.svg)
At Eventflow Technologies Ltd, we take the security and continuity of our services seriously. This policy sets out how we detect, respond to, and learn from any incidents that could affect our systems, data, or customers.
Our goal is simple: to minimise disruption, protect personal data, and give our customers confidence that we respond quickly and effectively if something goes wrong.
Scope
This policy applies to all Eventflow systems, services, employees, and contractors.
An “incident” means any event that may threaten the confidentiality, integrity, or availability of our services or customer data. Examples include:
- Security breaches or attempted unauthorised access
- Service outages or degraded performance
- Data loss or corruption
- Misuse of accounts or systems
Responsibilities
- Incident Response Lead: Chief Technology Officer (CTO)
- All Staff: Must report any suspected incident immediately
- Customer Contact: support@eventflowapp.com
Our contracts also require any supplier or processor to notify us without undue delay if they experience a breach involving our data.
Incident Response Process
We follow a structured four-phase model:
- Identification
- Incidents may be detected through monitoring, staff reports, or customer notifications.
- Every suspected incident is logged immediately.
- We assess the likelihood and severity of risk to individuals’ rights and freedoms to determine next steps.
- Containment
- We act quickly to isolate affected systems and prevent the issue from spreading.
- Temporary workarounds may be applied while permanent fixes are developed.
- Eradication and Recovery
- Root causes are identified and removed.
- Systems are restored from backups or reconfigured as necessary.
- Services are validated before being returned to normal use.
- Lessons Learned
- A full review is carried out after every incident.
- Findings are used to update our processes, training, and security controls.
Communication and Escalation
- Customers: We will notify you promptly if an incident affects your data or service.
- Regulators: If a personal data breach is notifiable, we will report it to the Information Commissioner’s Office (ICO) within 72 hours of becoming aware. If all details are not yet available, we may provide information in phases. If notification occurs after 72 hours, reasons for the delay will be recorded.
- Required Content: ICO notifications will include the nature of the breach, categories and approximate number of individuals and records affected, our contact details, the likely consequences, and measures taken or proposed.
- Individuals: If a breach is likely to result in a high risk to individuals, we will inform affected individuals without undue delay, in clear and plain language.
Record Keeping
We maintain a secure log of all incidents, breaches, and near-misses. Each record includes:
- When and how the incident was detected
- Nature and scope of the incident
- Actions taken and by whom
- Timelines and resolution details
- Assessment of risk and notification decisions
- Follow-up measures
This ensures compliance with UK GDPR Article 33(5).
Preparedness
To ensure we can respond effectively, we maintain:
- A documented incident response plan and playbooks for common scenarios (such as data loss, denial of service, or ransomware)
- Communication plans covering customers, regulators, law enforcement, and the media
- Regular incident response exercises, at least annually
Training and Awareness
- All staff are trained to recognise and report incidents.
- Refresher training is provided after any major incident or policy update.
Policy Review
This policy is reviewed every September to ensure it remains accurate, effective, and aligned with UK GDPR and NCSC best practice.
Eventflow Technologies Ltd
Registered Office: 4 Dukes Court, Bognor Road, Chichester, England, PO19 8FX
Trading Address: Unit 11, Trident Business Park, Selsey, West Sussex, PO20 9DY
Contact: support@eventflowapp.com
.svg)
.svg)