Safety at Wielson

Do you have any questions about Wielson’s safety policy? Send us an email via info@wielson.be.

‣

Backup and Recovery Policy

GENERAL

Wielson performs a full backup of its Notion workspace and Google Drive environment every quarter. This quarterly backup is retained for three months on two separate platforms. Our aim is to minimise any potential data loss and limit recovery time to one working day.

Notion automatically backs up all data (more information can be found here).

‣

Cyber Incident Response Plan

GENERAL

Wielson has a response plan in place in the event of a cyber incident. A cyber incident is an unwanted or unexpected cybersecurity event - or a series of such events - that poses a significant threat to business operations. Examples include (but are not limited to):

Denial-of-service (DoS) attacks
Unauthorised access or attempts to access a system
Compromise of sensitive information
Outbreaks of viruses or malware (including ransomware)

Wielson has documented the following:

A designated person responsible in the event of a cyber incident
An overview of our infrastructure data, password manager, and antivirus
Contact details of IT service providers
A backup and recovery policy

We have a step-by-step plan that can be summarised as follows:

Identification: recognising signals and taking initial action
Containment and Control: short- and long-term actions
Resolution: removing the threat and carrying out recovery
Evaluation: documentation, possible notification of supervisory authorities, communication, and updating policies and/or measures

‣

Cybersecurity

GENERAL

At Wielson, we are aware of the risks related to information security. We handle personal data in a secure, transparent, and lawful manner, in accordance with the General Data Protection Regulation (GDPR – Regulation (EU) 2016/679). Contact details (name, email, phone number) are stored in our Notion environment and are not shared further. Want your data removed from our database? Email us at info@wielson.be.

Our policy principles apply to all information and systems used by Wielson, including:

the information systems we provide,
the staff who process the data,
the devices used for processing,
the procedures they depend on,
the locations where we work,
other aspects that could pose a risk.

Our environment is managed in a way that supports cybersecurity. This includes:

Roles and responsibilities for cybersecurity are clearly defined.
An inventory is maintained of all physical devices, systems, and software used within the organisation.
Antivirus software is installed and regularly updated. This software includes antimalware, firewall and antiphishing.
A strong password policy is in place.
A process exists for recovering critical documents or data (see Backup and Recovery Policy).
A response plan for cyber incidents is available (see Cyber Incident Response Plan).

POLICY AT GOOGLE, NOTION, MAKE

More information about the security of frequently used software can be found via the following links:

Google Security & Privacy
Make Security
Notion Security & Privacy

‣

Privacy and GDPR

GENERAL

At Wielson, we take privacy and data protection seriously. We handle personal data in a secure, transparent, and lawful way, in accordance with the General Data Protection Regulation (GDPR – Regulation (EU) 2016/679). Contact details (name, email, phone number) are stored in our Notion environment and not shared further.

We only collect personal data necessary to carry out our services. This data is managed carefully, with appropriate technical and organisational measures in place to prevent loss, misuse, or unauthorised access.

We:

Clearly inform individuals about what data we collect and why
Respect individuals’ rights (such as access, correction, and deletion)
Sign data processing agreements with external parties who process data on our behalf
Do not retain data longer than necessary for the intended purpose

For privacy-related questions or requests about personal data, individuals can contact us via info@wielson.be.

POLICY AT GOOGLE, NOTION, MAKE

More information about the privacy and data protection policies of the software we frequently use can be found via the following pages:

Google Cloud Privacy
Google Drive Privacy
Google Security & Privacy
Make Privacy & GDPR
Notion Security & Privacy

‣

Password Policy

PASSWORD STRENGTH

Password strength is important to reduce the risk of misuse. We use a password manager that generates complex passwords containing at least three of the following character types:

Uppercase letters (A-Z)
Lowercase letters (a-z)
Numbers (0-9)
Special characters: !@#$%^&*()

PASSWORD SECURITY

Passwords are not shared and are treated as sensitive, confidential information. They are not included in emails or other forms of electronic communication, nor disclosed over the phone. Passwords are only stored in a password manager. The “Remember Password” feature is not used, for example in web browsers. Anyone who suspects their password has been compromised must change the relevant passwords.

Wielson does not send usernames or passwords via email, unless:

The email is sent in encrypted form
The combination of username and password expires after first use or, if unused, after one month

Wielson only uses SMS to send partial login details if the following conditions are met:

The message contains only one part of the combination: system, username, password or token. The other parts are delivered via different methods
The user is expecting the message and is likely to use it shortly
The information in the message expires after first use or, if unused, after one month

Safety at Wielson

Do you have any questions about Wielson’s safety policy? Send us an email via info@wielson.be.

‣

Backup and Recovery Policy

GENERAL

Notion automatically backs up all data (more information can be found here).

‣

Cyber Incident Response Plan

GENERAL

Denial-of-service (DoS) attacks
Unauthorised access or attempts to access a system
Compromise of sensitive information
Outbreaks of viruses or malware (including ransomware)

Wielson has documented the following:

A designated person responsible in the event of a cyber incident
An overview of our infrastructure data, password manager, and antivirus
Contact details of IT service providers
A backup and recovery policy

We have a step-by-step plan that can be summarised as follows:

Identification: recognising signals and taking initial action
Containment and Control: short- and long-term actions
Resolution: removing the threat and carrying out recovery
Evaluation: documentation, possible notification of supervisory authorities, communication, and updating policies and/or measures

‣

Cybersecurity

GENERAL

Our policy principles apply to all information and systems used by Wielson, including:

the information systems we provide,
the staff who process the data,
the devices used for processing,
the procedures they depend on,
the locations where we work,
other aspects that could pose a risk.

Our environment is managed in a way that supports cybersecurity. This includes:

Roles and responsibilities for cybersecurity are clearly defined.
An inventory is maintained of all physical devices, systems, and software used within the organisation.
Antivirus software is installed and regularly updated. This software includes antimalware, firewall and antiphishing.
A strong password policy is in place.
A process exists for recovering critical documents or data (see Backup and Recovery Policy).
A response plan for cyber incidents is available (see Cyber Incident Response Plan).

POLICY AT GOOGLE, NOTION, MAKE

More information about the security of frequently used software can be found via the following links:

Google Security & Privacy
Make Security
Notion Security & Privacy

‣

Privacy and GDPR

GENERAL

We:

Clearly inform individuals about what data we collect and why
Respect individuals’ rights (such as access, correction, and deletion)
Sign data processing agreements with external parties who process data on our behalf
Do not retain data longer than necessary for the intended purpose

For privacy-related questions or requests about personal data, individuals can contact us via info@wielson.be.

POLICY AT GOOGLE, NOTION, MAKE

More information about the privacy and data protection policies of the software we frequently use can be found via the following pages:

Google Cloud Privacy
Google Drive Privacy
Google Security & Privacy
Make Privacy & GDPR
Notion Security & Privacy

‣

Password Policy

PASSWORD STRENGTH

Password strength is important to reduce the risk of misuse. We use a password manager that generates complex passwords containing at least three of the following character types:

Uppercase letters (A-Z)
Lowercase letters (a-z)
Numbers (0-9)
Special characters: !@#$%^&*()

PASSWORD SECURITY

Wielson does not send usernames or passwords via email, unless:

The email is sent in encrypted form
The combination of username and password expires after first use or, if unused, after one month

Wielson only uses SMS to send partial login details if the following conditions are met:

The message contains only one part of the combination: system, username, password or token. The other parts are delivered via different methods
The user is expecting the message and is likely to use it shortly
The information in the message expires after first use or, if unused, after one month