Backup & Disaster Recovery
- Safefood 360° systems and data stores are backed up daily to secure offsite facilities provided by Amazon Web Services (S3).
- This ensures complete and speedy recovery in the highly unlikely event of data loss within primary systems. While our customers are not required to backup any data within Safefood 360° we do provide data export mechanisms throughout the platform.
Privacy & Data Ownership
- Privacy is an integral part of our product development and service lifecycle and we responsibly manage the data we store on your behalf.
- We only use Customer Data to provide the services we are contracted to provide you. This may include troubleshooting aimed at preventing, detecting and repairing problems affecting the operation of the services, the improvement of features and the protection against emerging and evolving threats.
- We will not disclose Customer Data to any third party (including law enforcement, other government entity, or civil litigant) except as you direct or unless required by law. In the event that you wish to discontinue use of our services then all data belonging to you will be returned in a structured and useable format.
Privacy is our top concern due to the sensitive nature of food safety information
Compliance & Data Retention
- Safefood 360°’s underlying systems (Microsoft Azure) complies with numerous international codes for information security including the E.U. Data Protection Directive (95/46/EC), ISO/IEC 27001:2005, SSAE 16/ ISAE 3402, HIPAA/HITECH and the PCI Data Security Standard.
- Additionally, Safefood 360 complies with the technical requirements of FDA 21 CFR Part 11 and EU Annex 11 dealing with the use of electronic data and electronic signatures in regulated environments.
- All customer data is retained indefinitely unless otherwise requested.
Physical Network Security
- Each datacenter employs various measures to help protect operations from power failure, physical intrusion, and network outages.
- Network perimeters are protected by technical controls such as firewalls, filtering routers and Access Control Lists (ACL’s) allowing access to only required services.
- 24 x 7 x 365 monitoring and surveillance, onsite security staff and strict access controls ensure continuity and security of service and operation
- We are committed to implementing the best security practices across our service. We perform regular penetration tests, vulnerability scans and secure coding assessments using internationally recognized and accredited third party security specialists.
- This extends to testing our Distributed Denial of Service (DDOS) protection systems. Audit reports are available to our enterprise customers under a confidentiality agreement.
- We continually monitor and seek to improve our security systems to help ensure your information is always protected.