Data Security Policy
Last updated: [to be completed]
1. Purpose
This policy defines the measures taken by Govisa to ensure the security, integrity, and confidentiality of personal and sensitive data.
2. Scope
Applies to all users, partners, providers, and employees accessing Govisa’s information systems.
3. Security Governance
Security Officer oversees implementation
Regular internal and external audits
Staff awareness of data protection obligations
4. Technical Measures
Encryption: SSL/TLS (transfer), AES-256 (storage)
Secure hosting (ISO/IEC 27001 certified servers)
Access control with two-factor authentication
Encrypted and tested backups
5. Organizational Measures
Staff sign IT and confidentiality charters
Clear incident response procedures
DPR training for team members
6. Incident Management
Intrusion detection systems and monitoring
Prompt response and notification to authorities (if needed)
Business continuity plan tested annually
7. Third-Party Access
Contracts with confidentiality and GDPR compliance clauses
Limited access to essential data
Security evaluation before onboarding providers
8. Compliance & Continuous Improvement
Policy and tools regularly updated.
Based on ANSSI, CNIL and regulatory authority guidelines
Documented processes accessible to authorized personnel
Contact: contact@govisaapp.com