- Captain Verify ›
- Information Systems Security Policy
Information Systems Security Policy
Protecting your information is our priority. Our team designs secure systems and we work with experts to always better protect you.
🔒 Our Security Commitments
Data protection guides all our technical decisions. We apply strict standards to prevent unauthorized access, loss, and alteration of information. Our systems are built on clear data governance to ensure rigorous control and continuous traceability. Captain Verify guarantees a reliable and secure service to protect your business. Discover the six pillars that structure our security policy.
Confidentiality and Compliance
A DPO has been appointed. Data processing complies with the GDPR. The client retains control over data retention periods. No data is transferred outside the European Union. Transparency and confidentiality guide all operations.
Data Encryption
All data is encrypted in transit via TLS and encrypted at rest within the infrastructure. Encryption keys are protected and governed by the secure mechanisms of our ISO 27001 and SOC 2 certified hosting providers.
Reliable Hosting in France
Services are hosted exclusively in OVHcloud and Scaleway data centers located in France. These environments benefit from physical access controls, anti-DDoS protection, firewalls, network segmentation, and resilience mechanisms.
Advanced Data Protection
Client data remains isolated and accessible only by authorized accounts. Development follows OWASP best practices. Security logs are retained and monitored to detect abnormal behavior.
Backups and Continuity
Critical data is backed up externally, versioned, and encrypted. The disaster recovery plan (DRP) is tested annually. Restart mechanisms ensure rapid recovery in the event of a major incident.
Audits and Monitoring
Infrastructures are continuously monitored. Internal and external audits are conducted annually. Identified vulnerabilities are promptly addressed. The team regularly reviews access and user behavior.