How do you control access to our data?

We follow a least-privilege model:

• Employees get access only to the systems they need for their job.

• Access rights are reviewed regularly (e.g., quarterly or when roles change).

• Access is managed through centralized user management, with periodic audits of who has access to what.

All staff are required to follow our security policies, complete security awareness training where applicable, and promptly report suspected incidents.