04 feb 2025

Data Security

Nanoheal Data Security: Protecting Your Information

At Nanoheal, data security is paramount. We understand the critical importance of protecting your information and are committed to maintaining the highest standards of security and privacy. This page details our comprehensive approach to safeguarding your data.

Our Commitment to Data Security:

We employ a multi-layered security strategy that encompasses physical, technical, and administrative safeguards designed to protect your data from unauthorized access, use, disclosure, alteration, or destruction. Our commitment extends to all stages of the data lifecycle, from collection and storage to processing and eventual deletion.

Data Security Principles:

We adhere to the following core principles in our data security practices:

  • Confidentiality: We protect your data from unauthorized access and disclosure.

  • Integrity: We maintain the accuracy and completeness of your data.

  • Availability: We ensure that your data is accessible when you need it.

  • Accountability: We are responsible for the security of your data and are transparent about our practices.

Security Measures:

We implement a range of security measures to protect your data, including:

  • Physical Security: Our infrastructure is hosted in secure data centers operated by Amazon Web Services (AWS), a leading cloud provider. These data centers employ multiple layers of physical security, including:

    • Controlled access with biometric authentication and security personnel.

    • 24/7 video surveillance and intrusion detection systems.

    • Environmental controls to protect against fire, flood, and other disasters.

  • Technical Security: We utilize advanced technical safeguards to protect your data, including:

    • Encryption: All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security). Data at rest is encrypted using industry-standard encryption algorithms. We use [specify the algorithm, e.g., AES-256] encryption.

    • Access Control: We implement strict access control measures, limiting access to your data to authorized personnel only. Role-based access control ensures that employees only have access to the information they need to perform their duties.

    • Vulnerability Management: We regularly conduct vulnerability scans and penetration testing to identify and address potential security weaknesses. These tests are performed by [internal team/third-party security experts].

    • Intrusion Detection and Prevention: We employ intrusion detection and prevention systems (IDS/IPS) to monitor our network for suspicious activity and block malicious traffic. Our IDS/IPS systems utilize [mention specific technologies or approaches, e.g., signature-based detection, anomaly detection].

    • Firewalls: We use firewalls to control network traffic and prevent unauthorized access to our systems.

    • Regular Security Audits: We conduct regular security audits to assess the effectiveness of our security controls and identify areas for improvement.

  • Administrative Security: We maintain robust administrative policies and procedures to govern data security, including:

    • Security Training: All employees undergo mandatory security awareness training upon joining Nanoheal and annually thereafter. This training covers topics such as password security, phishing awareness, and data protection best practices.

    • Data Breach Response Plan: We have a comprehensive data breach response plan in place to address any security incidents promptly and effectively. This plan includes procedures for notification, investigation, and remediation.

    • Background Checks: We conduct background checks on all employees to ensure that they meet our security standards.

    • Vendor Management: We carefully vet all third-party vendors who have access to your data to ensure that they meet our security requirements. We have data processing agreements in place with all such vendors.

Data Privacy:

We are committed to protecting your privacy and comply with all applicable data privacy regulations, Our Privacy Policy, which can be found here, details how we collect, use, and share your personal information.

Data Retention:

We retain your data only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, or support our business operations. Our data retention policy outlines specific retention periods for different types of data. [Link to data retention policy, if available].  

Data Deletion:

You have the right to request the deletion of your personal data, subject to certain exceptions, such as legal obligations or ongoing contractual relationships. Instructions for submitting data deletion requests can be found [link to data deletion request instructions].

Reporting Security Vulnerabilities:

If you believe you have discovered a security vulnerability on our Website or in our services, please report it to us immediately at security@nanoheal.com.

Contact Us:

If you have any questions or concerns about our data security practices, please contact us at security@nanoheal.com.

Updates to this Page:

We may update this Data Security page from time to time. Any changes will be posted on this page with a revised "Effective Date." We encourage you to review this page periodically to stay informed about our data security practices.  

Effective Date: 04 Feb 2025