FAQs
Your questions about security and pricing answered.
Have a question that isn’t covered? Feel free to contact us. We’ll get back to you within 24
hours
Security FAQs
What compliance measures do you have in place?
We comply with GPDR and offer a Data Processing Agreement (DPA). We provide a commitment regarding § 203 of the German Criminal Code to process health data. Furthermore, we are compliant with HIPAA Privacy/Security to protect your ePHI. We have a designated HIPAA Privacy/Security officer and all necessary policies and procedures are in place. We are happy to sign a Business Associate Agreement (BAA) with you, whether you are a Covered Entity or a Business Associate under the terms of HIPAA.
How are your servers protected?
Our servers are monitored 24/7. Every server has a firewall with strict packet rules configured. The servers’ software is updated at least monthly. We subscribe to a security mailing list so that we receive vulnerability notifications as early as possible. Once we receive a relevant vulnerability notification, we update our servers immediately. The servers have full disk encryption, for which only we have the key (no external party has access).
Where is your data center located?
Our data center Hetzner Online GmbH is located in Sigmundstraße 135, 90431 Nuremberg, Germany. It is compliant with ISO/IEC 27001:2013. We can provide you the certificate and the statement of applicability that shows the security measures that are in place.
How security aware are your employees?
Our workforce has completed GDPR, HIPAA Awareness and HIPAA Security training programs. We have numerous policies and procedures in place to guarantee GDPR, and HIPAA compliant data processing. Every single team member has signed a confidentiality agreement.
How secure is your application?
Our proprietary database conversion application is written in a secure programming language. It has also been thoroughly reviewed to ensure security. Every conversion is executed in a secure environment on one of our servers. That means every conversion is guaranteed to be strictly separated from other conversions.
How do you encrypt my data?
Data is always encrypted at rest using strong encryption, no matter whether it is saved on our servers or on a workstation. The data in motion is also always encrypted via SSL/TLS.
What access controls and audits do you use?
Every user has a unique identifier, and we are very strict when granting permission to individual users. Permissions are always kept to an absolute minimum. We regularly check access lists and audit server logins.
What are your contingency arrangements?
For our enterprise customers, we offer a high-availability server setup. In addition, we offer superior SLAs.
How long do you store my data?
Your data is stored only temporarily on our secure servers in Germany. Your conversion files are deleted immediately after the download when using the API. Your files are deleted 6 hours after the conversion is completed when using a public conversion page, or 48 hours after the conversion is completed when using the panel conversion page (conversion based on a data set).
How do I know your service is genuinely ISO 27001 certified?
We would be happy to send you a copy of our current certificate. Just ask us via email at:
Pricing FAQs
How does the money-back guarantee work?
In the unlikely event that you are unable to convert your files within the first 7 days of a paid period, we will refund the fees completely. In case you should not be able to convert your files within the first 7 days of a paid period, we will refund the fees completely.
Which payment methods do you support?
We currently support only PayPal. If you want to pay using a different payment method, please contact us.
When will I have to pay?
The one-time plan is paid in advance. The subscription plan is paid monthly in advance as well.
I bought a subscription. How can I cancel it?
Please email us indicating the email address that was used for your PayPal purchase, and we will process the cancellation within 48 hours.