Security Policy

This Security Policy outlines the protocols for handling data provided by clients of Postglance in accordance with the Supply and Support Terms and Conditions (“Agreement”) or through the use of Postglance services or websites. By utilising our software, services, or website, or by entering into an Agreement with Postglance, you acknowledge and accept the terms of this policy. If you do not agree to this policy, please refrain from using our services or websites.

Data Storage and Infrastructure

Postglance operates as a cloud-based solution, with all software and client data hosted on Postglance Servers, which are powered by the IONOS VPS platform. IONOS is a reputable provider of Virtual Private Server (VPS) services, ensuring robust security and reliability. Their data centres maintain ISO 27001 certification, affirming compliance with international standards for Information Security Management Systems (ISMS). This certification reflects IONOS's commitment to effectively managing information security risks.

In addition to ISO 27001 compliance, IONOS employs a comprehensive suite of security measures, including:

• Firewall management
• Intrusion Detection Systems (IDS)
• Distributed Denial-of-Service (DDoS) protection
• Encrypted remote access

These measures are designed to safeguard against unauthorised access and cyber threats. Data from the European Union and the United Kingdom is stored in Dublin, Ireland; data from Australia and New Zealand is stored in Sydney; data from the United States is stored in Northern Virginia; and data from Canada is stored domestically. Postglance leverages IONOS's service offerings while adhering to industry best practices in Information Security.

Data Breach Notification Protocol

In the event of a data breach involving client data, Postglance will promptly notify affected clients in writing upon becoming aware of the incident. If any vulnerability is detected or if client data is exposed publicly outside of the Postglance Software, please report it immediately via email.

Data Encryption Mechanisms

Access to Postglance applications is secured via HTTPS utilising Transport Layer Security (TLS). Once client data is transmitted to the Postglance cloud infrastructure, all data is encrypted at rest using Advanced Encryption Standard (AES) with a 256-bit key length (AES-256).

Service Availability and Redundancy

Postglance is architected as a highly available, active-active solution, distributing services across multiple IONOS data centres. In the event of a disaster that renders one data centre inoperative, another data centre will continue to serve data with minimal or no interruption in service. Postglance assumes no liability for delays arising from IONOS server availability. Real-time service availability can be monitored on our status page.

API Security Protocols

Postglance implements stringent security measures to continuously monitor and protect all Application Programming Interfaces (APIs) from unauthorised access and exploitation. This includes safeguarding against malicious activities such as account takeovers, credential stuffing, content scraping, and denial-of-service attacks. Secure access to our APIs is provided exclusively through the Postglance Desktop, Mobile App, Web App, and Marketplace integrations. Any unauthorised applications or integrations will result in automatic IP address blocking and the suspension of user accounts involved in such activities.

Backup Policy

Postglance servers undergo regular backups multiple times daily, weekly, and monthly to ensure data integrity and recovery.

System Monitoring

Postglance employs a 24/7 monitoring strategy to ensure the continuous operational integrity and security of our systems.

Authorisation and Data Provision

If you supply any personal or sensitive data pertaining to other individuals to Postglance—either directly via our websites or through our software—you affirm that you possess the requisite authority to do so and permit us to use or host that data.

Account Access Protocols

To safeguard client information, Postglance reserves the right to suspend your access to any service without prior notice pending an investigation if any security breach is suspected. Unauthorised access to password-protected areas is strictly prohibited and may lead to criminal prosecution. Should you suspect that your account has been compromised or that your interaction with us is no longer secure, please contact us immediately at info@postglance.com.

We may utilise your information as deemed necessary or appropriate, including but not limited to:

• Compliance with applicable laws
• Adherence to legal processes
• Responses to requests from public authorities
• Liaison with service providers acting on our behalf
• Enforcement of our terms and conditions
• Protection of our operations or those of our affiliates
• Safeguarding of rights, privacy, safety, or property
• Pursuit of available remedies or mitigation of damages

While Postglance implements industry-standard security measures to protect information security, it cannot guarantee absolute security for information transmitted over the Internet. Users are responsible for maintaining the confidentiality of passwords or other authentication mechanisms utilised to access secure areas of Postglance websites.

Inquiries

This document encapsulates the security policy of Postglance and is subject to regular review and updates. It serves as the primary reference concerning security within Postglance. Any questions should be directed to info@postglance.com.