Security and compliance

Answers to questions frequently asked by our enterprise customers.

Is Submarine PCI compliant?

Yes.

Customer payment information never passes directly to Submarine. All sensitive payment details are sent directly from the Shopify Plus Checkout to the merchants' payment processor, after which a tokenised version of the payment method is created and passed back to Submarine.

How secure is Submarine?

We conform to industry standards for web application security.

Submarine is built by an engineering team with extensive experience developing, deploying and managing web applications in a secure environment. We are members of the Open Web Application Security Project (OWASP) and aim to meet Level 2 standards of the OWASP Application Security Verification Standard (ASVS).

Does Submarine store customer data?

Yes, to the extent needed for the operation of the platform.

We try to minimise the amount of customer data stored within Submarine to reduce the risk footprint for merchants. However, the nature of the platform requires that some customer information (customer IDs, customer email addresses, customer order contents, and customer addresses) are stored within Submarine.

Does Submarine share customer data with third parties?

Never.

All customer data within the platform remains the property of the merchant and will never be shared or sold to third parties. A guarantee to this effect forms part of the standard Submarine contract terms.

Does Submarine back up data?

Yes (securely).

All Submarine data is periodically backed up off-site (using Tarsnap, a highly secure encrypted backup service used by many companies handling sensitive information including Stripe).

Tarsnap ensures that data is fully encrypted on our servers before transmission.

Does Submarine have a Disaster Recovery Plan?

Yes.

Disco Labs has developed a template DRP that can be tailored to each merchant using the platform.

Does Submarine have a Business Continuity Plan?

Yes.

As with our DRP, Disco Labs has developed a template BCP that can be tailored to each merchant using the platform.

Where are Submarine's servers hosted?

On Digital Ocean in the United States.

Our infrastructure is provided by Digital Ocean, with availability regions within the United States. Locating our servers in the United States was a decision made based on proximity to Shopify's servers and to the majority of our merchants' customer bases.

We have the ability to deploy Submarine to alternate regions or to in-house infrastructure if merchants have specific legal or compliance needs.

Does Submarine use multi-tenant architecture?

Yes.

Just like Shopify Plus, Submarine's servers are multi-tenant by default (meaning we service multiple merchants from the same servers).

We have the ability to deploy Submarine to single-tenant infrastructure if merchants have specific legal or compliance needs.

What is Submarine's SLA or uptime guarantee?

We don't offer a contractual SLA or uptime guarantee.

Because Submarine is tightly integrated with Shopify Plus (which does not provide a formal SLA or uptime guarantee), we are unable to provide either of those things.

The way Submarine is architected, any outages on the Submarine side will not prevent customers from completing orders or cause data loss.

To date, Submarine itself has demonstrated five nines reliability and uptime.

Does Submarine provide a staging or sandbox environment?

Yes.

Submarine has a fully-functional staging environment, and we encourage all merchants to set Submarine up on a development or staging Shopify store for testing and development purposes. In the staging environment, sandbox payment provider credentials can be used during testing.

Can Submarine scale?

Yes - we've handled high traffic launch events in the past.

Submarine's architecture makes it well-suited to handle high traffic events and merchants processing large volumes. Unlike some other payment or subscription solutions, Submarine is integrated natively into the Shopify checkout, which is able to automatically scale to handle very high traffic volumes, even in cases of flash sale or launch events.