Data Breach Response Plan

Introduction

This Data Breach Response Plan outlines the steps that Server Armour will follow in the event of a data breach.

1. Identification

In case of any unusual activity or suspected data breach, it should be reported immediately to our Data Protection Officer at [email protected].

2. Containment

Upon receiving a report of a data breach, we will immediately work to contain the breach to prevent any further unauthorized access or dissemination of personal data. This could involve disconnecting affected systems or revoking access rights.

3. Assessment

We will then conduct a thorough assessment to understand the nature and extent of the data breach, including which systems and types of data have been affected.

4. Notification

As per the GDPR requirements, if the breach is likely to result in a high risk to the rights and freedoms of individuals, we will notify the affected individuals without undue delay. We will also report the breach to the appropriate supervisory authority within 72 hours of becoming aware of it.

5. Investigation

An internal investigation will be conducted to understand how the breach occurred and how it was handled. The aim of this investigation will be to identify any shortcomings in our processes and systems and to rectify these.

6. Review and Update Security Measures

Following the conclusion of the investigation, we will update our security measures as necessary to prevent a similar breach from occurring in the future.

7. Documenting the Incident

We will keep a comprehensive record of any data breaches, including their effects and the remedial actions taken, as part of our general accountability obligation under the GDPR.

Contact

For any inquiries or additional information related to this Data Breach Response Plan, please contact us at [email protected].