1. Introduction

FDSee Pty. Ltd. (“FDSee”) is dedicated to ensuring the security and confidentiality of our clients’ and users’ personal information. This Data Security Policy outlines the comprehensive measures we implement to secure data on our web based applications.

2. Scope

This policy applies to all employees, contractors, and third parties who access or handle personal information collected and stored by FDSee.

3. Technology and Security Summary
3.1 Data Location and Server Security
  • Data Location: All data is held in Australia.
  • Server Details: FDSee Live and Development servers are dedicated resource virtual servers located in Equinix Sydney, featuring power redundancy, cooling redundancy, network redundancy, smart card and biometric restricted security, a 99.99% uptime SLA, and at least N+1 power backup.
  • Firewalls: Servers are protected by hardware and software-level firewalls, with exceptions only for external monitoring services. Administration access is via encrypted connections only.
3.2 Data Encryption and Transmission
  • SSL Encryption: All servers use SSL encryption to protect user access and data transfer.
  • Data Backups: Daily incremental backups are stored in Amazon Australia redundant storage with SSL encryption.
3.3 Backup and Restore
  • Incremental Backups: Conducted daily and stored securely.
  • Full Restoration: Scheduled every three months to ensure backup efficacy and disaster recovery readiness.
3.4 System Security Reviews
  • Major Audit: Conducted in 2019, leading to a significant software upgrade completed in early 2020.
  • Ongoing Reviews: A Senior Consultant and Expert Systems Administrator continually review technology, security, and processes.
  • Patch Management: We regularly update all systems and software to protect against known vulnerabilities.
  • Threat Intelligence: We stay informed about the latest security threats and vulnerabilities through threat intelligence services.
3.5 Monitoring and Logging
  • System Monitoring: We continuously monitor our systems for signs of unauthorized access, data breaches, or other suspicious activities.
  • Logging: Comprehensive logs of access and modifications to data are maintained for security audits and forensic investigations.
4. Specific Hardware Requirements
  • Internet Connection: Required for FDSee usage, which is web-based and accessible via any PC with a web browser.
  • Mobile Access: For staff visiting educators, a medium-sized tablet with a mobile internet connection is recommended.
5. Data Storage and Management
  • Data Stored: FDSee stores minimal information on children (name and DOB) and families, primarily related to educator visits or documentation. Financial information and detailed enrolment data are not stored.
  • No Payments Handled: FDSee does not process payments or require financial information.
6. Access to Data
  • Employee Access: Typically, FDSee employees do not access client data. System Admins and Developers may access raw data for technical issue resolution, with service permission.
  • Data Usage: FDSee uses client data solely for system administration purposes, including user emails, password resets, and billing. No client data is shared with third parties.
7. Compliance

FDSee adheres to the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and other applicable data protection laws.

8. Training and Awareness
  • Employee Training: Regular training on data security practices and responsibilities.
  • Security Awareness: Continuous updates and training to promote a culture of security awareness.
9. Incident Response
  • Incident Management Plan: Prompt investigation, mitigation, and notification procedures for data breaches.
  • Breach Notification: Ensures timely notification to affected individuals and authorities.
10. Review and Update

This policy is reviewed and updated regularly to ensure its effectiveness and compliance with relevant laws.

11. Contact Information

For questions or concerns regarding this Data Security Policy, please contact FDSee at support@fdsee.com.au.