- DocMonster will comply with the GDPR when it becomes enforceable on May 25, 2018.
- Data Protection Officer: firstname.lastname@example.org
- All your personal data is protected using an industry standard Advanced Encryption Standard (AES-256) encryption algorithm to encrypt data in transfer and at rest.
- Our servers are protected by fully managed Amazon Web Services firewalls.
- Only key technical staff have direct access to our servers.
- Backoffice systems have user based access control and a full audit history.
- All employees and contractors are required to sign a confidentiality or non-disclosure agreements.
- Server software is updated daily to ensure we have all the security latest patches.
- Cyber insurance policy is provided by Hiscox.
- Servers are regularly tested using a industry standard PCI security scan.
- The personally identifiable data we hold on our system; Name, Address, Telephone Number, Email Address & Last IP Address.
- All data relating to card payments is processed by our payment provider Sagepay UK (www.sagepay.co.uk) using a industry standard secure token system.
- Data contained within the DocMonster repository itself is encrypted.
- We do not share or transfer your data to any 3rd party.
- Your personal data is retained for 5 years from termination of contract, unless the data controller requests removal.
- Your personal data is retained for our company accounting records, and also to allow customers to reactivate thier account.
- To request removal of personal data please email our Data Protection Officer (DPO). Email: email@example.com