SECURITY POLICY

[Last Revised: July 27, 2020]

This Security Policy (“Security Policy”) is intended to provide the users of our website and Services with an overview of GNG AI ISRAEL LTD’s security practices and policies taken in order to safeguard Personal Data processed by us.

PHYSICAL ACCESS CONTROL

We secure physical access to our premises. In addition, we use Amazon Web Services (“AWS”) AWS security policy can be found HERE.


DATA ACCESS CONTROL

The access to our systems and database containing Personal Data is possible only with authorization and password protection. Only our team members that have a “need to know” can access Personal Data. We use industry common practices in order to audit and monitor access to our database in order to be able to immediately handle unauthorized access.


SYSTEM ACCESS CONTROL

As stated above, access to our database containing Personal Data is possible only to designated team members, and solely to the extent required. We store Personal Data in AWS servers, and such services enable access solely through personal user authentication. Furthermore, any remote access to is restricted and requires applicable safeguards, for example VPN protection.


ORGANIZATION AND OPERATIONAL MEASURES

We invest efforts to educates our team member regarding the importance of privacy and security of Personal Data. Team members are also obligated to the confidentiality and security of Personal Data as part of their employment agreements. We ensure the security of both hardware and software, by using industry common practices such as anti-malware software, firewalls, virus detection software, etc.


TRANSFER CONTROL

We implemented industry common measures in order to ensure that transfers of Personal Data is made in a secured manner in order to prevent Personal Data from being read, copied, modified or removed by unauthorized third party during transmission over the network.


JOB CONTROL

Our team members, including employees and independent contractors are all signed on binding obligations related to data protection. Any violation of such obligations or our polices in this regard will result in disciplinary actions.