Sense Cloud Service Policies for End-Users
Document Version: 1.0 Date Issued: 23rd June 2025
Introduction and Purpose
This policy document is designed to inform you, the end-user, about the encryption measures and Architectural decisions that Sense Techology Group Limited use to protect your data when you use our cloud services. Our commitment is to ensure the confidentiality, integrity, and availability of your information. By understanding these measures, you can better appreciate how your data is safeguarded and what your role is in maintaining its security.
Scope
This policy applies to all end-users accessing and utilising our cloud services. It covers all data stored (“at rest”) within our cloud infrastructure and all data transmitted to and from our cloud services (“in transit”).
Understanding Our Encryption Practices
We utilise two primary forms of encryption to protect your data:
Encryption at Rest
Encryption at rest refers to the encryption of your data when it is stored on our servers, databases, and storage devices. This means that even if unauthorised access were gained to the physical storage, your data would be unreadable without the appropriate decryption keys.
- How it works: Your data is automatically encrypted before it is written to storage and decrypted only when it needs to be accessed by authorised services or users.
- Benefits: Protects against physical theft of storage devices, unauthorised access to storage systems, and ensures data remains confidential even when not actively being used.
Encryption in Transit
Encryption in transit refers to the encryption of your data as it travels across networks, such as when you upload files, access your account, or stream information to and from our cloud services.
- How it works: We use industry-standard protocols (i.e, Transport Layer Security - TLS, Secure Sockets Layer - SSL) to create a secure, encrypted connection between your device and our servers. Any data exchanged over this connection is scrambled, making it indecipherable to anyone intercepting the communication.
- Benefits: Protects against “eavesdropping” and tampering of data as it moves across public networks like the internet, ensuring your information remains private and unaltered during transmission.
Benefits of Encryption for You
The implementation of encryption at rest and in transit provides several significant benefits to you:
- Enhanced Data Confidentiality: Your sensitive information is protected from unauthorised disclosure.
- Data Integrity: Encryption helps ensure that your data has not been tampered with during storage or transmission.
- Compliance: Our encryption practices help us meet various industry and regulatory compliance requirements for data protection.
- Peace of Mind: You can be confident that we are employing robust security measures to protect your digital assets.
Architectural Compliance
Our encryption practices are designed to align with relevant data protection regulations and industry standards (including those outlined in SOC2 and ISO27001). Furthermore, our cloud infrastructure and service delivery adhere to well-architected frameworks and industry-standard aligned architectures, ensuring optimal security, reliability and performance.
Your Responsibilities in Data Security
While we employ strong encryption measures, your actions also play a vital role in data security. Please adhere to the following best practices:
- Strong Passwords/Passphrases: Create and use unique, complex passwords for your account. Avoid using easily guessable information.
- Multi-Factor Authentication (MFA): Where available, enable and use multi-factor authentication (MFA) on your device for an additional layer of security.
- Protect Your Credentials: Never share your login credentials with anyone. Be wary of phishing attempts that try to trick you into revealing your password.
- Device Security: Ensure the devices you use to access our services (computers, tablets, smartphones) are secure, updated with the latest security patches, and protected by anti-malware software.
- Secure Networks: Wherever possible, access our services over secure, trusted networks. Avoid public Wi-Fi for sensitive activities unless a Virtual Private Network (VPN) is used.
- Log Out: Always log out of your account when you finish using our services, especially on shared computers.
Our Responsibilities
As your cloud service provider, we are responsible for:
- Maintaining and regularly updating our encryption technologies and security protocols.
- Managing and protecting the encryption keys used to secure your data.
- Adhering to industry best practices (ISO27001 and NCSC Cyber Essentials) and relevant data protection regulations.
- Providing secure infrastructure and services.
- Continuous monitoring of the infrastructure performance, resilience and adherence to security standards.
- Ensuring that all infrastructure is built to architectural best practice standards and frameworks.
We regularly review this list and ensure that we are aligned with industry best practices.
Data Access and Privacy
Our use of encryption reinforces our commitment to your data privacy. Encryption ensures that your data is protected from unauthorised access, even by our own personnel, except where necessary for legitimate operational purposes (e.g., troubleshooting, legal obligations, or with your explicit consent). All access is strictly controlled and audited and we adhere to the principle of least-privilege.
Compliance
Our encryption practices are designed to align with relevant data protection regulations (GDPR) and industry standards.
Contact Information
If you have any questions about this encryption policy or our security practices, please contact our support team.
Disclaimer
This policy provides a general overview of our encryption and architectural practices. While we strive to maintain the highest levels of security, no system can be guaranteed 100% impervious to all threats. We continuously monitor and improve our security measures to adapt to evolving threats.