Last Updated: October 10, 2024

1. Introduction to Jurnee

Jurnee is a Software-as-a-Service (SaaS) platform designed to streamline the booking and management of corporate events. Our platform provides an intuitive interface to help companies organize events efficiently, while ensuring that sensitive event-related data is managed securely. As a data processor, we prioritize the privacy and protection of customer information, and adhere to the highest security standards to protect this data.

2. Security Governance

At Jurnee, security oversight is led by our Chief Technology Officer (CTO), who is responsible for the development, implementation, and management of our security program. Our security framework is built upon the best practices outlined by SOC 2 and GDPR (General Data Protection Regulation), ensuring that we meet industry standards and comply with regulatory requirements to protect customer data.

3. Data Security

Confidentiality and Encryption

Data submitted to Jurnee by authorized users is treated as confidential and handled with care to prevent unauthorized access. We employ encryption to protect data both in transit and at rest:

Customer data does not leave the Jurnee production environment unless required for specific purposes, such as responding to customer support requests.

Access Control

Access to customer data is tightly controlled using a combination of role-based access control (RBAC) and least privilege principles:

Access is monitored and logged, ensuring full transparency into who accessed sensitive information and when.

Network Security

Jurnee's databases are hosted in a private network environment, isolating them from public internet access. Direct access to the databases is restricted to a whitelist of authorized IP addresses. This setup minimizes the risk of external threats while ensuring that communication within our infrastructure remains secure.

4. Incident Response and Monitoring