We can start with answering this question by stating that PressPage is bound by the provisions of the GDPR.
Among other things, the GDPR has adopted provisions about actions to be taken in the case of personal data breach, the minimum requirements in securing/protection the personal data. In short, this means we have to notify you with undue delay about any data breaches and take all reasonable measures to prevent or limit (further) violation of the GDPR, we have to safeguard a level of security attuned to the risk that complies with the requirements under the GDPR.
The following security measures are adopted by PressPage:
- Personal data is only processed for the agreed purposes
- Personal data from PressPage Mail in PressPage’s database is encrypted at rest and in transit.
- Personal data can be accessed using username and password. There is a password policy in place, in which
- passwords needs changing every ninety (90) days, and;
- each employee has an individual computer password that must meet the following criteria:
- Password must at least:
- Be 10 characters long
- and meet 3 of the following requirements:
- Contain at least 1 uppercase letter
- Contain at least 1 lowercase letter
- Contain at least 1 number
- Contain at least 1 special character
- Real-time protection anti-virus, anti-malware and anti-spyware software.
- Automatic software updates
- Employees are obligated in writing not to use information/data for other purposes
- A non-disclosure agreement is signed.