Back to Privacy Policy
7. Data security
We implement appropriate technical and organizational measures to protect your personal data:
Security Measures
- Encryption: Data is encrypted both in transit and at rest using industry-standard encryption
- Access Controls: Strict access controls with role-based permissions and authentication
- Network Security: Secure network configurations and access restrictions
- Regular Monitoring: Continuous monitoring of systems for security threats and vulnerabilities
Organizational Controls
- Staff Training: Regular privacy and security awareness training for all personnel
- Security Policies: Comprehensive data security and privacy policies and procedures
- Incident Response: Documented procedures for detecting, responding to, and reporting security incidents
- Regular Reviews: Periodic security assessments and updates to security measures
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Data Breach Response
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. In the event of a data breach, we will:
- Notify affected individuals within the timeframes required by applicable law
- Report breaches to relevant supervisory authorities where required
- Take immediate steps to contain and remediate any security incident
