ATSL Services, LLC treats the data held in JudgeIT as what it is — the official record of competitions that matter to performers, organisations, and the public. This page sets out the concrete measures we take to protect that data. It complements our Privacy Policy.
Each client organisation's data is held in its own separate, dedicated database. One client's competitions, scores, and users are never stored in the same dataset as another's. This architectural separation means there is no shared table from which information could leak between clients.
All connections to JudgeIT are served over HTTPS with transport encryption enforced, so data is protected in transit between the user's device and the service. Account passwords are stored only as salted one-way hashes — never in readable form.
JudgeIT keeps a time-stamped record of significant actions — score entries, submissions, edits, approvals, and administrative changes. This trail makes results defensible and helps detect and investigate any irregularity.
Competition databases are backed up automatically every day, with backups retained and stored separately from the live system. A single organisation's data can be restored without affecting any other client, so a result is never permanently lost to a technical fault.
JudgeIT runs on reputable cloud infrastructure with server hardening, a firewall limiting access to only the necessary network ports, and automatic security updates. Administrative access to servers is restricted and credential-controlled.
Competition data, results, and contestant information remain the property of the client organisation. We process it solely to operate the service. Clients may request a complete export of their data at any time, and deletion on termination, as set out in their agreement.
If we become aware of a security incident affecting client data, we will act promptly to contain it, investigate, and notify the affected client organisation without undue delay, providing the information they need to meet their own obligations.
Security is a partnership. We secure the platform; clients are responsible for managing their own users, keeping credentials confidential, granting roles appropriately, and entering only the data they are permitted to. We recommend administrators review their user list each season.
Security questions, or to report a concern, write to [email protected].
This document is provided for transparency and is reviewed periodically. It does not constitute legal advice. For questions, contact [email protected].