Skip to main content

Security Policy

Security & Data Protection Page

Last Updated: 2026-04-07

At Hyce, we handle sensitive information as part of our services. Protecting that data is a core part of how we operate, not an afterthought.

1. Our Approach.

We design our systems with security and data protection in mind from the start. Our goal is simple: keep your data confidential, intact, and available when you need it.

2. Data Encryption.

We use industry-standard encryption practices to protect data:

  • In transit: Data is encrypted using secure protocols such as TLS
  • At rest: Stored data is encrypted within our systems and infrastructure

3. Access Controls.

Access to data is restricted based on roles and responsibilities:

  • Role-based access permissions
  • Authentication controls for all user types
  • Limited internal access to authorized personnel only

We do not allow broad or unnecessary access to sensitive data.

4. Secure Data Handling.

For customer and operator workflows:

  • Uploaded forms are handled through secure channels
  • Sensitive data is processed within controlled environments
  • Audit and reporting data is restricted to authorized users

5. Infrastructure & Hosting.

Our systems are hosted on reputable infrastructure providers that maintain strong physical and network security standards. These providers implement safeguards such as:

  • Data center security controls
  • Network monitoring
  • Redundancy and availability protections

6. Monitoring and Maintenance.

We maintain system integrity through:

  • Ongoing monitoring of system activity
  • Logging of access and operational events
  • Regular updates and security patches

7. Subprocessors.

We may use trusted third-party providers to support our services, such as hosting or communications tools. We require these providers to maintain appropriate data protection and security standards.

8. Data Retention.

We retain data only as long as necessary to provide services and meet legal or contractual obligations. When data is no longer needed, it is securely deleted or anonymized.

9. Incident Response.

If a security incident occurs, we act promptly to:

  • Investigate and contain the issue
  • Mitigate potential impact
  • Notify affected parties where required

10. Your Responsibilities.

Security is a shared effort. Users are responsible for:

  • Keeping login credentials secure
  • Using strong passwords
  • Not sharing account access
  • Not uploading unauthorized or unlawful data

11. Limitations.

While we take reasonable and appropriate measures to protect data, no system is completely immune to risk. We continuously improve our security practices, but cannot guarantee absolute security.

12. Contact.

For security-related questions or concerns: Email: [email protected]