Security Practices Policy
Effective: July 2018
This page describes the security practices Quick Safety uses in order to protect data collected from its website (www.quicksafety.com.au) (“Site“) and/or mobile platforms, including information provided by all users of the Site and mobile platforms (“User Data”).
Quick Safety takes the security of your data very seriously.Please contact us at firstname.lastname@example.org if you have any questions regarding our security practices.
User Data is securely stored through Microsoft Azure. Microsoft Azure is a cloud storage solution that offers durable and secure storage. All data written to Azure Storage is encrypted by the service. Azure Storage provides fine-grained control over who has access to the data.
Data collected from our Site and/or mobile platforms is strictly controlled by us. We understand the confidentiality of User Data and are committed to ensuring that all data is only seen by those with the proper authority and is not seen by anyone who should not have access to it.
Quick Safety will only allow the particular individuals and/or companies that are explicitly connected to each job to access the data relevant to that job. All other individuals or companies that are not explicitly connected to the job must obtain the prior approval of the customer.
Quick Safety’s Site and mobile application are certified by RPEQ (Registered Professional Engineers of Queensland) to meet the AS/NZS3000 Standards requirements.
Quick Safety can access detailed logs recording each time users access the Site and/or the mobile platform. These logs include the IP address of the connection. This process would be used as a recommended security measure in the event of a data breach.
Data Retention and Deletion
Quick Safety retains User Data for five years in Australia and seven years in New Zealand.
We will destroy or de-identify personal information after five years (or seven years if the personal information is collected in New Zealand), or alternatively, when our legal obligations to retain the information have expired and the information is no longer needed by us.
Quick Safety implements disaster recovery to the cloud by using Azure Site Recovery. For more information about this process, please visit: https://azure.microsoft.com/en-us/solutions/architecture/disaster-recovery-smb-azure-site-recovery/ and https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-overview
Microsoft Azure enables connection between virtual machines and appliances to other networked devices by placing them on Azure Virtual Networks. An Azure Virtual Network is a construct that allows connection between virtual network interface cards to a virtual network to allow TCP/IP-based communications between network enabled devices. Azure Virtual Machines connected to an Azure Virtual Network can connect to devices on the same Azure Virtual Network, different Azure Virtual Networks, on the Internet or even on your own on-premises networks. For more information, please visit: https://docs.microsoft.com/en-us/azure/security/azure-security-network-security-best-practices and https://docs.microsoft.com/en-us/azure/security/azure-network-security
Other Security Practices
Quick Safety, through its service providers, also utilizes DDoS Protection (Distributed Denial-of-Service), which is protection from a form of cyber-attack. This product offers protective and preventive DDoS services to mitigate and deflect any attacks by using security measures such as captchas, which require visitors prove they are human.
Data within the app is secured by utilization of tinfoil security, penetration testing, Web Application Firewall (WAF), App Service Authentication / Authorisation, Network Security Groups (NSG’s), and System/Diagnostics/Trace logs.
The most current version of Quick Safety’s Security Practices Policy can be viewed at any time by visiting www.quicksafety.com.au.