1. Security approach
Security is managed through layered technical and organisational controls designed to protect account, journey and customer update records.
2. Access control
Team access should be restricted to authorised users. Customers should remove users who no longer need access.
3. Data protection
The platform should use encrypted connections, secure hosting, account controls, backups and monitoring appropriate to the service level.
4. Incident handling
Suspected security incidents should be reported through the contact page. We will investigate and take appropriate action based on severity and legal obligations.