Data Privacy Policy

Security

We use a combination of techniques to ensure that information held in our system is secured and only available to authorized account holders and system administrators:

  • All passwords are encrypted using sha512 algorithms and are salted for added security.
  • Password resets can only be requested with a valid email address and are sent via email with an expiring one-use link.
  • Incorrect login attempts are logged and account lockout policies are in use to prevent brute force login attempts.
  • This site uses a single client side cookie to store session id only, all other data is stored server side and account validation is performed for each privileged page request.
  • Session validation is performed on each privileged page request to prevent session hijacking.

Privacy

Under no circumstances will we share any of your details or information you provide us with to third parties without your prior express permission. This includes but is not limited to email addresses, server addresses or any other privileged information.

Usage

We will use the information you provide only to deliver the services you request and at times to troubleshoot services when they are not performing as expected. We will not use any information provided by you for any other purpose.

Disclosure

We will notify registered account holders within 48 hours of a confirmed system breach.

Destruction

For retrospective analysis we retain all system logs which may contain information such as IP addresses and email addresses. As part of our maintenance routine, we purge database records containing inactive account information and transactional information after six months.

Non-Solicitation

We will not use any of the information you provide as a means to identify or engage with your clients.