usecure is fully compliant with the GDPR based on our self-assessment, as well as that of an external Data Protection Officer.
To protect your data, we:
Keep all customer data in separate instances of the application
Restrict access to customer data
Protect all usecure devices with a secure password policy
Regularly perform penetration testing of the platform by third-party cyber security professionals
Store all customer data with 256-bit encryption on secure AWS servers within the EU
Do not store any physical data in the office
Do not store any data locally on work devices
To ensure your privacy, we:
Do not contact your employees, or use data you provide to us, for anything else than what is required to operate the usecure platform (course emails, policy emails, and phishing simulation emails)
We do not sell or provide any customer data to third parties.