Learn how we keep your data secure
Our GDPR standards, security policies, testing and more.
General Data Protection Regulation (GDPR)
Here is some key information on how we securely store your data.
1. What we're storing
We store only necessary information, as collected by you.
2. How we're storing it
We encrypt your data both at rest and in transit, and our site and storage processes are designed for security (you can learn more on how we store your data further down this page).
3. Who can access it
We have extensive internal access controls and regulations for the usecure team, who only have access to data under limited conditions. You are able to restrict admin access to sensitive materials.
4. Our core standards
Our core compliance with the act means that:
- We have full awareness of where any of your data is being held & when outside of the EU, ensuring appropriate compliance is in place.
- We ensure that only those who require access to your data are able to & we have the highest level of protection against unauthorised access.
- We ensure you have the right to view, amend, export or delete any information that we hold on your behalf, including anything held by 3rd party services.
- We ensure that consent is given during the sign up process for all that use usecure and allowing you to withdraw at anytime.
Frequently asked questions
If you have other questions we’re happy to help you at firstname.lastname@example.org
How does Phished treat privacy?
Included in the Phished Academy, users can find an entire section dedicated to their personal profiles. They get an overview of the data we have collected and what we do with it. Through this platform they can exercise their privacy rights.
Can recipients unsubscribe themselves from the automated program?
In practice, this is possible if the administrator gives permission. However, we do not recommend this as organisations benefit from training as many of their employees as possible.
Is Phished GDPR compliant?
We were set up in April 2018, just before this regulation came into force. In other words, we have had the GDPR in place since day one. As a cybersecurity company, privacy and online safety are of paramount importance. We are 100% GDPR compliant.
Where does Phished store its data?
Currently, all data is stored on a Google Cloud server within the EEA (within Belgium). There is an option to store data in specific countries. This is the most secure way of working.
How does Phished process data?
We do not process personal data when we make automated decisions (such as determining who receives which simulation and when), so we are fully compliant with the GDPR legislation.