Security Overview

Last updated:  September 2025

At MyNewTerm, we take the security of our customers’ data seriously. This Security Overview outlines the technical and organisational measures we implement to safeguard personal data and maintain service integrity which have been identified having regard to the risks presented by our processing activities.The safeguards beloware regularly evaluated and tested to ensure the effectiveness of the security of personal data and we regularly consider whether any alternative or additional security or technical measures could be implemented to protect personal data.

DATA ENCRYPTION

1.1 In Transit: All data is encrypted using TLS 1.2 or higher during transmission.

1.2 At Rest: Data stored in our databases and file systems is protected using AES-256 encryption.

ACCESS CONTROL & AUTHENTICATION

2.1 Access to production systems is restricted to authorized personnel only.

2.2 We enforce role-based access control (RBAC) and multi-factor authentication (MFA).

2.3 Access logs are monitored and retained for auditing purposes.

HOSTING INFRASTRUCTURE

3.1 Our services are hosted with reputable cloud providers including:

  1. Microsoft Azure (via Evaris) (UK)
  2. Amazon Web Services (AWS) (Global)
  3. IONOS (EU)

3.2 All providers comply with internationally recognized standards such as ISO 27001.

VULNERABILITY MANAGEMENT

4.1 We perform regular vulnerability scans and apply security patches as part of our maintenance process.

4.2 We proactively monitor for threats and engage with external security professionals for assessments.

DATA BACKUP & DISASTER RECOVERY

5.1 Data is backed up daily, encrypted, and stored securely.

5.2 We maintain a disaster recovery plan with redundant systems and failover procedures.

5.3 Recovery processes are tested regularly.

INCIDENT RESPONSE

6.1 We have a defined Incident Response Plan (IRP) to manage and mitigate security incidents.

6.2 In the event of a breach affecting personal data, we will notify customers in accordance with our Data Processing Addendum.

EMPLOYEE SECURITY & TRAINING

7.1 All staff undergo mandatory data protection and security training during onboarding and annually thereafter.

7.2 Staff access to systems is granted on a need-to-know basis and reviewed regularly.

CERTIFICATIONS & COMPLIANCE

8.1 We are certified under:

  1. Cyber Essentials
  2. IASME Cyber Assurance Level 1

8.2 We comply with applicable data protection laws including UK GDPR, EU GDPR, and the Data Protection Act 2018.

CONTACT US

9.1 If you have questions or security concerns, please contact:

9.2 Email: dpo@mynewterm.com

© MyNewTerm 2025

Candidates Register Free Employers Book a Demo

0
online applications
0
vacancies advertised
0
awards won
Background Image

Processing... Please wait