Security Policy
Effective Date: April 29, 2025
Lonyandza Consultancy is committed to safeguarding the confidentiality, integrity, and availability of the data entrusted to us. This Security Policy outlines the technical, administrative, and physical safeguards we have in place to protect the personal and sensitive information of our clients and users.
1. Our Commitment to Security
We understand the importance of information security and implement industry-standard practices to ensure that all data collected or processed through our website or services is protected from unauthorized access, misuse, alteration, or loss.
2. Technical Safeguards
We utilize the following security measures:
-
SSL Encryption: All communication between users and our website is encrypted using Secure Socket Layer (SSL) technology.
-
Secure Hosting: Our website is hosted on a secure platform that follows best practices for firewalls, malware scanning, and intrusion detection.
-
Regular Backups: We perform regular backups of data to ensure recovery in the event of data loss or system failure.
-
Two-Factor Authentication (2FA): Administrative access is protected using 2FA where applicable.
3. Administrative Safeguards
-
Limited Access: Only authorized personnel have access to sensitive personal data, and access is granted based on the principle of least privilege.
-
Staff Training: Our team is trained in data privacy and information security practices.
-
Data Handling Protocols: Clear internal procedures govern how data is collected, accessed, stored, and shared.
4. Physical Safeguards
-
Device Protection: All company devices are protected by passwords and are regularly updated with security patches.
-
Storage Security: Any physical documents are stored securely with restricted access and are destroyed when no longer needed.
5. Incident Response
In the event of a data breach or security incident:
-
We will promptly investigate and take steps to mitigate any damage.
-
Affected users will be notified as required by law.
-
The incident will be documented and reviewed to improve future protections.
6. User Responsibilities
Users also play a role in security. You should:
-
Use strong, unique passwords when creating accounts or submitting forms.
-
Avoid sharing personal login details with others.
-
Notify us immediately if you suspect unauthorized access to your data.
7. Third-Party Services
We only engage third-party providers (e.g. universities, hosting providers) who comply with security best practices. Contracts and agreements require them to handle your data securely and confidentially.
8. Policy Updates
We may update this Security Policy to reflect improvements in technology or legal requirements. Any changes will be posted here with an updated effective date.
9. Contact Us
For questions or concerns about this policy or to report a security issue, contact:
📧 info@lonyandza.com