All Collections
Shake's measures and policies for ensuring data privacy • Data encryption
Shake's measures and policies for ensuring data privacy • Data encryption

Shake diligently ensures that your data is secure, and accessible only to you.

Peter Simic avatar
Written by Peter Simic
Updated over a week ago

Yes, your data. Unlike others, we don't claim any ownership over it. We host it to provide you our brilliant service on top of it, just like a bank provides and protects your safe deposit box without owning its contents.

AWS infrastructure

Shake is 100% hosted on Amazon Web Services, a world leader in compliance with the latest security practices, including the Privacy Shield. All your data is in Amazon's private data center in Frankfurt, Germany, EU eu-central-1

Data is encrypted

Your data in transit is encrypted using secure TLS cryptographic protocols. It's then stored in PostgreSQL and ElasticSearch on AWS Elastic Block Store disks, both of which are encrypted at rest using AES with a 256-bit key.

No access

Even the sparse basic data our systems are required to have cannot be accessed unless formally requested by you. Then, only one of the authorized in-house employees — audited on a regular basis — could be granted access to assist you.

Disable at the source

Shake reports non-personally identifiable info but you can customize it to report truly anything , for example during internal testing. You can .omit() , .obfuscate() or .disable() private info on devices as well so it never leaves the source in the first place.

Penetration tests

We commission security experts to perform pen tests on Shake to find our vulnerabilities. Those are then prioritized and diligently patched.

No credit card data

The best way we can protect your credit card info is to not get it at all. If you decide to upgrade, you will do so through a the secure payment processor Stripe.

Physical security

Our offices have 24-hour security personnel on site, cameras, visitor logs and smart card door entry requirements.

Agreements and courses

Our non-disclosures, training courses and security guidelines guide our entire team in making the right security decisions.

Principle of least privilege

Shake audits data access regularly so that all employees only have the permissions necessary to do their jobs.

Network security

Access to an AWS account is strictly limited. Additionally, IDS and firewalls are set up at the edge locations.


To ensure business continuity in case of disaster, critical data is backed up every day and moved to a different account.

Scalability and high availability

Through a multi-availability zone, we are able to maintain Shake functionality even if an entire zone fails.

For any additional concerns, please contact us through the Intercom bubble or via email

Or even better, join our Slack Community and get in touch with our developers within a few minutes.

Did this answer your question?