{"id":81435,"date":"2026-02-05T19:43:04","date_gmt":"2026-02-05T19:43:04","guid":{"rendered":"https:\/\/newonclusivstg.wpengine.com\/?page_id=81435"},"modified":"2026-02-26T20:01:09","modified_gmt":"2026-02-26T20:01:09","slug":"digimind-security-policy","status":"publish","type":"page","link":"https:\/\/onclusive.com\/en-gb\/legal\/digimind-security-policy\/","title":{"rendered":"Digimind &#8211; Security Policy"},"content":{"rendered":"\n<section\n    class=\"block-pcon\">\n\n      \n\t\t\t<div class=\"post_content--wrapper\">\n\t\t\t\t<div class=\"post_content--copy  \">\n\t\t\t\t\t<div class=\"post_content--copy-inner-wrapper\">\n\n\n\t\t\t\t\t\t\t\t\t\t\t\t\t<div class=\"post_content-copy-wrapper\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t  \t\t<h1><strong>Digimind <\/strong><strong>(<em>part of Onclusive group)<\/em> \u00a0<\/strong><strong>Security Policy<\/strong><\/h1>\n<p>&nbsp;<\/p>\n<h2><\/h2>\n<h2><strong>Policy Statement\u00a0<\/strong><\/h2>\n<p>The objective of information security is to minimize the risk of damage by preventing security incidents and reducing their potential impact, and to ensure the business continuity of Digimind, now doing business as Onclusive. The policy\u2019s goal is to protect the organization\u2019s informational content against all internal or external Security threats.<\/p>\n<p>The security policy ensures that:<\/p>\n<ul>\n<li>The information will be protected against unauthorized access;<\/li>\n<li>Confidentiality of information will be ensured;<\/li>\n<li>The availability of information for operational processes will be maintained;<\/li>\n<li>Business continuity plans will be developed, maintained and tested;<\/li>\n<li>Information security policy will be available to all employees;<\/li>\n<li>All suspected information security issues will be reported to the information security officer and will be investigated.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h2><strong>Organisation of Information Security<\/strong><\/h2>\n<h3><strong>Roles &amp; Responsibilities<\/strong><\/h3>\n<p>The Digimind Security Global Policy is validated by the CEO and is sponsored by the CTO. The CTO is responsible for the implementation of information security and privacy within Digimind.<br \/>\nThe Quality of the processes, their description, their format, their maintenance is ensured by the Quality Manager.<br \/>\nThe Security Policy is implemented within the company by the Product Manager. He is the main point of contact during security audits. The security of software development is covered by the Head of Development while the Servers security is the responsibility of the Head of Production Systems.<br \/>\nSecurity Incidents are managed by the Head of Support. He is in charge of the correct application of the processes as well as their maintenance and evolution.<br \/>\nAll Digimind employees are trained in Information Security. They are individually accountable and responsible for respecting Digimind\u2019s information Security Policies.<\/p>\n<h3>Security Principles, Standards &amp; Certifications<\/h3>\n<p>Our security management system is aligned with ISO 27xxx series standards and OWASP principles.<br \/>\nOur Servers Hosts are compliant with reinforced security requirements, including: PCI DSS, HDS, TSP, CSA, ISO 27017, ISO 27018 and CISPE.<br \/>\nOur Hosted Private Cloud infrastructures hold ISO 27001, PCI DSS PSP, HDS, SOC I and II type 2 certifications and accreditations.<br \/>\nOur customers can have Digimind Solutions audited by an external organisation.<\/p>\n<p>&nbsp;<\/p>\n<h2><strong>Information Security Management System<\/strong><\/h2>\n<h3>About Security Risk Management<\/h3>\n<p>Security and privacy risks are addressed through the application of appropriate security controls and associated risk treatment plans and the acceptance and management of residual risks.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Logical Access<\/strong><\/h3>\n<p>Access to Digimind\u2019s systems and information are controlled to protect its confidentiality, integrity and availability. Accordingly, access is restricted to those with a \u2018need to know\u2019 and is reviewed periodically to ensure appropriate access is maintained. Access credentials must meet specific minimum requirements, depending on the subject system, to reduce the risk of unauthorized access.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Physical Security<\/strong><\/h3>\n<p>Physical security is fully covered in order to prevent any unauthorised access to sites or specific technical areas. Nominative access processes and devices are in place and logged. Sites are secured with anti-intrusion systems, video surveillance and 24\/7 security service.<\/p>\n<h3><strong>Security Incident management<\/strong><\/h3>\n<p>A security incident is an event that may indicate that an organization&#8217;s systems or data have been compromised or that measures put in place to protect them have failed. In Digimind we are aware that an incident may occur at some point. Therefore all Digimind employees must ensure they know how to identify and report a security incident and must be fully familiar with their involvement in the incident management process.