Klippa recognises that personal information has evolved into a valuable asset that must be safeguarded and managed accordingly. We are committed to maintaining an information systems infrastructure with an appropriate level of security and data protection.
We have developed a set of policies and procedures to safeguard information resources and digital data when they are in transit, during processing, or at rest in storage.
We have implemented our information security system following data privacy standards and local legislation to ensure an adequate level of confidentiality, integrity, and availability.
In essence, this means that:
Only individuals with specific authority to see or change the data have access to the data we hold. We achieve this through user access controls, network security measures, including cloud-based architecture, and data privacy awareness for all team members.
All system assets are reliable in their operation, and we maintain data accuracy through a system of encryption, user access controls (including multi-factor authentication) and backup and recovery.
Systems and data are available when needed and accessible to the authenticated user who requires them. A reliable infrastructure – with guarantees on system uptime – and disaster recovery procedures ensure data accessibility.
To comply with GDPR legislation, we follow data minimisation and purpose limitation principles to ensure that Klippa collects and processes only those data necessary for administering and providing our services and that we have a legitimate reason for using those data.