Our utmost priority is ensuring the security of personal data by adhering to industry-best standards and employing robust systems and processes. We understand the critical importance of security to our users, and we are fully committed to maintaining the highest operational standards. Below, we have outlined the key aspects of our security practices for your reference.
ivy.mayhem diligently strives to meet international legal requirements. We take necessary precautions and implement technical and organizational security measures to mitigate risks and safeguard your data. By following industry best practices, we aim to prevent unauthorized or unlawful security breaches that may result in accidental or unlawful destruction, loss, alteration, disclosure, or access to information.
Our security framework incorporates server authentication, data encryption, and multiple layers of protection to ensure the safety, integrity, and confidentiality of user data. Our personnel involved in data processing are bound by confidentiality obligations and receive appropriate instructions.
Although we maintain rigorous security measures, it is important to note that no method can offer absolute security, and we cannot guarantee it.
We entrust our services to a certified and reliable data storage facility situated in the European Union, ensuring a high level of data security. The data storage center holds an ISO 27001 certificate for information storage security, providing comprehensive measures for safeguarding and processing data.
Rest assured that both your own and your customers' data are protected within our system. When it comes to passwords and credit card information, we employ secure and encrypted Secure Sockets Layer (SSL) connections for transmission. All payment-related data furnished to ivy.mayhem is directly handled by our payment processors, and we don't have access to it. As a result, we do not require PCI compliance. Instead, our payment processing vendors comply with the Payment Card Industry Data Security Standard (PCI-DSS).
Through thorough effort and dedication, the ivy.mayhem team has successfully introduced new features that ensure compliance with the General Data Protection Regulation (GDPR). Our systems now encompass the essential controls and procedures for maintaining the security of personal data during processing, as outlined by the GDPR guidelines. For detailed information regarding the data we collect and the methods employed, please refer to our Privacy Policy. Additionally, our customers have the option to review a Data Processing Addendum available here.
Please also make sure to refer to the privacy policy of our platforms.
At ivy.mayhem, we have an ongoing process of maintaining and monitoring notifications, errors, logs, and alerts across our services and systems. This diligent approach helps us identify and effectively handle any potential threats that may arise. We have implemented robust security measures to prevent unauthorized access to data processing equipment.
Additionally, we have well-defined internal information security policies in place, which include detailed incident response plans. These measures collectively enhance our ability to ensure the security and integrity of our services.
To safeguard data communications between our clients and our application, we utilize encrypted data channels through the HTTPS/TLS (Hyper Text Transfer Protocol Secure/Transport Layer Security) protocol. This encryption protocol ensures the confidentiality and security of the transmitted data. Furthermore, whenever needed and possible, we encrypt data with strong AES-256 encryption.
Ensuring the safety of your data also relies on your effort to maintain the security of your account, systems, and personal information. It is essential to utilize sufficiently complex passwords and store them securely. By employing strong passwords and adopting appropriate password storage practices, you play a vital role in safeguarding your data.
