We take our data responsibilities incredibly seriously and go to great lengths to ensure the safety and security of all guest data.
Our security and data protection processes are based on and aligned with global standards that ensure the highest grade of security is met and exceeded.
We never sell or pass on user data for any other type of gain to any third-party. We provide you with secure methods to delete data in accordance with privacy regulations.
We continuously evaluate the impact of our activities on data privacy to ensure that we collect the minimum data needed.
All web traffic through Superhog is encrypted via HTTPS and TLS 1.2. Data in our database is encrypted using AES-256 encryption and is FIPS 140-2 compliant. Decryption keys are stored separately and rotated on a regular basis.
In addition to our extensive internal testing program, we employ third-party experts to perform penetration testing annually as standard, and additionally after any significant changes to our technical infrastructure.
All Superhog employees undergo background checks, including checks for any historical involvement with fraudulent or criminal activity, and are subject to ongoing spontaneous background checks throughout their employment.
The processing of data by Superhog is deliberately very tightly constrained by technology in order to limit the vulnerability of our system to human error and deliberate malevolent activity.
Access to the encrypted sensitive documentation which is stored on Superhog is limited, with all access system logged and frequently monitored, to ensure that no data is compromised.
We maintain a comprehensive vulnerability management program which includes regular scanning, identification, and remediation of security vulnerabilities in our infrastructure and applications.