Individuals
Businesses

MediaBank & Clients

Data Protection Policy

This document serves as MediaBank’s and its clients’ data protection policy, outlining how data is secured and stored. It provides a comprehensive overview of our commitment to transparency, ensuring the security of your data in accordance with applicable privacy laws and regulations. We prioritize safeguarding your personal information and maintaining the highest standards of data protection throughout our operations.

0
Introduction
1
Confidentiality
2
Data Encryption
3
Service Infrastructure
4
Availability
5
Security Practices in Product Development
6
Access to the Service
7
Billing Details Specific Measures
8
Changes to this Policy
9
Contact Us

Introduction

At MediaBank, we prioritize the protection of personal data entrusted to us by our clients and their customers. This Data Protection Policy outlines the measures we implement to ensure the confidentiality, integrity, and availability of data processed through the websites we develop, including informational websites, e-commerce stores, and complex web applications.

1. Confidentiality

  • Authorized Access: Personal data access is granted only to authorized personnel based on their job roles and responsibilities. Each individual’s access is strictly limited to the extent necessary for performing their tasks.
  • Access Limitation: We restrict access to personal data to individuals who require it for specific purposes. Unauthorized access to personal data is prohibited, and strict controls are in place to prevent such occurrences.
  • Technical Controls: We implement technical measures to monitor and control access to personal data. This includes logging access activities, implementing encryption where applicable, and employing security protocols to prevent unauthorized access or breaches.
  • Confidentiality Agreements: All personnel handling personal data are required to sign confidentiality agreements. These agreements outline their obligations regarding data protection and confidentiality, emphasizing the importance of safeguarding personal data in compliance with GDPR regulations. Additionally, regular training sessions are conducted to ensure that employees understand their responsibilities and stay updated on data protection practices.

2. Data Encryption

  • Encryption of Data in Transit: We employ advanced encryption protocols, such as Transport Layer Security (TLS) 1.2, to encrypt data transmitted over public networks. This ensures that sensitive information remains secure during transmission, protecting it from unauthorized interception or access. Additionally, we use robust encryption algorithms like AES256 and SHA2 signatures to further enhance the security of transmitted data.
  • Encryption of Data at Rest: In our production environment, data at rest is encrypted at the storage level using strong encryption algorithms like AES256 or AES128. This encryption ensures that data stored on our servers remains protected even if unauthorized access is gained to the physical storage devices.
  • Continuous Monitoring and Upgrades: We continuously monitor and assess our encryption protocols to ensure they meet the latest security standards and best practices. This includes regularly upgrading our encryption algorithms and protocols to adapt to evolving threats and vulnerabilities in order to maintain the highest level of data security possible.

3. Service Infrastructure

At MediaBank, we prioritize the security of our hosting infrastructure to ensure the protection of customer data. Our infrastructure security measures include:

  • Data Center Security: Our websites are hosted in data centers operated by industry-leading providers known for their state-of-the-art physical and cloud security measures. These data centers adhere to strict security protocols to safeguard against unauthorized access, environmental hazards, and physical breaches.
  • Logical Segregation of Customer Data: Within our cloud resources, customer data is logically segregated to ensure data isolation and protection against hardware failures. This segregation helps prevent unauthorized access to sensitive information and minimizes the risk of data loss or corruption.
  • Restricted Network Access: Access to our production environment is tightly controlled, with network access restricted to essential protocols required for delivering our services. This approach helps minimize the attack surface and reduces the risk of unauthorized access or malicious activities.
  • DDoS Mitigation: We employ advanced Distributed Denial of Service (DDoS) mitigation techniques to safeguard our network perimeter against potential DDoS attacks. These techniques help ensure the availability and reliability of our services even during periods of high traffic or malicious attack attempts.
  • Access Control and Authentication: Changes to our production environment are restricted to authorized personnel only, who access the environment via dedicated Virtual Private Network (VPN) connections. Additionally, multi-factor authentication (MFA) is implemented for all server access, adding an extra layer of security to prevent unauthorized access to critical systems and data.

4. Availability

Our websites are designed for high availability, with fault-tolerant systems and disaster recovery measures in place.

  • Fault-Tolerant Systems: Our websites are designed with fault-tolerant systems to minimize downtime and ensure uninterrupted access to services. We employ redundant components and failover mechanisms to mitigate the impact of hardware failures or service disruptions.
  • Redundant Data Storage: Customer data is stored redundantly across multiple locations within our cloud provider’s data centers. This redundancy helps ensure data availability and resilience against localized outages or hardware failures. In addition, we implement regular data backups and restoration procedures to further safeguard against data loss.
  • Centralized Logging and Monitoring: We maintain a centralized logging system to monitor security, availability, and access metrics across our infrastructure. This system allows us to track and analyze logs for security events, performance issues, and other relevant indicators. By proactively monitoring our systems, we can identify and respond to potential threats or vulnerabilities in real-time, enhancing overall security and resilience.

5. Security Practices in Product Development

At MediaBank, security is ingrained into every stage of our product development cycle. We adhere to the following practices to ensure the security and integrity of our services:

  • Regular Security Reviews and Code Audits: We conduct regular security reviews and code audits as part of our development process. These reviews help identify and address potential security vulnerabilities in our software, ensuring that our products meet the highest standards of security.
  • Rigorous Security Review for New Features: Before implementing new features or design changes in the production environment, we subject them to rigorous security review processes. This thorough evaluation helps identify and mitigate any security risks associated with the changes, ensuring that our services remain secure and resilient.

6. Access to the Service

Access to certain websites developed by MediaBank is strictly controlled to ensure the confidentiality and security of customer data. We enforce the following access controls:

  • Authentication Requirement: All users are required to authenticate themselves when accessing our websites. This authentication process helps verify the identity of users and ensures that only authorized individuals can access sensitive information or perform specific actions.
  • Unique Identifiers for Authentication: Upon successful authentication, users are granted unique identifiers for authentication purposes. These identifiers help validate the identity of users and provide them with secure access to our services. By using unique identifiers, we can track and monitor user activity, detect unauthorized access attempts, and maintain the security of our systems.

7. Billing Details Specific Measures

At MediaBank, we take the security of billing details provided by customers in e-commerce stores seriously. We implement the following measures to ensure the confidentiality and integrity of billing information:

  • Encryption of Billing Details: Billing details provided by customers are encrypted both during transmission and storage using industry-standard encryption methods. This ensures that sensitive information such as credit card numbers, billing addresses, and payment details are protected from unauthorized access and interception.
  • Restricted Access: Access to billing details is strictly limited to authorized personnel who require this information for specific tasks. We enforce strict access controls and monitoring mechanisms to prevent unauthorized access or misuse of billing information. Only personnel with appropriate authorization are granted access to billing details, and all access attempts are logged and monitored for security purposes.
  • Compliance with PCI DSS: We adhere to the Payment Card Industry Data Security Standard (PCI DSS) requirements for handling payment card information. This includes implementing stringent security measures and controls to ensure the secure processing, storage, and transmission of payment card data. By complying with PCI DSS requirements, we uphold the highest standards of security in handling payment transactions, safeguarding the confidentiality and integrity of customer billing information.

8. Changes to this Policy

We may revise this Policy to reflect changes in our services, applicable laws, or other business developments. Revised policies will be posted on our website or notified to clients through email or other means.

9. Contact Us

Feel free to get in touch with us if you have any questions about this Policy or our data processing practices or if you would like to exercise any of your ‘data subject’ rights with respect to the Personal Data we maintain on you.

Last updated: [Sunday, 19th May 2024]

 

© 2025 MONARQ, ALL RIGHT RESERVED.