Security Policy

Our Commitment to Security

At LabCalibrate.com, we treat the security of your data with the highest importance. We employ comprehensive technical and organizational measures to protect your information from unauthorized access, loss, or destruction.

Security Measures

Password Protection

To increase account security, we recommend:

• Using a unique password for LabCalibrate.com
• Password should contain at least 12 characters, uppercase and lowercase letters, numbers, and special characters
• Not sharing your password with third parties
• Changing your password periodically (every 3-6 months)

Data Hosting

Your data is stored in the following locations:

• Database: Hosted with MongoDB Atlas in EU (Frankfurt, Germany)
• File storage: Cloudflare R2 with global edge locations. Files may be stored in various geographic regions for performance and redundancy.
• Application: Hosted with Hostkey in Netherlands
• Logs/analytics: Server logs stored on Hostkey (Netherlands), user analytics with PostHog (EU region)

File Storage

Uploaded files (calibration certificates, reports) are stored in Cloudflare R2 with:

• Transmission encryption (industry-standard TLS)
• Encryption at rest depends on provider controls
• File size limit: 10 MB
• File type validation before storage

Data Access

Access to user data is limited to:

• Technical personnel for troubleshooting technical issues
• Support personnel for assisting users

All access is logged where operational. Employees have access only to data necessary to perform their duties.

No Guarantee

No system is 100% secure. We implement reasonable measures to protect your data, but cannot guarantee complete protection against all threats. You are responsible for maintaining the security of your account credentials.

Reporting Incidents

If you discover a potential security issue, please report it immediately at security@labcalibrate.com or using the form on the main page.

We aim to:

• Confirm receipt within 24-48 hours
• Respond with action details within a reasonable time
• Follow responsible disclosure principles

Data Breaches

In the event of a personal data breach that poses a risk to your rights and freedoms:

• We will notify you without undue delay where required by applicable law
• We will notify relevant supervisory authorities where required by GDPR and applicable laws
• We will provide information about the nature of the breach and suggested actions

Limitation of Liability

Despite the security measures in place:

• We do not guarantee complete protection against all threats
• We are not liable for security breaches resulting from User actions
• We are not liable for disclosure by Users to third parties

Regular Reviews

Our security measures are periodically reviewed and updated, including:

• Regular software updates
• Staff security awareness training
• Security policy reviews

Compliance

We strive for compliance with:

• General Data Protection Regulation (GDPR) – EU privacy legislation
• Polish data protection laws
• Applicable data protection laws in other jurisdictions

Children's Privacy

The Service is not intended for persons under 16 years of age. We do not knowingly collect data from children. If we discover we have collected data from a child, we will delete it immediately.

Questions?

For any security-related questions, contact us at security@labcalibrate.com or use the form on the main page.