Waitwhile requires authentication for all application pages and resources, except for those specifically intended to be public. All authentication controls must be enforced on a trusted system, and all authentication controls fail securely. Waitwhile uses TLS-encrypted POST requests to transmit authentication credentials.
We enforce the following password requirements and security standards:
- Passwords must be a minimum of 8 characters in length and include a mix of uppercase and lowercase letters as well as numbers and symbols.
- Passwords are hashed with bcrypt. No plaintext passwords are stored.
- Multiple logins with the wrong username or password will result in a locked account, which will be disabled for a period of time to prevent a brute-force login, but not long enough to prevent legitimate users from being unable to use the application.
- Email-based password reset links are sent only to a user's pre-registered email address with a temporary link.
Each time a user signs into Waitwhile.com, they receive a new, unique session identifier.
To protect data in transit to and from Waitwhile we use Transport Layer Security (TLS) for data transfer, creating a secure tunnel protected by 128-bit or higher Advanced Encryption Standard (AES) encryption. Data in transit between Waitwhile's service and the client's web or mobile application is always encrypted via TLS.
Waitwhile is designed for use cases ranging from single account holders to large teams. You can invite users to your account without giving all team members the same levels of access.
User roles specify different levels of permissions that you can use to manage collaborators on an Waitwhile account. They are especially useful when there are multiple people working on the same waitlist. The following list describes how to implement the user roles and the access given to each role:
- Owners have full access to all waitlists, settings and account billing information. They can also add or remove other owners and administrators.
- Administrators have access to all settings and options for a single waitlist. They can also add or remove other administrators. If you make someone an Administrator, they have that role for the waitlist for that Account. If you demote an Administrator to any other role, they lose all administator privileges.
- Staff only manipulate a single waitlist (e.g. add new parties, remove parties, notify parties). A waitlist can have multiple staff members.
Single Sign-on (SSO)
Waitwhile supports SSO using Google or Facebook accounts.
Logs are kept at all account levels for changes made to user accounts for both Waitwhile administrators and end users. Waitwhile maintains records of the following information:
- Account Events
- Errors & Diagnostics
The Waitwhile software development lifecycle includes many activities to foster building security into our services:
- Defining Security Requirements
- Design (threat modeling and analysis, security design review)
- Development controls (static analysis, manual peer code review)
- Deployment controls (security, confidentiality, integrity, and availability code reviews, canary release process).
What Data We Collect
- Account data
- Waitlist statistics including volume of waitlisted customers, volume of SMS
- Waitlisted customers including date of visit, serving date and alerts
Waitwhile allows the customer to remove all account related information when exiting the service. We rely on Google Cloud Platform for data disposal, see security whitepaper
Internal Access to Data
Access to Customers' information is restricted within Waitwhile and is only authorized for the purposes of providing direct customer support or for future product enhancements (for instance, to understand how an engineering change affects a group of customers).
Waitwhile takes the safety and security of your information seriously. We have implemented employee access controls that protect your information from unauthorized use:
- Your account data is used only to provide services to you. Waitwhile does not sell, rent, or otherwise disclose the information you provide to us in setting up your account for any other purpose.
- We limit access to your content and information to Waitwhile employees who require such information to perform their jobs, or as required to provide support to you.
- Access to systems containing your sensitive information is logged and audited.
- Waitwhile employees are required to sign a confidentiality agreement covering customer data.
- Waitwhile employees are subject to disciplinary action, including but not limited to termination, if they are found to have abused their access to customer information.
- Access is provided based on employee functional roles and is centrally maintained. If an employee changes roles or leaves the company, entitlements are adjusted immediately. The status of these entitlements and certifications are internal facing only.
- Waitwhile customers retain responsibility to ensure their use of our service is within compliance of applicable laws and regulations. This is described in the Waitwhile Terms & Conditions and online terms, which can be found at https://waitwhile.com/terms.
Waitwhile regularly updates network architecture schema and maintains an understanding of the data flows between its systems. Firewall rules and access restrictions are reviewed for appropriateness on a regular basis.
Waitwhile has a Security Incident Response Plan designed to quickly and systematically respond to security incidents that may arise. The incident response plan is tested and refined on a regular basis.
Waitwhile's infrastructure is designed to provide the best experience and to minimize service interruption due to hardware failure, natural disaster, or other catastrophes. Features include:
- State of the art cloud providers. We use Google Cloud and Google Firebase, which are trusted by thousands of businesses to store and serve our data/services.
- Waitwhile uses Google App Engine which provide multi-failure disaster recovery capability for all Waitwhile user data and automatically launches new server instances to keep the service available in case of failure.
- Continuity plan. In addition to the redundancy of data and our world class infrastructure, we have an office located in Stockholm, Sweden to ensure that regional issues at our global headquarters located in San Francisco, California do not disrupt our ability to provide the services or support to you.