SECURITY

At Actionable Software, our mission is to be the backbone of restaurants, allowing them access to accurate operational data quickly and easily with information shown to the right users.

We do this by delivering only the best software to simplify the lives of our customers, and since this needs to be done in a responsible manner, we ensure user privacy and security remain at the top of our agenda. Developing and maintaining secure products and services helps us build trust and confidence across our customer base, so we place great focus on improving that security with our teams too.

1. SECURITY AT THE CORE

We adhere to information security best practices and standards, which contemplate security measures such as:

  • Data encryption - both in transit and at rest;

  • Modern Authentication methods and Two-Factor Authentication;

  • High availability and disaster recovery capabilities;

  • Vulnerability monitoring and remediation controls;

  • Information Security policies and Security training available to all employees;

  • GDPR and privacy compliance.

For more information regarding the cybersecurity controls that we have in place, please reach out to our Security Team via our contact page.

2. HOSTING

Our servers and databases are continuously monitored following DevOps practices, allowing for several releases each month, with fixes and improvements to overall performance.

The security and monitoring of our application architecture, databases, and access controls are managed in-house by our Infrastructure Team, with support from our providers.

Overall, this makes our infrastructure, facilities, and systems reliable, robust and third-party tested, which gives you a highly secure system.

3. GOVERNANCE, RISK AND COMPLIANCE (GRC)

We have a dedicated team working on GRC and Privacy initiatives, who manage Actionable Software's overall governance, IT risk management, compliance and Data privacy requirements. The ultimate objective is to align IT with business objectives, whilst successfully managing risks, remaining compliant and respecting and protecting your privacy.

4. RESPONSIBLE SECURITY DISCLOSURE

The security of our infrastructure is ensured by the timely and successful application of maintenance updates and patches, following our suppliers’ releases and recommendations. Additionally, upon discovery of potential vulnerabilities we will patch our application code to ensure our users are kept safe.

Similarly, if as a client you believe to have identified a vulnerability in any of Actionable Software’s products, we would appreciate you reporting it via our contact page so that our team of experts can investigate this and find a prompt solution.

We employ preventive and detective solutions such as firewalls and IDS to prevent unauthorised access to our network and client data. However, at times these barriers can be surpassed by attackers and for this reason we have a Cybersecurity Incident Management procedure in place which helps us manage and eradicate these.

If you’re a client or partner, and you believe to have identified a cybersecurity incident - ransomware, compromised account or credentials, data theft/loss, etc. - with the potential to propagate to or impact Actionable Software, please report this upon detection via our contact page by simply providing a brief description of the situation you are experiencing. Our Security Team will work with you to assess the situation, and come up with the appropriate response strategy.

Actionable Software will never ask you to share your credentials, so please remember to never submit your passwords or usernames if prompted with such request.

5. PERSONAL INFORMATION

We place great importance on users' privacy rights and prioritise the protection of your personal information. You can access our Privacy Notice to understand how Actionable Software collects and manages personal information and the rights you can exercise regarding your personal information.

Unfortunately, the transmission of data over the internet is not always completely secure. Although we take the necessary steps to protect your personal information, we cannot always ensure that the information you decide to share with us is exempt from situations such as unauthorised access; any transmission is at your own risk. However, we will put in place the necessary security measures to prevent these situations from happening.

6. CUSTOMER RESPONSIBILITIES

As a customer, there are some responsibilities with regards to maintaining and ensuring security that you must keep in mind:

Managing the Actionable Software user accounts that you create and the roles that you assign to these - make sure these are fit for purpose.
Protecting your own accounts and user credentials by using a strong password policy and not sharing them with unauthorised individuals.
Compliance with the terms of your services agreement with Actionable Software, including with respect to compliance with laws.
Promptly notifying Actionable Software of unexpected or undesired security related incidents that could negatively affect you and Actionable Software such as a user credentials compromise.