Security

Data protection and security are serious topics – especially regarding the personal, clinical, health and medical data you store within your Nookal account.

So, contrary to the general lightheartedness you may see in our product, website and team, we want you to be confident that, above all else, the security and protection of your data is our number one priority (no exceptions).

It’s also important to understand that any information we publicise and provide to you is generalised and cannot be as detailed as the security processes or protocols we have in place, as any specific information can aid the people we’re protecting you (and ourselves) from.

Below, you will find an overview of our security measures to ensure your peace of mind.

General Measures

• All Nookal staff members are educated on data protection procedures and password safety management.
• We use encryption algorithms compliant with standard AES-256 during the transmission and storage of data.
• All Nookal account data is stored within secured data centres around the world – including:
  • Sydney – for Client Data in AU Accounts.
  • Ireland – for Client Data in EU/UK Accounts.
  • Ohio – for Client Data in US/CA Accounts.
• We have a Personal Data Breach Protocol for quick and efficient reactions in case of suspicion of data being compromised.

Account Access

• Access to all Nookal accounts is secured by login. Passwords and 2-factor authentication are available for all users.
• Each user has their own access and is instructed on the risk of sharing access.
• Detailed Permission settings allow account owners to control each section and task users can access within their account.
• Data is not shared unless the identity of the account owner has been established and/or written consent has been provided by the account owner to share data with a third party.

Database Access

• All databases are secured with a VPN and specific credentials.
• Database access is restricted.
• All databases require login after a short time of inactivity.
• All activity within a database is logged.

Security Testing

We engage in regular testing and certification with third-party industry experts.

For a copy of our most recent security assessment, please contact: privacy@nookal.com.

Backups and Compliance

We also provide related information about our:

• Account Backups
• Service Level Agreement (SLA)
• GDPR Compliance
• PCI Compliance
• Other Policies

Additional Information

Additional information about how we store and process different types of data is available in our Privacy Policy.

For any additional questions on Security Measures, please contact: privacy@nookal.com.