Yeastar Cloud Phone System for Business

Data Security

Connect with confidence

Hundreds of businesses and thousands of people trust us for confident, worry-free telephony solutions.

Data Security

Connect with confidence

Thousands of businesses and millions of people trust Calendly for confident, worry-free calendar connections.

How we keep your data secure

We know that contacts, call logs and conversations are valuable for you, these data can be extremely sensitive in business, thus keep safe operation of your business phone system is one of our top priorities.

How we keep your data secure

Upon has a dedicated team of compliance and security experts to help meet our rigorous privacy and security standards. Our policies, procedures, and technologies enable us to comply with and exceed industry standard requirements.

Our cloud PBX are hosted in modern safe data centres with 24/7 monitoring. We use AWS and DigitalOcean as a hosting provider.

Amazon Web Services

AWS holds many certifications such as ISO 27001, SOC2, PCI DSS, FedRAMP, and provides for a safe and secure environment.


DigitalOcean is AICPA SOC 2 Type II and SOC 3 Type II certified, in addition, DigitalOcean has achieved Cloud Security Alliance (CSA) STAR Level 1


We require HTTPS for all services, all connections from the browser to the Cloud PBX platform are encrypted in transit using TLS 1.2 and AES-256.

We use a combination of various security tokens. Communication through the web interface is fully encrypted with the latest TLS version supporting Forward Secrecy.

QR Code

All QR code generated are valid for 24 hours and can only be used once.


All login link generated are valid for 24 hours and can only be used once.


All passwords are encrypted by an advanced one-way algorithm. Passwords are never stored for internal purposes.

Phone calls

All phone calls made through the WebRTC protocol are automatically encrypted and those made through the SIP protocol can be encrypted by TLS.

Credit card

We do not retain information on customer credit cards. All data are directly provided to our payment processor


We perform regular online backups across availability zones.

Firmware upgrade

As new firmware are released frequently, upgrade is managed by us to ensure our system is always running at optimum conditions.

Security and Compliance is a shared responsibility between us and the customer.

For us

We secure the system and the network your service runs on, inclusive of the management control plane. We extend our responsibility for security of those platforms further up-stack. Secure configurations, access, and patching are all part of the as-a-Service model for these products.

Customer specific

Controls of the cloud PBX product are solely the responsibility of the customer. For example, customer is required to perform all of the necessary security configuration and management tasks inside cloud PBX, customer manages own backups & firmware upgrades, customer is also responsible to keep safe of administrator’s password, end user’s password, voicemail password, etc.

Initial provisioning

If you engage our service to do setup for you, the server will be first initialized and configured by us. You may change the administrator’s password upon receiving official handover from us.

Technical support

Our support will request administrator’s password from you if the issue can not be resolved by email or other communication channel. If you are uncomfortable to share the password with our technical support, you may arrange a remote session with us so that you will be the person whom login to the server and you can observe what our technical support does on your server.

Maintenance contract

For customers with active maintenance contract with us, your password is stored on our secured password manager and only accessible by our support engineers.

Bottom big blocks,

Data Protection Trustmark Certification – Infocomm Media Development Authority (

Privacy policy

Terms of Use

Maintenance service schedule