Meddicc Score

Enhance your sales process with Meddicc score for Hubspot

Security Policy

Last updated: March 4, 2025

At Meddicc Score, we take the security of our users’ data very seriously. This Security Policy outlines the measures we take to protect your information and ensure the integrity and confidentiality of your data.

Data Storage and Encryption

How Your Data is Stored

Your data is stored securely on servers located in Frankfurt, Germany, managed by Amazon Web Services (AWS). We use (Under NDA) for our database storage, which is also hosted on AWS. AWS provides robust security measures to protect your data, including physical security controls, network security, and data encryption.

How Your Data is Transferred

All data transferred between your device and our servers is encrypted using Secure Socket Layer (SSL) technology to ensure its confidentiality and integrity during transmission.

Security Measures

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. These measures include:

  • Encryption: All data is encrypted both in transit and at rest using industry-standard encryption algorithms.
  • Access Controls: Access to your data is restricted to authorized personnel only, and we regularly review our access controls to ensure they are up-to-date.
  • Regular Security Audits: We conduct regular security audits and assessments to identify and address potential vulnerabilities in our systems.
  • Data Anonymization: Where possible, we anonymize data to protect your privacy.
  • Daily Backups: We perform daily backups of our (Under NDA) database to ensure data integrity and availability.

Authentication and Authorization

HubSpot Integration

Authentication is handled through HubSpot, as our application runs inside the HubSpot environment. Users must authenticate with HubSpot before accessing our application. This ensures that only authorized users can access the application and its data.

Incident Response

What Happens in Case of a Breach

In the unlikely event of a data breach, we will promptly notify you and the relevant authorities as required by applicable law. We will take all necessary steps to mitigate the impact of the breach and prevent any further unauthorized access to your data. Our incident response plan includes:

  • Immediate investigation of the breach to determine its scope and impact.
  • Notification to affected users and relevant authorities within the legally required timeframe.
  • Measures to contain and mitigate the breach, including securing affected systems and data.
  • Steps to prevent future breaches, including reviewing and updating our security practices and controls.

Monitoring and Logging

While we currently do not use specific tools for monitoring and logging security events, we are evaluating the implementation of such tools to enhance our security posture. Monitoring and logging can help detect and respond to security incidents more effectively.

Third-Party Service Providers

We use several third-party service providers (sub-processors) to perform services on our behalf. These providers are listed in our Privacy Policy. We ensure that all third-party service providers adhere to strict security standards to protect your data.

User Responsibilities

Protecting Your Account

While we take extensive measures to protect your data, you also play a crucial role in maintaining the security of your account. We recommend that you:

  • Use a strong, unique password for your account and change it regularly.
  • Enable two-factor authentication (2FA) if available.
  • Be cautious of phishing attempts and do not share your login credentials with anyone.
  • Log out of your account when using shared or public devices.

Contact Us

For any questions or concerns regarding your security, you may contact us using the following details:

  • Email: meddiccscore@gmail.com

Updates to This Security Policy

We may update this Security Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by updating the “Last updated” date at the top of this policy and, where appropriate, by other means.

Note: This Security Policy is part of our commitment to transparency and accountability in how we handle your data. We encourage you to review this policy regularly to stay informed about our security practices.