/ Go With Grace Plan / Data Privacy and Security
IN THIS SECTION

Data Privacy and Security

Data Privacy and Security

At Go With Grace, we prioritise the privacy and security of your data. Our commitment is to ensure that your information is handled with the utmost care and protected against unauthorised access. Below are the key measures we have implemented to safeguard your data throughout its lifecycle.

Website Hosting

We host Go With Grace on a secure server infrastructure employing robust security protocols to ensure the confidentiality and integrity of your data. This includes:

  • SSL Encryption – We utilise Secure Socket Layer (SSL) encryption to safeguard data in transit between your browser and our servers. This technology ensures that any information exchanged between you and our website remains confidential.
  • Real-time Scanning for Malware – Our hosting environment employs real-time malware scanning to detect and eliminate potential threats promptly.
  • Data Encryption – All stored data on our servers is encrypted at rest and in transit, in both physical and application layers adding extra layers of protection against unauthorised access. This includes both data and files such as images and documents.
  • Security Audits and Monitoring – Continuous security audits and monitoring are conducted to identify and address potential vulnerabilities or suspicious activities.
  • Brute Force Protection – Measures are employed to prevent brute force attacks, where attackers attempt to gain unauthorised access by repeatedly trying different password combinations.
  • Hosting Isolation – Use of container technology by our upstream hosting provider has been used to ensure our server is contained in its own environment, minimising the impact of security issues from any other customer site.
  • Software Updates – Core application files are locked down with software updates applied automatically and usually within a few days of their release.

Additional Security Layers

  • Penetration Testing – We conduct regular penetration testing to identify and address vulnerabilities, ensuring the ongoing security of our platform.
  • Password Security and Strength – We enforce strong password policies to enhance security. This includes requiring account passwords use a combination of uppercase and lowercase letters, numbers, and special characters. Go With Grace Plan holders will be reminded periodically to change their passwords.
  • Two-Factor Authentication – We have implemented two-factor authentication (2FA) to provide an additional layer of security for user accounts.
  • Disaster Recovery Plan – Our disaster recovery plan includes comprehensive procedures to minimise downtime and data loss in the event of unforeseen incidents.

Data Management

We are committed to evolving our data management practices to meet emerging challenges and adhere to the highest industry standards.

  • Website Backups – Our website employs a robust backup system to regularly capture and secure all critical data. This ensures that in the event of unforeseen circumstances, we can swiftly restore your information and maintain seamless continuity.
  • Archiving of Plans – If a Go With Grace Plan remains inactive for more than 10 years and attempts to contact the plan owner by email are unsuccessful, the plan itself will be archived for a further period of two years and any files uploaded to the plan will be deleted.
  • Contingency Plan –  If at any stage in the future, Go With Grace ceases to operate, all Go With Grace plans and associated files, will be sent to plan owners via the email address supplied in their Go With Grace account.

Personally Identifiable Information

We adhere to best practices in handling Personally Identifiable Information (PII), ensuring that sensitive data is handled with the utmost care and in compliance with data protection regulations (New Zealand Privacy Act 2020).

  • Access to Go With Grace Plans – Individual plans are not available even to website administrators and can only be accessed by the Go With Grace plan owner when logged into the website. If you have shared your plan with a lawyer or loved one, they can access a read-only version of your plan, once they have created their own Go With Grace account and logged in.
  • Deleting Information – Only a logged in account user can directly delete their Go With Grace Plan. In this case, all information and associated files will be deleted by a Go With Grace administrator as soon as is reasonably practical.
  • Requesting Information to be deleted – In the event of a Go With Grace Plan owner dying, a lawyer or loved one can request that a plan is deleted. In this case, we require a copy of the death certificate (if available) or a referral to a lawyer to confirm.

Your Role in Data Security

We encourage Go With Grace Plan owners to play an active role in maintaining the security of their accounts.

  • Password Management – Regularly update your password and avoid sharing it with unauthorised individuals. We would suggest using a password manager such as Last Pass or 1Password to store your passwords.
  • Two-Factor Authentication – We require that you enable two-factor authentication within three days of creating your plan for an added layer of security.

Your trust is paramount to us. By implementing these robust security measures and continuously improving our data management practices, we aim to provide a safe and secure online experience for all our users. If you have any questions or concerns regarding data privacy and security, please contact the Go With Grace administrator at info@gowithgrace.nz.

IN THIS SECTION

Data Privacy and Security