Introduction
Spacemaze AB is committed to protecting the security of personal data. This Security Policy outlines our data handling measures and procedures.
Data Handling and Security Measures
Internal Security Measures:
Password Security: We enforce strong password policies internally to ensure account security.
Security Awareness: While formal staff training is not in place, we actively engage in periodic discussions and share educational resources within our team to foster awareness and understanding of data security and privacy best practices.
Software Updates: Our team regularly updates all software applications to maintain security.
Data Backup: We perform daily database backups of to safeguard against data loss or corruption, ensuring data availability and integrity.
Data Access and Management:
Access Control: Personal data access is restricted to essential personnel.
Regular Review: We conduct regular reviews to ensure access remains appropriate and secure.
Firebase Firestore Usage: We utilize Firebase Firestore for encrypted data storage and data management.
Data Retention, Deletion, and Compliance Policy:
General Retention Approach: We retain personal data only as necessary for its intended purposes and in compliance with legal obligations.
Specific Timeframes:
Customer Data: Retained for the duration of the customer relationship plus an additional 1 year for handling potential queries or claims.
Financial Records: Retained for 10 years to comply with tax and accounting requirements.
Employee Data: Retained for the duration of employment plus 1 year post-termination to fulfill legal and HR obligations.
Regular Data Reviews: Periodic assessments are conducted to ensure data relevance, with redundant or outdated information being deleted.
User Data Deletion Requests: A streamlined process is in place for handling user data deletion requests efficiently.
GDPR Compliance: We continually strive to align our data handling practices with GDPR and relevant data protection laws, and are committed to ongoing improvements in this area.
Incident Response Plan:
Incident Management Team: We have a team designated for incident management and immediate action planning in case of data breaches.
Breach Response Procedures: Our procedures include steps for breach identification, containment, and assessment.
Communication Protocol: We have a strategy for communicating with affected users and relevant authorities.
Changes to the Policy:
This policy may be updated periodically. Users will be notified of significant changes.
Contact Information:
For any inquiries or requests regarding data privacy and security,
please contact: info@spacemaze.io
This policy represents Spacemaze AB's commitment to data security. For detailed privacy-related information, please refer to our Privacy Policy.