Security Details
At Cinna Mon Consulting, the security of your information and that of your partners is a top priority. We implement a combination of organizational, technical, and procedural safeguards to protect your data across our consulting services, Webinar-as-a-Service (WaaS), and the CinnaLab.io SaaS platform.Data Security Practices
- Encryption: All data in transit is protected using TLS (HTTPS). Sensitive information stored within our systems and databases is encrypted at rest.
- Access Controls: User accounts are protected by strong authentication, and access to sensitive data is restricted to authorized personnel only.
- Role-Based Permissions: Within CinnaLab.io, partner managers and partners have role-specific access to ensure least-privilege data sharing.
Infrastructure & Application Security
- Hosting: CinnaLab.io is hosted on Heroku, a secure cloud platform with enterprise-grade compliance (ISO 27001, SOC 2, GDPR, etc.).
- System Monitoring: We monitor systems for suspicious activity, unauthorized access attempts, and downtime.
- Regular Patching: Core systems and third-party dependencies are updated regularly to reduce vulnerabilities.
Operational Security
- Staff Training: All team members undergo security awareness training and follow internal protocols for data handling.
- Least Privilege Access: Employees and contractors are granted access only to the data and tools necessary for their role.
- Confidentiality Agreements: All staff and contractors sign confidentiality agreements.
Compliance
- GDPR/UK GDPR: Our processes align with European data protection laws.
- Data Processing Agreements: We work with trusted providers (Zoom, MailerLite, HubSpot, Salesforce, etc.) under compliant data processing agreements.
Incident Response
In the unlikely event of a data breach or security incident:- We will notify affected clients and partners without undue delay.
- We will work with relevant authorities and implement remediation measures.
Your Role in Security
We encourage clients and partners to:- Use strong, unique passwords.
- Keep login credentials confidential.
- Report any suspicious activity to hello@cinnamonconsulting.tech immediately.