Data Security Policy

How we protect your data, maintain platform integrity, and respond to security incidents.

← Our Policies
📅 Effective Date: 05 February 2025
Section 1

Our Security Principles

We follow three key principles in handling your data:

  • Confidentiality — Only authorized users and staff can access your personal information
  • Integrity — Your data is accurate, complete, and protected from unauthorized changes
  • Availability — Our systems are reliable and consistently accessible to authorized users
Section 2

Data Encryption

All data transmitted between your device and our platform is encrypted using TLS (Transport Layer Security). Sensitive data is encrypted at rest using industry-standard encryption algorithms.

Section 3

Secure Hosting

Our application servers and databases are hosted in secure, certified data centers. Daily automated backups are encrypted and stored offsite to ensure resilience and disaster recovery.

All hosting infrastructure complies with applicable data protection regulations, including GDPR requirements for data storage and processing.

Section 4

Access Control

  • Access to systems and data is role-based and restricted to authorized personnel only
  • All administrative access is protected by multi-factor authentication (MFA)
  • Regular audits are performed to review access rights and activity logs
Section 5

Software & Infrastructure Security

  • We regularly patch and update all infrastructure and third-party dependencies
  • Our platform is monitored continuously for unusual activity or potential vulnerabilities
  • Security best practices are followed throughout our software development lifecycle
Section 6

Incident Response

We have a documented incident response plan in place. In the unlikely event of a data breach:

  • Affected users and authorities will be notified as required by law
  • The issue will be addressed promptly to contain the breach and prevent recurrence
Section 7

User Responsibility

Users also play a role in security. You agree to:

  • Keep your login credentials confidential
  • Notify us immediately if you suspect unauthorized access
  • Use the platform only for its intended purposes
Section 8

Compliance

We comply with applicable data protection laws, including:

  • The General Data Protection Regulation (GDPR) for EU users
  • Germany's Federal Data Protection Act (BDSG)
  • Any additional local regulations as required by the jurisdictions of our client organizations
Section 9

Questions or Concerns?

If you have questions about our data protection practices or believe your information has been compromised, contact us immediately: contact@stellarmentoring.com