Effective Date: 23 February 2025 (23/02/2025)
Authorised by: Founder
Last review: 23/02/2025
Next review due: 23/02/2026
1. Purpose
This policy outlines how DMNTR Software handles data breaches
2. Identifying a Data Breach
A data breach includes:
- Unauthorized access to personal data.
- Accidental loss or deletion of data.
- Data theft due to cyberattacks.
3. Response Procedure
- Step 1: Detect & Assess – Identify the nature and extent of the breach.
- Step 2: Contain & Mitigate – Secure systems and prevent further loss.
- Step 3: Report to ICO (if required) – If the breach poses a risk, notify the ICO within 72 hours.
- Step 4: Notify Affected Individuals (if required) – If there’s a high risk to individuals’ rights, inform them promptly.
- Step 5: Review & Prevent Future Breaches – Implement corrective actions.
4. Record-Keeping
We maintain a breach log detailing:
- Date & nature of breach.
- Actions taken.
- Notification decisions.
5. Contact Information
If you suspect a data breach, contact data@dmmn.tr immediately.