sagitto's cybersecurity policy.


Sagitto is committed to protecting the privacy, confidentiality, integrity, and availability of our customers' data and our own systems.
Sagitto takes cybersecurity seriously

Our Cybersecurity Policy.

We follow the best practices and standards for cyber security, such as the outlined by CERTNZ. This policy outlines how we handle cyber security for our services and what we expect from our customers.
1. Data Protection
We encrypt all data in transit using industry-standard algorithms and protocols. We only collect the minimum amount of data necessary to provide our service and we do not share it with any third parties without your consent. We back up your data regularly and store it in multiple locations. We comply with all applicable data protection laws and regulations, such as the GDPR. Our data privacy policy can be found here.
2. Access Control
We use secure authentication methods, such as two-factor authentication, to verify the identity of Sagitto staff. We grant the least privilege principle to our staff and contractors and review their access rights periodically. We monitor and audit all access attempts and activities on our systems and report any suspicious or unauthorized actions.
3. System Maintenance
We update and patch our systems regularly to ensure they are secure and reliable. We have a security incident response plan in place and we notify our customers promptly in case of any breach or disruption.
4. Customer Education
We provide our customers with guidance and resources on how to use our service securely and responsibly. We encourage our customers to follow the security best practices, such as using strong passwords, and reporting any issues or concerns to us. We welcome feedback and suggestions from our customers on how to improve our cyber security.
5. Security Consultation
We follow the latest trends and developments in cyber security and adopt new technologies and methods as appropriate. We are open to collaboration and cooperation with other SaaS providers and organizations in the cyber security community.