Security Policy
Data & Server Security
Our servers are hosted in secure data centers. However, physical access and control of these facilities are managed by the respective data center providers, except for equipment that is owned and operated directly by ATHENSINK.
All server configuration and management procedures are carried out according to industry best practices, and appropriate security measures are implemented to protect systems against unauthorized access, cyberattacks, and hacking attempts. In cooperation with our hosting providers, ATHENSINK maintains 24/7 monitoring procedures and automated alert systems designed to detect and respond to potential issues as quickly as possible.
It should be noted that server security is separate from the security of your own website or online store. As a client, you are also responsible for implementing appropriate security measures on your side, including firewalls, SSL certificates, security monitoring tools, code scanning systems, and any other protections necessary to safeguard the integrity of your website and data.
Access to servers is protected through encrypted connections, multi-factor authentication, secure credentials, and additional security mechanisms designed to ensure the highest possible level of protection.
ATHENSINK personnel are granted access according to a strict permission structure and are only authorized to access systems and information necessary for the completion of their assigned tasks.
With regard to server or website maintenance services, clients covered by a maintenance agreement are granted the specific access rights required for their services and are subject to the same access control policies. Upon termination of a maintenance agreement or the discontinuation of such services, all relevant credentials and access information are delivered to the client, and ATHENSINK shall thereafter bear no responsibility for the management, operation, or security of those systems.
All server configuration and management procedures are carried out according to industry best practices, and appropriate security measures are implemented to protect systems against unauthorized access, cyberattacks, and hacking attempts. In cooperation with our hosting providers, ATHENSINK maintains 24/7 monitoring procedures and automated alert systems designed to detect and respond to potential issues as quickly as possible.
It should be noted that server security is separate from the security of your own website or online store. As a client, you are also responsible for implementing appropriate security measures on your side, including firewalls, SSL certificates, security monitoring tools, code scanning systems, and any other protections necessary to safeguard the integrity of your website and data.
Access to servers is protected through encrypted connections, multi-factor authentication, secure credentials, and additional security mechanisms designed to ensure the highest possible level of protection.
ATHENSINK personnel are granted access according to a strict permission structure and are only authorized to access systems and information necessary for the completion of their assigned tasks.
With regard to server or website maintenance services, clients covered by a maintenance agreement are granted the specific access rights required for their services and are subject to the same access control policies. Upon termination of a maintenance agreement or the discontinuation of such services, all relevant credentials and access information are delivered to the client, and ATHENSINK shall thereafter bear no responsibility for the management, operation, or security of those systems.
Data Security & Support Services
In the case of an active support agreement, ATHENSINK may have access to your credentials and certain account information, including services such as Facebook, Google Accounts, and other platforms required for the provision of support services.
The management and storage of this information are carried out using industry-standard security practices, including secure credential management systems protected by master passwords and role-based access controls.
Throughout our collaboration, information may be exchanged that could directly or indirectly identify you or your business. Once such information has been processed, it is either securely stored when future use is considered necessary or, where appropriate, the original transmission medium (such as email or SMS) is permanently deleted.
The management and storage of this information are carried out using industry-standard security practices, including secure credential management systems protected by master passwords and role-based access controls.
Throughout our collaboration, information may be exchanged that could directly or indirectly identify you or your business. Once such information has been processed, it is either securely stored when future use is considered necessary or, where appropriate, the original transmission medium (such as email or SMS) is permanently deleted.
Infrastructure & Facilities Security
ATHENSINK’s facilities are protected by comprehensive physical and digital security measures, including encrypted data transmission and communication systems. Computers and other systems operate within a secure environment, while all software and operating systems are kept fully updated and protected by both local and perimeter firewalls to ensure maximum security. In the event of an attempted breach, compromise, or destruction of our systems, data can be restored through encrypted backup systems. These backups are created using specialized software and advanced encryption technologies designed to ensure the highest possible level of data protection and recovery.
Instructions
Data security—especially the protection of personal information—is an ongoing process that requires continuous attention and cannot be achieved through a fixed set of measures alone. We continuously enhance our infrastructure by implementing new security measures and upgrading older systems with more modern and secure technologies. However, data security is a shared responsibility, as in most cases the same data is also owned and managed by the client, with only a few exceptions. For this reason, we recommend following a number of best practices to help protect both your personal information and your data.
- Access to your personal data and account information should only be made from devices that you own or from devices used by authorized personnel. Access should not be granted to third parties, including members of your household or family environment, such as young children.
- Any devices you use to access your data should run legally licensed software, be fully updated with the latest security patches, and have appropriate protection in place, including antivirus software, anti-malware tools, and firewalls.
- Do not share your passwords, even temporarily, with individuals who are not directly involved in your business or authorized to access your systems. If this is not possible and you are required to share your credentials with a third party, you should change your password immediately after access has been granted or the task has been completed.
- Do not keep emails or SMS messages that contain your personal information or the personal information of third parties longer than necessary.
- Enable two-factor authentication (2FA) whenever it is available.
- Any devices you use to access your data should run legally licensed software, be fully updated with the latest security patches, and have appropriate protection in place, including antivirus software, anti-malware tools, and firewalls.
- Do not share your passwords, even temporarily, with individuals who are not directly involved in your business or authorized to access your systems. If this is not possible and you are required to share your credentials with a third party, you should change your password immediately after access has been granted or the task has been completed.
- Do not keep emails or SMS messages that contain your personal information or the personal information of third parties longer than necessary.
- Enable two-factor authentication (2FA) whenever it is available.
- Sensitive information should be stored in a secure location accessible only to you or authorized personnel. Where possible, appropriate safeguards should be in place to protect this information against theft, unauthorized access, or any other malicious activity.
- You should promptly inform your service providers and business partners of any changes to your primary contact information, such as your email address, telephone number, mailing address, or other essential details.
- You should immediately notify ATHENSINK of any activity you consider suspicious or that may result in the compromise of your personal data or account security.
- You should protect your network perimeter with reliable security devices and solutions, such as routers, firewalls, and other appropriate cybersecurity tools.
The terms of this policy may be amended, updated, or supplemented from time to time as part of our ongoing effort to comply with applicable laws, regulations, and legal requirements.