Back to home

Information System Security Policy

Guidelines ensuring the security, integrity, and confidentiality of guest WiFi login data processed by Fydelia.

Effective date: 30 April 2020 Fydelia by Sentinel Software Ltd

Purpose

This policy establishes guidelines to ensure the security, integrity, and confidentiality of guest WiFi login data processed by Fydelia. As a data processor, Fydelia is committed to protecting the information entrusted to us on behalf of our clients and following all applicable laws and best practices.

Scope

This policy applies to all employees, contractors, and third parties with access to Fydelia's information systems, software, and infrastructure used for processing guest WiFi data.

Section 01 Data Collection and Processing

  • Role as Data Processor: Fydelia serves solely as a data processor for guest WiFi login information, which may include personally identifiable information (PII) as specified by clients. Fydelia does not act as a data controller and is not responsible for the data beyond the processing tasks specified by each client.
  • Data Transmission to Clients: Private guest login data collected via Fydelia's platform will be passed securely to the client if they choose to set up data integrations. This data will only be transmitted via approved secure methods.

Section 02 Data Retention and Deletion

  • Standard Retention Period: Fydelia will retain guest WiFi login data for one (1) year from the date of collection.
  • Custom Retention Requests: Clients may request alternative retention periods in writing. Such requests must be documented and approved in accordance with Fydelia's data management procedures.
  • Secure Deletion: At the end of the retention period, Fydelia will securely delete or anonymize the data in accordance with industry best practices to ensure the complete erasure of any residual information.

Section 03 Data Security

  • Access Controls: Only authorized personnel with a legitimate business need may access guest login data. Access is granted based on the principle of least privilege and reviewed regularly.
  • Encryption: All guest WiFi login data is encrypted during transmission and at rest. Data integrations are also performed using encryption protocols that meet industry standards.
  • Network Security: Fydelia employs firewalls, intrusion detection systems, and network monitoring tools to prevent and detect unauthorized access to our systems. Regular vulnerability assessments and penetration tests are conducted to identify and mitigate security risks.

Section 04 Incident Response and Reporting

  • Incident Management: Fydelia has established procedures for responding to data security incidents. These include measures to contain the incident, investigate its cause, and mitigate any potential impact.
  • Client Notification: In the event of a data breach involving client data, Fydelia will notify the affected client promptly, including details of the breach and the steps taken to address it.

Section 05 Compliance and Audit

  • Regulatory Compliance: Fydelia complies with applicable data protection laws and regulations in the jurisdictions in which we operate, including the GDPR for EU-based clients.
  • Internal Audits: Regular internal audits are conducted to verify adherence to this policy. Any findings are addressed in a timely manner to ensure ongoing compliance and security improvements.

Section 06 Employee Training and Awareness

  • Security Training: All employees with access to guest WiFi login data or Fydelia's information systems undergo regular training on data security best practices, privacy obligations, and incident response procedures.
  • Confidentiality Agreements: Employees and contractors are required to sign confidentiality agreements as part of their employment or engagement with Fydelia.

Section 07 Policy Review and Updates

This policy is reviewed annually and updated as necessary to reflect changes in business practices, legal requirements, and emerging security risks. Clients will be informed of any significant changes to this policy that may affect the processing of their data.

Contacting Us

If there are any questions regarding this policy you may contact us using the information below.

Fydelia is run by Sentinel Software Limited, Gemini House, 136-140 Old Shoreham Road, Brighton, BN3 7BD.
Registered in the UK: 6463344 · VAT Reg 135 2946 10

support@fydelia.com