● We are ISO27001:2013 certified, which means that we have implemented and maintain a comprehensive information security management system (ISMS) to manage and protect our customers' data.
● We undergo regular audits to ensure that our ISMS is effective and compliant with ISO27001:2013 requirements.
● Our ISMS covers all aspects of information security, including confidentiality, integrity, and availability of data, as well as risk management and continuous improvement.
● We are also compliant with data protection regulations such as GDPR, Singapore'sPersonal Data Protection Act (PDPA), and Hong Kong's Personal Data (Privacy) Ordinance (PDPO).
● We have strict access control policies and procedures in place to ensure that only authorized personnel can access our systems and data.
● All users are authenticated using strong passwords and multi-factor authentication.
● Access is granted on a need-to-know basis, with different levels of access depending on job roles and responsibilities.
● We implement a range of technical and organizational measures to protect our customers' data, including encryption, backups, and disaster recovery plans.
● Our systems are regularly tested for vulnerabilities, and we have incident response plans in place in case of a security breach.
● We only store customer data for as long as necessary and securely dispose of it when it is no longer required
● We monitor our systems and applications 24/7 to ensure that they are available and performing optimally.
● We use industry-standard tools and techniques to detect and respond to any security incidents or anomalies.
● We have an operations reviews every 6 months to check our infrastructure for any issues.
● We provide a status check page customers can use to check the availability and performance of our systems in real-time