Book A Free Consultation

    Security Policy

    Security Policy for Swiss Digitech GmbH

    Effective Date: 01. January 2025

    At Swiss Digitech GmbH, safeguarding customer data is our top priority. This Security Policy outlines the organizational and technical measures we implement to protect against unauthorized access, use, alteration, or disclosure of customer data. Our solutions, including PayrollRobot.ai, operate in a secure, cloud-based environment to ensure data integrity and privacy.

    1. Security Overview

    Swiss Digitech GmbH is committed to protecting your data through robust security protocols. Our operations are supported by Amazon Web Services (AWS), ensuring compliance with global security standards.

    1. Security Team

    Our team comprises seasoned professionals with expertise in designing and managing secure systems. They are dedicated to maintaining a secure environment and addressing potential vulnerabilities swiftly.

    1. Best Practices

    Incident Response Plan

    • We maintain a formal incident response protocol and educate our staff on security policies.
    • Security events are escalated to emergency teams, resolved promptly, and followed by detailed post-mortem analyses to prevent recurrence.
    • Customers will be notified in writing of verified breaches affecting their data.

    Build Process Automation

    • Updates to our platform are deployed securely and frequently, ensuring quick rollout of any necessary fixes.
    1. Infrastructure
    • Cloud-based Services: All services and data are hosted in AWS, protected by its robust security measures.
    • Virtual Private Cloud (VPC): Our systems operate within a secure VPC with network access control.
    • Data Backup: Regular backups are performed to safeguard data against loss.
    1. Data Security

    Data Storage

    • All customer data is stored in Europe, within multi-tenant datastores, ensuring logical separation for privacy.
    • Unit and integration tests validate our privacy controls, preventing unauthorized access.

    Data Transfer

    • Data is encrypted in transit using 256-bit encryption and at rest using AES-256.
    • All application endpoints support TLS/SSL to ensure secure communication.
    1. Authentication & Access Control
    • Authentication: Swiss Digitech services are 100% HTTPS, with two-factor authentication for secure access.
    • Permissions: Role-based permissions ensure employees access only the data necessary for their tasks.
    1. Monitoring and Audits
    • All activity is logged and monitored to detect unauthorized access.
    • Regular security audits are conducted to identify and resolve vulnerabilities.
    • Swiss Digitech GmbH complies with industry standards like SOC 2 and works with external auditors to validate security measures.
    1. Security Certifications
    • SOC 2 Compliance: Swiss Digitech GmbH maintains SOC 2 Type I and II compliance. Reports are available upon request under NDA.
    • AWS Compliance: Swiss Digitech leverages AWS certifications, including PCI-DSS, and GDPR compliance.
    1. Customer Responsibilities
    • Maintain strong passwords and enable two-factor authentication for your accounts.
    • Notify us promptly in case of credential compromise or suspected suspicious activity.
    • Adhere to the terms of service, including avoiding unauthorized penetration tests without prior written consent.

    For additional information on security practices or to request a copy of our SOC 2 reports, please contact us at info@payrollrobot.ai.

    Swiss Digitech GmbH
    Neumattstr. 12, 8902 Urdorf
    www.payrollrobot.ai