fbpx

    Security measures

    Security measures

    Stebby implements technical and organisational measures designed to mitigate the risk of unauthorised or unlawful processing of Users’ personal data, as well as the risk of accidental loss, destruction, or damage to such data, in accordance with applicable data protection laws.

    When Stebby processes personal data, whether as a controller or on behalf of business clients or partners, the security measures outlined on this page are applied as a minimum where appropriate.

    Policies and governance

    • Documented security policies and acceptable use policies Stebby which are communicated and apply to all employees and, where appropriate, to contractors.
    • Non-disclosure or confidentiality clauses with all employees and, where appropriate with contractors, sub-processors and other partners.
    • Employing professionals tasked with protecting personal data of the Users, such as a Data Protection Officer.
    • Internal policies are in place to ensure that employees’ computers are secured with password protection, hard drives are encrypted, and maintained with firewalls and up-to-date antivirus software.
    • Entering into contracts for the processing of personal data by authorised sub-processors, including agreeing on measures equivalent to those agreed between Stebby and Stebby’s clients who act as controllers.
    • Regularly reviewing and updating Stebby’s technical and organisational data protection measures to ensure they remain appropriate for the nature of the data and associated risks.

    Access control

    • Access to personal data is limited to employees who require such access to perform their job duties. Access rights are regularly reviewed and updated.
    • Physical access restrictions to all Stebby offices, such as, but not limited to security cameras and personalised keycards.

    Technical security measures

    • Subjecting all servers, workstations, and network equipment to standard security management practices including change management, vulnerability management, and patch management.
    • The pseudonymisation and encryption of Users’ personal data during transmission and storage.
    • Secure data exchange that cannot be monitored by third parties is used and all data queries made in and sent from the Stebby environment are encrypted.

    Data management and recovery

    • Processes aimed at supporting the confidentiality, integrity, and availability of data during processing activities.
    • Storing the personal data only for the time period necessary to carry out the processing activities, provide the services or as required by law.
    • A procedure for data breaches and procedures intended to enable the restoration of access to personal data in the event of a data breach.
    • Keeping copies of important backup-data in secure facilities off-site, to enable systems, data, and networks to be restored using alternative facilities in the event of an incident.

    Monitoring and testing

    • Internal routines for periodically testing and assessing the effectiveness of the measures taken to mitigate risks relating to the security of personal data.

    Take the next step!

    Search for opportunities to work out, relax and experience something new. Get the best prices on the market and buy instantly the services you like or need.

    App Store Play Store

    Book a demo!

    Book a demo and our helpful sales team will show you all the features and answer your questions about our platform.

    Internal error
    Loading
    Request sent