Login
BL.INK's Overall Security Posture
Legal Name
Blink Global LLC, A Delaware Corporation.
Transparency
BL.INK publishes documentation of our compliance against global standards including certifications, policies attestations, audit reports and real-time evidence monitoring at https://bl.ink/trust.
Certifications
BL.INK is SOC 2 Type 2, accredited by MJD Advisors, 2024.
BL.INK is ISO/IEC 27001:2022 Certified by Intercert, August 2024.
BL.INK is HIPAA compliant.
GDPR
This page lists our ongoing efforts to maintain compliance with the EU’s General Data Protection Regulation (GDPR). Please visit: https://bl.ink/gdpr
Penetration Testing
BL.INK performs two penetration tests per year.
Request a Signed Data Processing Agreement (DPA)
You can request an official copy here.
Product Security
Uptime
BL.INK boasts an uptime rate of 99.9% or higher, ensuring continuous service availability, please visit http://status.bl.ink to monitor the status of our systems and see our historic availability.
Permissions
BL.INK offers role-based access control for user seats within the application. Permission levels encompass control over app settings and billing, account configurations such as domains and link parameters, and visibility and control over links and data.
Single Sign-On (SSO)
BL.INK enforces SSO to authenticate users within their own systems, eliminating the need for additional login credentials. SSO can be offered within an Enterprise account upon request, and may be factored in to the subscription cost.
Password and Credential Storage
Alongside SSO, BL.INK maintains a robust password complexity standard using a minimum of 16 characters and secures credentials using advanced hash algorithms.
Network and Application Security
Data Hosting and Storage
BL.INK utilizes Amazon Web Services (AWS) facilities in the USA East 1, East 2 and West 2 region to host its services and data. We are able to host data in other geographies upon request within an Enterprise account, at an additional cost.
Virtual Private Cloud (VPC)
All BL.INK servers reside within a virtual private cloud equipped with network access control lists to prevent unauthorized requests.
Encryption at Rest
The BLINK Information Security Policy mandates that data is always encrypted at rest. Our databases, disks and file systems use Advanced Encryption Standard (AES) XTS-AES-256 block cipher in concert with the AWS Key Management Service (KMS).
SSL Encryption
All data transmitted to and from BL.INK is encrypted using 256-bit encryption. The API and application endpoints score an "A+" rating on Qualys SSL Labs' tests.
TLS Encryption
All Communications use Transport Layer Security (TLS) Version 1.2 and higher.
Failover and Disaster Recovery (DR)
BL.INK's infrastructure and data are distributed across two AWS availability zones, designed with disaster recovery capabilities. Recovery Point Objective of 12:00 am central time and Recovery Time Objective (RTO) of 4 hours.
Backups and Monitoring
BL.INK employs Amazon RDS's daily backup solution for databases containing customer data.
Permissions and Authentication
BL.INK operates entirely over HTTPS. Customer data access is limited to authorized personnel. A zero-trust network model is maintained, supplemented by SSO, 2-factor authentication (2FA), and strong password policies.
QR Code Privacy, Security, and Compliance
At BL.INK, we understand that privacy and security are top concerns, particularly for older consumers. Our QR code platform adheres to the highest standards of privacy, security, and data protection across the unique legal requirements around the world.
QR Code Data Security: No Transmission of Personal Identifiable Information (PII)
QR codes generated by BL.INK do not store or transmit personal identifiable information (PII). The codes simply direct users to a secure URL or landing page. Any data captured (e.g., through forms on landing pages) is under the control of the organization generating the QR code and is handled according to their privacy policy. See our HIPAA compliance documentation.
QR Code Data Security: Data Minimization
We follow data minimization principles by ensuring that QR codes themselves do not contain sensitive or private data. This reduces the risk of data exposure in the event of unauthorized access.
Compliance with Global Privacy Standards
Our platform is fully compliant with international data protection laws and regulations, including:
- General Data Protection Regulation (GDPR): We adhere to GDPR's core principles by providing transparency, protecting user data, and respecting user rights. Organizations using BL.INK QR codes can manage data subject requests such as access, rectification, or deletion of information.
- Health Insurance Portability and Accountability Act (HIPAA): BL.INK's QR code platform supports HIPAA compliance by ensuring no PHI is stored or transmitted within the QR codes. All links are encrypted with secure HTTPS protocols, and we provide Business Associate Agreements (BAAs) to safeguard protected health information. Our platform undergoes regular security audits and supports advanced access controls to meet HIPAA’s privacy and security requirements.
- California Consumer Privacy Act (CCPA): BL.INK provides mechanisms for customers and their users to manage data requests in compliance with CCPA regulations, including the right to opt-out of data collection and disclosure.
Organizational Recognition and Certification
- BL.INK only works with verified and approved customers and organizations to generate QR codes on approved domains. These organizations are responsible for implementing secure and certified practices in handling any data collected through QR codes and to the final link destinations.
- Every QR code generated on the BL.INK platform is monitored to ensure accuracy, privacy, and security.
Incident Response
BL.INK follows a structured protocol for handling security events, involving escalation procedures, swift mitigation, and post-incident analysis. All employees and contractors are well-informed about these policies. Request the removal of personally identifiable information and/or account data by emailing privacy@bl.ink and we will respond within 72 hours.
Additional Security Measures
Confidentiality
Confidentiality agreements are integral to all BL.INK employment contracts, emphasize the protection of sensitive information.
Background Checks
Background verification checks for all candidates, employees and contractors are carried out in accordance with relevant laws, regulations, and ethics, and proportional to the business requirements.
Privacy
BL.INK regularly updates our privacy policy and monitors changing standards. Please visit: https://www.bl.ink/privacy-policy. Request the removal of personally identifiable information and/or account data by emailing privacy@bl.ink and we will respond within 72 hours.
Terms of Service
Please visit https://www.bl.ink/terms-of-service.
Training
Every BL.INK employee and contractor undergoes annual Security and Awareness training to foster a security-conscious software and operational culture. Regular monthly training is also conducted and audited by our Chief Operations Officer.
Policies
BL.INK maintains an evolving set of comprehensive security policies, encompassing various topics and shared across the organization. You may review current policies at http://bl.ink/trust.
PCI Obligations
Credit card payments for BL.INK subscriptions are managed through Chargebee, a partner with strong security measures and PCI compliance. BL.INK itself is also PCI Compliant, via self-attestation.