permit Botdoc to continue to lawfully receive and process that data;
- Updating our third-party vendor contracts to meet the requirements of the GDPR in order to permit us to continue to lawfully transfer EU personal data to those third parties and permit those third parties to continue to lawfully receive and process that data;
- Analyzing all of our current features to determine whether any improvements or additions can be made to make them more efficient for those user’s subject to the GDPR;
- Evaluating potential new GDPR-friendly features to add to our application.
Botdoc has self-certified to both the EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield regimes, and lawfully transfers EU/EEA personal data to the U.S. pursuant to our Privacy Shield Certification. We also complete a SOC II Type 2 examination on an annual basis for the Trust Principal Criteria of Security, Processing Integrity, Confidentiality, and Availability.
DATA SUBJECTS’ RIGHTS
In addition, we will be prepared to address any requests made by our customers related to their expanded individual rights under the GDPR:
Right of Access As noted above under the principle of “lawfulness, fairness, and transparency,” data processing must be transparent. Hand in hand with that, data subjects have a “right of access” to obtain from a controller a copy of their personal data being processed, as well as information about that processing, such as how and why their personal data is processed, how long it will be processed, and whom it has been shared with (see Article 15).
Right to Rectification Data subjects have a right to ask a controller to rectify inaccurate personal data about them being processed by an organization. And, in appropriate circumstances, data subjects have a right to complete any incomplete personal data about them (see Article 16).
Right to Be Forgotten The right to be forgotten, though implied under the Directive, is now clearly codified in GDPR in Article 17. Data subjects generally have a right to request that a controller erase their personal data.
Right to Restriction of Processing Similar to the right to be forgotten, data subjects have a right to request that a controller restrict processing of their personal data (see Article 18).
Right to Data Portability GDPR introduces a new data subject right: the right to data portability. This right requires controllers to make it easy for data subjects to take their personal data with them to another organization. In other words, they should be able to take their personal data out of one business’s system and move it to another business’s system (see Article 20).
Right to Object Controllers whose lawful grounds for processing personal data are legitimate business purposes (see the first principles of data protection, above) must allow data subjects a right to object to the processing of their data. The data subject’s wishes must be respected, unless the business has a more compelling interest in processing the personal data than the data subject’s interests in not having their data processed (see Article 21).
A common scenario where this comes up is in the context of marketing communications. When a data subject objects to their personal data being used for direct marketing purposes, their wishes must be respected. A data subject’s interest in not being marketed to is more compelling than your interest in marketing to him or her. Further, no later than the very first marketing communication with a data subject, they must be made aware of their right to object to further use of their personal data for these purposes.
Right to Object to Automated Decision making When it comes to decisions that could have a legal, or otherwise significant impact, GDPR gives data subjects the right to insist that a human be involved in that decision-making process. In particular, GDPR says data subjects have the right “not be subject to a decision based solely on an automated process, including profiling” (see Article 22). The data subject’s wishes must be respected, unless the business has a more compelling interest in processing the personal data than the data subject’s interests in not having their data processed (see Article 21).
It is worth noting that nearly all of the above data subject rights are not absolute. For example, there may be situations where your business may have a greater interest in not erasing certain personal data than a data subject has in asking you to erase it. Therefore, if any of the rights described above cause you concern, it is worth further investigation into the nuances of the law relating to that right to make sure you fully understand your obligations.
About Consent
You need to have a legal basis, like consent, to process an EU citizen’s personal data. Under the GDPR, you may use another legal basis for processing personal data, but we anticipate that many Botdoc users will rely on consent. This consent must be specific and verifiable.
Verifiable consent requires a written record of when and how someone agreed to let you process their personal data. Consent must also be unambiguous and involve a clear affirmative action. This means clear language and no pre-checked consent boxes.
About Individual Rights
The GDPR also outlines the rights of individuals around their personal data. EU citizens will have the right to ask for details about the way you use their personal data and can ask you to do certain things with that data. You should be prepared to support people’s requests in a timely manner. People have the right to request their personal data be corrected, provided to them, prohibited for certain uses, or removed completely.
You should also be able to tell someone among other things, how their personal data is being used. If they ask, you’re obligated to share the personal data you hold on an individual or offer a way for them to access it.
Conclusion
GDPR represents a significant update to the provisions of the Data Protection Directive in an effort to provide appropriate protections for data subjects with respect to how organizations process, transfer, store, and protect the enormous amount of personal data being processed in this new digital world. Therefore, it is important that when your organization selects a product or software, your selection entails consideration of these new compliance obligations.
While there is still some ambiguity as to how these provisions will be enforced and interpreted once this measure takes full effect in May 2018, data privacy considerations and conversations around processing of personal data should not be delayed.
We hope this information provides you with insights for taking a proactive approach to data protection.
12/2/2017 BotDoc Planned Maintenance Outage/Updates
On Saturday, Dec 2 at 1am MST there will be scheduled down time to perform major upgrades to BotDoc. We anticipate this planned outage will take between 1 to 2 hours to perform.
We’re adding some BIG features to BotDoc’s platform, which include:
- Corp Team upgrades
- Session Time-Out options
- New registration page with email verification
- Terms of Service updates
Affected Product/Service: BotDoc Interface
Expected Behavior:
BotDoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
BotDoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users surrounding the secure movement of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@short-save.com.
Thanks,
BotDoc Team
11/21/2017 – Terms of Service
BotDoc’s new USER Terms of Service and CORPORATE Terms of Service will come into effect on November 25, 2017. If you continue using BotDoc after November 25, 2017 you agree to be bound by these new terms.
If you have any questions, please feel free to contact us by emailing support@short-save.com
8/27/2017 BotDoc Planned Maintenance Outage/Updates
On Sunday, August 27th at 1am MST there will be scheduled down time to perform major upgrades to BotDoc. We anticipate this planned outage will take between 1 to 2 hours to perform.
We’re adding some BIG features to BotDoc’s platform, which include:
- Requesting and Sending to multiple clients
- My Contacts page – which allows you to select mobile and email addresses from a drop-down menu (like Outlook and Gmail)
- Return receipts timeline for Sending which allows you to see when your client clicks the link you sent and see when your client initiates download of the document(s).
Affected Product/Service: BotDoc Interface
Expected Behavior:
BotDoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
BotDoc has received great feedback from its USERS therefore our team is expanding NEW features to our clients. These new updates and features expand capabilities providing more advancements to our users surrounding the secure movement of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@short-save.com.
BotDoc Planned Maintenance Outage – June 16, 2017
On Friday, June 16th at 1am MST we’re performing major infrastructure upgrades to BotDoc. We anticipate this planned outage will take between 2 to 4 hours to perform.
We’re moving BotDoc’s brain power to a much bigger, much faster server environment. Our recent growth has afforded us the opportunity to add extra capacity much sooner than anticipated.
Affected Product/Service: BotDoc Interface
Expected Behavior:
BotDoc’s interface will be inaccessible during this scheduled maintenance. Users Requests and Sends (inbound and outbound data/communications) will NOT be processed during this period.
Why we’re doing this:
BotDoc’s engineering is augmenting our network infrastructure to support the ongoing demand of our service. Our intent is to expand our capabilities to our clients with faster and more rigid security. This new infrastructure creates an environment to rapidly roll out expanded capabilities providing more advancements to our users surrounding the secure movement of data between two points.
We appreciate your patience and understanding. If you have any questions or concerns you can reach us at support@short-save.com.