Data Security Policy

Last updated:

1. Purpose

This policy defines the measures taken by Govisa to ensure the security, integrity, and confidentiality of personal and sensitive data.

2. Scope

Applies to all users, partners, providers, and employees accessing Govisa’s information systems.

3. Security Governance

Security Officer oversees implementation

Regular internal and external audits

Staff awareness of data protection obligations

4. Technical Measures

Encryption: SSL/TLS (transfer), AES-256 (storage)

Secure hosting (ISO/IEC 27001 certified servers)

Access control with two-factor authentication

Encrypted and tested backups

5. Organizational Measures

Staff sign IT and confidentiality charters

Clear incident response procedures

DPR training for team members

6. Incident Management

Intrusion detection systems and monitoring

Prompt response and notification to authorities (if needed)

Business continuity plan tested annually

7. Third-Party Access

Contracts with confidentiality and GDPR compliance clauses

Limited access to essential data

Security evaluation before onboarding providers

8. Compliance & Continuous Improvement

Policy and tools regularly updated.

Based on ANSSI, CNIL and regulatory authority guidelines

Documented processes accessible to authorized personnel

Contact : contact@govisaapp.com