Innixus Security, Privacy, and Community Standards

 

At innixus, we are committed to protecting and respecting your privacy. We comply with applicable data protection laws, including, in particular, the Swiss Federal Act on Data Protection (FADP) and the EU General Data Protection Regulation (GDPR). We use a third-party platform, Hivebrite, to provide a secure, dynamic, and engaging environment for our members.

This document outlines how Innixus ensures security, protects user privacy, and fosters a supportive community. At the end, you will find links to our Data Privacy Policy, Terms and Conditions, and Cookie Policy for further details.

1. Data Hosting

Innixus community data are stored in Switzerland. The hosting architecture includes:

  • Google Cloud Platform (GCP) in Zurich.
  • Amazon Web Services (AWS) in Ireland and Frankfurt.

This setup ensures compliance with Swiss and European data protection laws, including GDPR, providing a secure foundation for all community interactions.

2. Privacy Measures

2.1 Compliance with GDPR

Hivebrite and innixus prioritize GDPR compliance:

  • Transparency in data collection and use.
  • Consent-based marketing interactions.
  • The ability for users to withdraw cookie consent or update privacy preferences anytime.

2.2 Personal Data Management

Data Collected:

  • Name, email, job title, company, and other profile information.
  • Technical data such as IP addresses and browser details.

Retention Policy:

  • Data is retained for the duration of a user’s membership.
  • Deleted accounts' data is purged after six months.

User Rights: Users may access, modify, or delete their data by contacting innixus at [email protected].

2.3 Cookies

Three cookie categories enhance the platform experience:

  • Necessary Cookies: Ensure platform functionality.
  • Functional Cookies: Enable enhanced features like social media integration.
  • Tracking Cookies: Collect analytics to improve services.

Users can manage their cookie preferences and opt out at any time.

3. Security Measures

3.1 Security and Privacy Measures

Hivebrite prioritizes the protection of user data by implementing comprehensive security and privacy measures designed to uphold the confidentiality, integrity, and availability of information.

  • Data Encryption: Industry-leading AES-256 encryption protects data at rest and in transit, ensuring sensitive information is shielded from unauthorized access.
  • Secure Software Development Lifecycle: Comprehensive security and privacy checks, coupled with rigorous quality assurance practices, are conducted throughout the software development process to mitigate vulnerabilities before deployment.
  • Certifications: Hivebrite holds the ISO27001 certification for robust information security management systems and complies with the Payment Card Industry Data Security Standard (PCI-DSS) for secure payment processing.
  • Penetration Testing and Vulnerability Assessments: Regular penetration testing by qualified professionals and continuous internal and external vulnerability assessments proactively identify and address potential security weaknesses.
  • Web Application Firewall (WAF): A robust Web Application Firewall provides an additional protective layer, defending against potential threats and unauthorized access.

 

3.2 Virus Scanning

To safeguard shared files:

  • Files uploaded by users or admins are first stored on Amazon Web Services (AWS).
  • The files are scanned using a robust antivirus service.
  • While scanning, users see a loader. Malicious files are flagged, and users must remove them before proceeding.

File Scan Coverage:

  • Supported file types include PDFs, Word documents, Excel sheets, PowerPoint presentations, and others. Links are not scanned.

Processing Time:

  • Scanning typically matches upload time but may take up to 30 seconds for the first upload after a period of inactivity.

3.1 Multi-Factor Authentication (MFA)

MFA adds a second layer of security to the login process:

  1. Login credentials (username and password).
  2. A one-time code sent to the user's registered email.

For Users:

  • MFA is available on desktop and mobile platforms, with codes valid for 5 minutes.
  • Users inactive for 7 days are logged out.

For Admins:

  • MFA secures Back Office (BO) logins.
  • Admin accounts lock after five failed login attempts, requiring email recovery.

4. Community Governance

4.1 User Responsibilities

Community members are expected to:

·       Sign and follow the charter of ethics.

  • Avoid posting offensive or harmful content.
  • Keep login credentials secure.
  • Respect others' privacy and intellectual property.

4.2 Reporting and Moderation

To maintain a safe environment:

  • Inappropriate content can be reported using the "Report as Offensive" tool.
  • Reports are investigated, and actions, including account suspension, may be taken.

4.3 Terms and Conditions

By accessing the platform, users agree to the innixus Community Terms and Conditions, which govern proper use and adherence to local laws.

5. Contact and Support

For any queries or support requests:

  • Email: [email protected]
  • Address: Route des Jeunes 33, 1227 Carouge, Genève, Switzerland

6. Documents for Your Reference

Here are the key documents related to Innixus’s security, privacy, and community governance:

Terms and Conditions

Privacy Policy