Security at NerveRift
Last updated: March 4, 2023
At NerveRift, we take the security of our products and services very seriously. We have implemented a variety of security measures to protect your personal information and biometric data from unauthorized access, disclosure, or use. Our servers are located in the UK and are ISO compliant.
We limit access to your data to only those employees and contractors who have a legitimate business need to access it. We use role-based access controls to ensure that employees and contractors can only access the data that is necessary for their job functions.
We use encryption to protect your personal information and biometric data from unauthorized access. All data in transit is encrypted using HTTPS/TLS, and all data at rest is encrypted using AES-256.
We retain your data only for as long as necessary to provide our products and services and comply with legal requirements. When data is no longer necessary, it is securely deleted or destroyed.
We regularly monitor our systems for vulnerabilities and take prompt action to address any identified vulnerabilities. We also perform regular penetration testing to identify and address potential security risks.
We have a documented incident response plan in place to ensure that we can quickly and effectively respond to any security incidents that may occur. We promptly investigate any suspected security incidents and take appropriate actions to mitigate any potential harm.
We require all third-party service providers who have access to your personal information and biometric data to adhere to our security policies and practices. We perform due diligence on all third-party service providers to ensure that they meet our security requirements.
We are committed to complying with all applicable data protection laws and regulations, including the General Data Protection Regulation (GDPR). We regularly review and update our policies and procedures to ensure that we are compliant with all applicable laws and regulations.
We provide regular training to our employees and contractors on our security policies and procedures to ensure that they are aware of and comply with our security requirements.
Our servers are located in a secure facility that is protected by multiple layers of physical security, including biometric access controls, 24/7 security monitoring, and video surveillance.
We may update this security policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes to this policy by posting the updated policy on our website or by email.
This security policy is effective as of the date listed below and replaces any previous security policy.
Effective Date: March 4, 2023.