Security Policy
1. Introduction
At JustRooms.co.uk, we prioritise the security of our users’ data and the integrity of our systems. This Security Policy outlines our commitments and measures to safeguard your personal and financial information.
2. Data Protection
Encryption: All sensitive data, including payment information, is encrypted using SSL (Secure Socket Layer) technology during transmission.
Storage: Personal data is stored securely using industry-standard encryption and access controls.
3. Access Control
User Authentication: We employ robust authentication mechanisms, including multi-factor authentication (MFA) for account access.
Role-Based Access: Internal access to data is restricted to authorised personnel only, based on their role and responsibilities.
4. Monitoring and Auditing
Activity Monitoring: We continuously monitor our systems for suspicious activity and potential security breaches.
Audit Logs: Detailed audit logs are maintained to track access and modifications to sensitive data.
5. Security Measures
Firewalls: Advanced firewalls are utilised to protect our network from unauthorised access.
Intrusion Detection Systems (IDS): We deploy IDS to detect and respond to potential security threats in real-time.
Regular Updates: All systems and software are regularly updated with the latest security patches.
Cloudflare Protection: We utilise Cloudflare to enhance our security, providing protection against DDoS attacks, malicious bots, and other threats.
6. Incident Response
Response Plan: We have a comprehensive incident response plan to address and mitigate the impact of any security breaches promptly.
Notification: Affected users will be notified promptly in the event of a data breach, in accordance with applicable laws and regulations.
7. User Responsibilities
Password Security: Users are responsible for maintaining the confidentiality of their account credentials and for notifying us immediately of any unauthorised use.
Secure Practices: We encourage users to adopt secure practices, such as using strong passwords and regularly updating them.
8. Compliance
Legal Compliance: Our security practices comply with relevant laws and regulations, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
Regular Audits: We conduct regular security audits to ensure compliance with industry standards and best practices.
9. Third-Party Services
Vendor Security: We ensure that third-party service providers adhere to strict security standards and practices.
Data Sharing: Personal data is shared with third parties only as necessary for providing our services and is protected under appropriate agreements.
Third-Party Liability: We are not liable for any data breaches or security concerns that arise due to the failure of third-party service providers. While we select these providers carefully, users acknowledge that any issues related to third-party services are outside of our control and responsibility.
10. Limitation of Liability
Data Breaches and Hacks
Responsibility: JustRooms.co.uk employs rigorous security measures to protect user data. However, in the event of a data breach or hack, we will take immediate action to mitigate the impact and notify affected users as required by law.
Third-Party Liability: While we carefully select third-party service providers (e.g., Cloudflare) to enhance our security, we are not liable for breaches resulting from their failures.
Indemnification: Users agree to indemnify and hold JustRooms.co.uk harmless from any claims, damages, or losses arising from any and all security breaches.
11. Continuous Improvement
Training: Regular security training is provided to our staff to stay informed about the latest threats and security practices.
Review and Update: Our security policies and measures are reviewed and updated regularly to adapt to evolving security threats.
12. Contact Information
For any questions or concerns regarding our Security Policy, please contact us at:
JustRooms.co.uk
Email: [email protected]
13. Policy Updates
We reserve the right to update this Security Policy at any time. Changes will be effective immediately upon posting on our website. Your continued use of the website constitutes acceptance of the updated policy.