This Security Policy describes the technical and organizational measures implemented to protect data processed in connection with the Software and Services.
Festivo implements reasonable and appropriate technical and organizational measures designed to protect data against unauthorized access, loss, alteration, or disclosure, taking into account the nature of the data, scope of processing, and associated risks.
All external communications with the Services are encrypted using industry-standard transport layer security (TLS). Encryption in transit is enforced for client-to-service and service-to-service communications.
The Services are hosted in professional cloud environments located within the European Union. Infrastructure providers implement physical and environmental security controls appropriate for data center operations.
Access to systems and data is restricted to authorized personnel only and granted based on the principle of least privilege. Administrative access is logged and subject to review.
Authentication credentials are protected using cryptographic techniques appropriate to their sensitivity. Passwords and secrets are not stored in plain text.
System activity is monitored to detect unauthorized access and operational issues. Logs are retained for a limited period and protected against unauthorized access.
Regular backups are performed to support data availability and disaster recovery. Backup access is restricted and backups are protected against accidental loss or destruction.
Festivo maintains procedures for identifying, responding to, and mitigating security incidents. Personal data breaches are assessed and handled in accordance with applicable data protection laws.
Where third-party vendors or sub-processors are used, Festivo applies due diligence and requires contractual commitments regarding confidentiality and data protection.
This Security Policy may be updated from time to time to reflect changes in technology, legal requirements, or operational practices.
For security-related inquiries, please contact: hello@getfestivo.com