We apply a strict access management system based on the principle of least privilege. Each employee has access only to the data and systems necessary for their work. We use advanced Identity and Access Management (IAM) systems with multi-factor authentication. All access rights are regularly reviewed and updated when roles change or employment ends.
Our systems undergo regular internal and external security audits. At least once a year, we undergo a comprehensive security audit conducted by an independent authority.
We use state-of-the-art encryption technologies to protect data at rest and in transit. All communication runs over secure protocols with strong encryption. Data stored in our systems is encrypted at the disk level and, where appropriate, at the individual file level. Encryption key management follows strict security protocols with regular key rotation.
All employees undergo comprehensive security training upon onboarding and regular refreshers afterward. Training includes practical demonstrations of security threats, phishing recognition, password management, and safe use of company systems. We regularly conduct simulated phishing campaigns to test employee vigilance.
We have developed a comprehensive system of security policies and procedures, regularly updated in line with evolving threats and industry best practices. All processes are thoroughly documented and subject to regular review. This includes a detailed Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP).
We have a dedicated incident response team ready to react to any security event. We maintain robust procedures for classification, escalation, and resolution of incidents, including communication plans and methods for minimizing impact.
We maintain a detailed inventory of all IT assets, including configurations and dependencies. Software is updated regularly, and security patches are applied promptly. Configuration changes follow a strict approval process and are documented. Unused data and systems are securely disposed of in line with our data retention policy.
We strictly adhere to all relevant legal requirements, including GDPR, the Cybersecurity Act, and other regulatory obligations.
We safeguard your confidential data against misuse and leaks, adhering to the highest cybersecurity standards.
We share transparently how we protect your information—because trust is built on clarity.
We constantly enhance our security measures, monitoring new threats and adapting to current trends.
We act immediately in the event of a security incident, minimizing impact and restoring operations.
We provide regular security reports, giving you clear insight into the protection of your systems and data.
We act with maximum integrity and respect. For us, your security is a commitment—not a choice.
