1. Purpose
Anmaer takes data security seriously. This policy explains the general measures applied to protect data processed in the context of our technology services, software, SaaS, applications, websites, automations and integrations.
2. Security measures
Depending on the nature of the project, Anmaer may apply measures such as:
- access control;
- strong passwords;
- multi-factor authentication where available;
- permission limitation;
- encryption in transit;
- encryption at rest where available;
- backups;
- logging;
- monitoring;
- updates;
- environment separation;
- API key management;
- access review;
- incident management;
- careful selection of providers.
3. Access to data
Access to data is limited to people who need it to provide services, manage support, ensure security, fix errors or comply with a contractual or legal obligation.
4. Subcontractors and providers
Anmaer may use third-party providers for hosting, storage, email, payments, analytics, security, support, AI, backups or communications.
Anmaer selects its providers with reasonable diligence and strives to govern their access to data.
5. Client data
Client data remains the property of the client or applicable owner.
Anmaer does not use it for purposes incompatible with the assigned mandate.
6. Incidents
In the event of a security or confidentiality incident, Anmaer takes reasonable measures to:
- analyze the incident;
- limit the impact;
- correct the cause;
- document the event;
- inform the affected individuals or clients when required;
- cooperate with legal notifications when necessary.
7. Backups
When backups are provided for in the mandate or service, they are performed according to the applicable terms.
The client remains responsible for requesting specific backups or a specific continuity strategy if its project requires it.
8. Limits
No system is entirely free from risk. Anmaer applies reasonable measures, but cannot guarantee absolute security.
9. Contact
Anmaer — contact@anmaer.com