1. Introduction
At Stockpilot.com, we recognize the importance of protecting the security and confidentiality of our customers’ data. This Information Security Policy outlines our commitment to safeguarding data through robust information security practices. It applies to all employees, contractors, and third-party service providers who interact with our data systems.

2. Purpose
The purpose of this policy is to establish clear guidelines and procedures for managing the security of information and IT systems at Stockpilot.com. By adhering to these practices, we aim to minimize the risks associated with data breaches, unauthorized access, and other cyber threats while complying with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and Dutch data protection laws.

3. Data Protection

  • Confidentiality: We ensure that sensitive business, customer, and financial data is only accessible to authorized personnel. Access controls are implemented to limit exposure of sensitive data.
  • Integrity: We implement data validation and monitoring systems to ensure data accuracy and completeness throughout its lifecycle.
  • Availability: Our systems are designed for reliability, with backups and redundancy measures in place to ensure continued availability of business-critical systems and data.

4. Security Measures
To protect the integrity of data, we employ various security measures, including but not limited to:

  • Encryption: All sensitive data is encrypted both in transit (via HTTPS) and at rest to prevent unauthorized access.
  • Authentication: Strong authentication methods, including multi-factor authentication (MFA), are required for all users accessing our internal systems.
  • Regular Audits: We perform regular security audits and vulnerability assessments to identify potential threats and weaknesses, taking prompt action when necessary.

5. Incident Response
In the event of a data breach or security incident, we follow a structured incident response process that includes:

  • Detection and Containment: Rapid detection of the breach and immediate containment to limit its impact.
  • Investigation and Remediation: Detailed investigation to understand the cause and implement corrective actions.
  • Notification: Affected parties are notified in compliance with relevant data protection regulations (e.g., GDPR, Dutch data protection laws) and within statutory timeframes.

6. Employee Training
We provide ongoing security awareness training to all employees to ensure they understand security risks, data privacy principles, and how to mitigate threats. Employees are also trained to recognize phishing attempts, social engineering attacks, and other forms of cyber threats.

7. Compliance
Stockpilot.com complies with industry best practices and applicable data protection regulations, such as:

  • General Data Protection Regulation (GDPR)
  • Dutch Implementation of the GDPR (UAVG)
  • California Consumer Privacy Act (CCPA)
  • Payment Card Industry Data Security Standard (PCI-DSS)

We continuously monitor regulatory changes and update our practices to ensure compliance with relevant laws.

8. Data Retention and Disposal
We retain personal data only for as long as necessary to fulfill the purposes outlined in our privacy policy. When data is no longer required, we ensure secure deletion or anonymization of the data to prevent unauthorized access.

9. Policy Review
This Information Security Policy is reviewed regularly and updated as necessary to address new security risks, changes in technology, and evolving regulatory requirements. We remain committed to improving our security practices and ensuring that our customers’ data is protected at all times.

10. Contact Us
If you have any questions or concerns about this policy or our security practices, please contact us at:
Email: [email protected]
Phone: +31 (0)85 060 3151

stockpilot-logo-white





© 2022 – All rights reserved.

Company

Subscribe

and be the first to know all updates and special offers

Follow Us