Security Notice

This Security Notice explains how susreg (“we,” “us,” or “our”) implements security measures to protect your data and ensure the safety of our website at susreg.com (the “Site”).

Data Security

We take data security very seriously and use the following measures to safeguard your information:

• Encryption: We use TLS 1.3 for data in transit and AES-256 for data at rest.
• Access Controls: Role-Based Access Control (RBAC) limits access to sensitive data. Access is reviewed and revoked when no longer needed.
• Data Storage: Data is stored on secure servers in data centers located in both Europe and the United States.
• Data Retention: Account information is retained for 90 days after account closure for fraud prevention purposes. Website usage logs are retained for 6 months for performance monitoring and analytics. For detailed information, refer to our Privacy Policy.
• Security Assessments: We conduct quarterly penetration tests, vulnerability scans, and annual third-party audits.
• Data Minimization: We collect only the minimum necessary data and anonymize or delete it when no longer needed.

Cybersecurity

Our cybersecurity practices protect against various threats:

• Firewalls & Intrusion Detection: Services like AWS WAF and Cloudflare help protect against malicious traffic.
• Software Updates: Automatic security updates address vulnerabilities promptly.
• Secure Development: Security is integrated into our Software Development Lifecycle (SDL).
• Employee Training: Ongoing training keeps our employees informed about security best practices.
• Vendor Security: Third-party suppliers adhere to strict security standards. Supplier Security Policies
• Incident Response: Our Incident Response Plan details how we handle security incidents.