GDRP

We have implemented our GDRP policy to be compliant and transparent about the use of your personal data.

Our policy

In order to improve the services offered, eMundus can collect information related to the emundus.fr website. As the developer of an online application management platform, eMundus works very closely with customers who collect personal data. Therefore, we had to define a policy to comply with the General Data Protection Regulations in order to guarantee data security.

eMundus is committed to respecting its GDRP policy
Commitment to the GDRP

eMundus is committed to respecting this GDRP policy in the context of the activity, and thus to respecting the privacy, protection, confidentiality and security of personal data. In order to ensure the implementation of these commitments, a Data Protection Officer (DPO) has been appointed within our team.

Data storage

Customers can choose to store the data collected through the eMundus platform either on eMundus servers or on their own servers.

Backup

On our servers (rented from the SoYouStart service provider), backups are made to our web folders and databases. We are implementing a backup via encryption in AES-256, which is an encryption algorithm used by the NSA, with also a data retention policy. This policy consists of a 7-day data backup for each customer, a storage of 4 backups per month, or 12 backups per year).

Data Security

RSA encryption keys ranging from 2048 to 4096 bits are used to secure each of our machines. Many security and confidentiality measures are implemented :

  • the building is secure
  • password authentication
  • connection logging
  • a firewall filtering access to the server
  • backup encryption
  • securing back office access at the server level
  • blocking of high-risk IP addresses
  • user blocking when an attempt at hacking is detected

Do you have any questions about our GDRP policy ?

We will answer it as soon as possible