...
At Gruntify, we understand that security is paramount in everything we do. That's why we align our approach to security with best practices and recognized standards such as GDPR, CCPA, COPPA, ISO27001, PCI-DSS, and SOX frameworks. Our commitment to security starts with our governance policies, which are documented, shared with all staff, and reviewed regularly to ensure we stay current.
...
We believe accountability for security should be embedded throughout the organization.
...
All Gruntify personnel undergo regular security awareness training to ensure they are equipped to handle specific security-oriented challenges and ensures that our personnel comply with all regulatory aspects of their role. As part of compliance, Gruntify completes Data Protection Impact Assessment (DPIA) as per regulatory requirements in Article 35 in the GDPR to identify and minimize the data protection risks of all Gruntify projects and processes. Access to Gruntify’s network, systems and communications are logged and monitored to assist with identifying potential misuse of systems or information. Logging activities include regular monitoring of system access to prevent attempts at unauthorized access and confirm access control systems are effective. Log servers and documents are kept secure and only made available to authorized personnel. These logs are retained as long as required for appropriate regulation.
...