<br \/>\nThe Incident Management Process of Digimind defines what incident may be qualified as a Security Incident, the associated investigation needed, the evaluation of risk, notifications processes, what escalation is needed, as well as the actions to be taken, their record in an Incident log reference document and the follow up on actions.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Notification to Customers<\/strong><\/h3>\n<p>In the case of a Security Incident, users of Digimind\u2019s solutions are immediately notified within the solutions as well as in our dedicated\u00a0<a href=\"https:\/\/status.digimind.com\/\" target=\"_blank\" rel=\"noopener\">Status Page<\/a>, and via email.\u00a0Our notification processus embeds a follow up on incidents with associated corrective and preventive actions taken.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Business Continuity &amp; Disaster Recovery Plan (BCDR)<\/strong><\/h3>\n<p>Digimind\u2019s BCDR aims at supporting the organization&#8217;s ability to remain operational after an adverse event. The plan covers the key business continuity principles, policies and strategies put in place, a global analysis of risks (and yes, we finally excluded the Zombie attack \ud83e\udddf\u200d\u2642\ufe0f), Validation and Testing procedures. Recovery processes are described as well as data backup, and servers management.<\/p>\n<p>&nbsp;<\/p>\n<h3>Data Privacy<\/h3>\n<p>As a world leader in online intelligence, Digimind pays the most attention to the processing of personal data. Our longstanding experience in this market has allowed us to build an effective framework that ensures compliance with personal data local regulations. A more extensive description of it is available on the\u00a0<a href=\"https:\/\/onclusive.com\/en-gb\/legal\/digimind-data-privacy\/\" target=\"_blank\" rel=\"noopener\">Digimind Data Privacy page<\/a>.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Cryptography<\/strong><\/h3>\n<p>We encrypt all customer uploaded data and login credentials in transit. We use TLS with AES-128 encryption with ECDHE key exchange signed with GCM\/SHA256.<\/p>\n<p>&nbsp;<\/p>\n<h3><strong>Training &amp; Awareness<\/strong><\/h3>\n<p>Information security training is provided to all Digimind employees. Completion of courses is monitored and reported. Certification is valid for one year. New hires are required to undertake the Information Security training within their first month of employment. Managers are responsible for ensuring their teams are aware of and comply with any applicable security requirements.<\/p>\n<p>&nbsp;<\/p>\n<h3>Changes to this Policy<\/h3>\n<p>We may revise this Security Policy from time to time. The most recent version of the policy will govern our use of your information and will always be at\u00a0<a href=\"https:\/\/onclusive.com\/en-gb\/legal\/digimind-security-privacy\/\" target=\"_blank\" rel=\"nofollow noopener\">https:\/\/onclusive.com\/en-gb\/legal\/digimind-security-privacy\/<\/a>.<\/p>\n<p>Effective:\u00a0<strong>April 30th, 2016.<\/strong><br \/>\nLast update:\u00a0<strong>October 28th, 2024.<\/strong><\/p>\n<p>If you wish to obtain more information about Digimind Security Policy and Global Framework, you can contact us right now at\u00a0<strong><a href=\"mailto:security@onclusive.com\" rel=\"nofollow noopener\">security@onclusive.com<\/a><\/strong>.<\/p>\n<p>&nbsp;<\/p>\n<p><a href=\"https:\/\/onclusive.com\/legal\/privacy-policy\/\" target=\"_blank\" rel=\"noopener\">View Onclusive Privacy Policy<\/a><\/p>\n<p><a href=\"https:\/\/onclusive.com\/legal\/terms-of-use\/\" target=\"_blank\" rel=\"noopener\">View Onclusive Terms of Use<\/a><\/p>\n \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t\t\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t<\/div>\n\n\t\t\n<\/section> \n\n\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":25,"featured_media":0,"parent":5750,"menu_order":7,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"region":[],"class_list":["post-81435","page","type-page","status-publish","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/onclusive.com\/en-gb\/wp-json\/wp\/v2\/pages\/81435","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onclusive.com\/en-gb\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/onclusive.com\/en-gb\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/onclusive.com\/en-gb\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/onclusive.com\/en-gb\/wp-json\/wp\/v2\/comments?post=81435"}],"version-history":[{"count":0,"href":"https:\/\/onclusive.com\/en-gb\/wp-json\/wp\/v2\/pages\/81435\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/onclusive.com\/en-gb\/wp-json\/wp\/v2\/pages\/5750"}],"wp:attachment":[{"href":"https:\/\/onclusive.com\/en-gb\/wp-json\/wp\/v2\/media?parent=81435"}],"wp:term":[{"taxonomy":"region","embeddable":true,"href":"https:\/\/onclusive.com\/en-gb\/wp-json\/wp\/v2\/region?post=81435"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}