Data & Payment Security

GreenScript Data & Payment Security Policy

Last Updated: 18th Feb 2024

At GreenScript, we prioritize the security and confidentiality of data and payment information entrusted to us by our users. This Data & Payment Security Policy outlines our commitment to safeguarding this information and the measures we undertake to ensure its protection.

1. Data Security Measures

1.1 Data Encryption: All sensitive information, including personal and medical data, is transmitted over secured and encrypted connections. We utilize industry-standard encryption protocols to protect data during transfer, reducing the risk of unauthorized access.

1.2 Access Controls: Access to user data is strictly controlled and limited to authorized personnel who require access for legitimate business purposes. Access permissions are regularly reviewed and updated based on the principle of least privilege.

1.3 Data Storage: User data is stored securely on servers with restricted access. We employ robust security measures to prevent unauthorized access, ensuring the confidentiality and integrity of stored information.

1.4 Data Backups: Regular data backups are performed to prevent data loss in the event of unforeseen circumstances. Backup systems undergo routine testing to verify their reliability and effectiveness.

1.5 Employee Training: All employees undergo comprehensive training on data security practices and protocols. This includes awareness of potential security threats, the importance of safeguarding sensitive information, and the procedures to follow in the event of a security incident.

1.6 Incident Response Plan: In the event of a data security incident, we have established protocols to respond promptly and effectively. This includes notifying affected parties, investigating the incident, and implementing corrective measures to prevent future occurrences.

2. Payment Security Measures

2.1 PCI DSS Compliance: We adhere to the Payment Card Industry Data Security Standard (PCI DSS) to ensure the secure processing, transmission, and storage of payment card information. Our systems undergo regular assessments to maintain PCI DSS compliance.

2.2 Secure Payment Gateways: For online transactions, we utilize reputable and secure payment gateways to process payments securely. These gateways employ encryption and other security features to protect financial information during transactions.

2.3 Tokenization: Sensitive payment data is replaced with unique tokens during processing, reducing the risk associated with the storage and handling of cardholder information. This enhances security and aligns with best practices in payment security.

2.4 Regular Security Audits: We conduct regular security audits and assessments to identify and address vulnerabilities in our payment systems. These audits may be performed by internal teams or third-party security experts.

2.5 Fraud Prevention: We implement robust fraud prevention measures, including real-time transaction monitoring, to detect and prevent fraudulent activities. Suspicious transactions trigger alerts, leading to immediate investigation and action.

2.6 Compliance Monitoring: Our payment processes are continuously monitored to ensure compliance with applicable legal and regulatory requirements related to financial transactions and data protection.

3. User Responsibilities

3.1 Account Security: Users are responsible for maintaining the security of their accounts, including passwords and access credentials. We encourage users to use strong, unique passwords and enable two-factor authentication for enhanced security.

3.2 Reporting Security Concerns: Users are encouraged to report any security concerns, suspicious activities, or potential vulnerabilities promptly. Reports can be submitted to hello@greenscript.co.uk.

This Data & Payment Security Policy reflects our ongoing commitment to maintaining the highest standards of security for user data and payment information. We continually assess and enhance our security practices to adapt to evolving threats and technologies.

For inquiries related to this policy, please contact our Security Team at hello@greenscript.co.uk.