Personal Data Security

    1. INTRODUCTION

      SortExpress prioritizes the protection of personal data and compliance with relevant laws. We take measures to ensure the security of customer and user data, including:

      • Only authorized employees access data for permitted business functions.
      • Encryption is used for data transmission, and firewalls prevent unauthorized access.
      • Physical, electronic, and procedural safeguards are implemented for data collection, storage, and disclosure.

      We work with vendors who maintain a suitable level of data security.

      For more details on our privacy and compliance practices, please refer to our Privacy Policies, Cookies Policies, and End-user Privacy Policies available on our website. Additional information about our security measures can be found here.

    2. PRODUCT SECURITY

      SortExpress prioritizes the security of its products and implements various measures to protect user data:

      • All communications between users and our systems are encrypted using industry-standard technology (TLS).
      • Sensitive payment information is transmitted via SSL technology and encrypted in our payment gateway provider's database.
      • Access to SortExpress systems requires login, with encrypted passwords that can be changed at any time.
      • We employ advanced authorization methods like two-factor authentication and access keys.
      • Regular monitoring and proactive assessment of system vulnerabilities are conducted by our security department.
      • Data is replicated across multiple data centers for disaster recovery and daily backups are performed.
      • Privacy by design and privacy by default policies are implemented to ensure data protection.
      • Ongoing testing and improvements are conducted to enhance security. We strive to provide the highest level of security for our users and their data.

    3. COMPLIANCE

      SortExpress follows comprehensive safety verification standards during product development. We conduct regular technical audits and penetration tests to ensure a high level of security. Continuous risk assessment is performed, and risk treatment plans are created and monitored for top risks. This assessment includes evaluating privacy safeguards through Data Protection Impact Analysis (DPIA).

      To maintain a unified approach to data protection, SortExpress has developed a Personal Data Protection Policy that outlines data handling requirements, privacy considerations, and responses to violations. Our employees receive training on security awareness and Voluum's specific security requirements. New employees undergo general security awareness training, followed by role-based training. We provide recurring training through updates, notices, and internal communications to ensure our employees are well-prepared for their responsibilities.

    4. CONFIDENTIALITY

      At SortExpress, strict confidentiality policies are in place and followed by our employees and associates. We prioritize the confidentiality of individuals with access to your Data and systems that store such Data. Our employees receive regular training on security awareness and how to handle any incidents that may pose a risk to your Data. Access to your Data and the systems that store it is granted only to trusted partners who have been authorized by SortExpress and have undergone proper entity verification.

    5. PHYSICAL SECURITY

      At SortExpress, we take physical security seriously and have implemented industry-standard measures within our headquarters. These measures include the presence of on-premise security guards, video monitoring systems, ID verification for guests, electronic access cards, and additional intrusion protection measures. These physical security controls help safeguard our data center infrastructure and ensure that access to company locations is restricted to authorized personnel and trusted partners.