GetAccept - Security
Updated January 2022.
Additional Security Measures
Below is a general, but not conclusive, an overview of the security measures GetAccept takes to protect the data stored within the GetAccept platform in relation to the GDPR rules set forth by the EU commission.
- We don’t store or transfer any unnecessary personal data to any sub-processor.
- All sub-processors are selected with data security as a key selection criteria
- We are putting demands on our sub-processors to take additional security measures of their own.
- We encrypt all data in transit using a 2048bit SSL/TLS certificate
- We encrypt all data in rest using the industry-standard AES-256
- Encryption keys are managed by EU GetAccept employees only. Not accessible to anyone outside the company.
- All infrastructure is on private subnets and not reachable from the public internet
- Access to Infrastructure is protected by VPN
- We enforce SSL/TSL when connecting to our data sources
- Web Application Firewall (WAF) implemented according to OWASP.
- We anonymize data when possible
If you have any questions or suggestions regarding our Security Measures or practices, you may contact us at email@example.com or via chat.