Security policy
Incident Response Policy
1.0 (public summary)Detection, triage, containment, eradication, recovery, post-incident review, and customer notification commitments.
Last updated
Privion maintains procedures to detect, respond to, and learn from security incidents affecting hosted services or Privion's access to client environments.
Process
Incidents are triaged by severity, contained to limit impact, eradicated, and recovered with documented timelines. Post-incident review captures root cause and corrective actions.
Notification
Where personal data processed by Privion as a processor is affected, notification commitments align with applicable law and contractual terms, including GDPR-aligned timelines where required.
Full policy under NDA
This page is a public summary for procurement and security review. The complete policy, including operational procedures and evidence references, is available under NDA. Contact security@priviontech.com to request a copy.