We implement and maintain technical and organisational measures to protect data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access and have contracts in place with sub-processors to do the same. This includes physical security, firewalls, establishing secure and authorised connections to our servers, intruder detection, encrypting passwords and taking regular backups of data.
The security measures include measures to help ensure ongoing confidentiality, integrity, availability and resilience of our systems and services; to help restore timely access to personal data following an incident; and for regular testing of effectiveness.
We may update or modify the security measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the services.
We take appropriate steps to ensure compliance with our security measures by our employees to the extent applicable to their scope of performance, including ensuring that all persons authorised to process personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.