This Security Policy (“Policy”) outlines the security measures implemented by Trackvent AB (“Trackvent,” “we,” “us,” or “our”) to safeguard the confidentiality, integrity, and availability of the information and data associated with our business operations, including the services provided through our website (www.trackvent.com) and our mobile application (“App”).
Information Security
1.1 Data Protection and Privacy: We are committed to protecting the privacy and personal information of our users. For detailed information on how we collect, store, and process personal data, please refer to our Privacy Policy.
1.2 Confidentiality: We maintain strict confidentiality of all sensitive and confidential information, including user data, financial data, and any other proprietary information related to our business operations.
1.3 Access Control: We implement access controls to ensure that only authorized individuals have access to sensitive data. User access rights are granted based on the principle of least privilege, limiting access to data necessary for performing specific tasks.
1.4 Data Encryption: We use industry-standard encryption protocols to protect data in transit and at rest. This helps ensure that data transmitted between our servers and your device, as well as data stored in our systems, remains secure and protected from unauthorized access.
Infrastructure and Systems Security
2.1 Secure Hosting: We partner with reputable hosting providers that employ robust security measures to safeguard our infrastructure, including firewalls, intrusion detection systems, and regular security audits.
2.2 Vulnerability Management: We conduct periodic vulnerability assessments and penetration testing to identify and address any potential security vulnerabilities in our systems. Prompt remediation measures are implemented to mitigate identified risks.
2.3 System Monitoring: We employ monitoring mechanisms to detect and respond to any suspicious or unauthorized activities. This includes real-time monitoring of network traffic, system logs, and access logs to ensure the integrity of our systems and data.
2.4 Disaster Recovery: We maintain a comprehensive disaster recovery plan to ensure the availability and continuity of our services in the event of any unforeseen incidents or disruptions. Regular backups are performed to protect data integrity and facilitate timely recovery.
Employee and User Awareness
3.1 Training and Education: We provide regular security awareness training to our employees to promote a culture of security and educate them about their responsibilities in protecting user data and maintaining the security of our systems.
3.2 User Responsibilities: Users of our website and App are responsible for maintaining the security of their accounts, including safeguarding their login credentials and promptly reporting any suspicious activities or potential security breaches.
Third-Party Partnerships
4.1 Data Processing Agreements: When engaging with third-party service providers, we enter into data processing agreements that require them to implement appropriate security measures and comply with applicable data protection laws.
4.2 Due Diligence: We conduct thorough assessments of third-party vendors and partners to ensure they meet our security standards and align with our commitment to protecting user data.
Incident Response and Reporting
5.1 Incident Response: In the event of a security incident or data breach, we have established an incident response process to promptly identify, contain, investigate, and remediate any security issues. We will notify affected individuals and relevant authorities as required by applicable laws and regulations.
5.2 Reporting Security Concerns: We encourage users and other stakeholders to report any security concerns or vulnerabilities they identify by contacting us at:
Trackvent AB
Stockholm, Sweden
Email: service@trackvent.com
Please provide sufficient details to allow us to investigate and address the reported security concerns.
Policy Review
This Policy is subject to regular review and may be updated periodically to reflect changes in our security practices or regulatory