At Little Fire Digital we take privacy and data security seriously. All of our clients’ data is stored on secure, up-to-date servers. The software on which the servers run is regularly updated and access to any software other than those specifically required to provide website services (principally serving websites and email) is prohibited except from specified physical locations and to specific trained personnel. Client data is not stored on off-site devices.
The Little Fire offices are independently alarmed and secured behind multiple insurance grade doors. The estate on which they are located are highly secure being alarmed and continuously monitored by CCTV.
To prevent inappropriate access to our servers and the data stored thereon, Little Fire Digital implement the following:
In the case of a serious vulnerability within the server system software patches are applied typically within a week of our providers becoming aware of it. Regardless of whether or not a website collects identifiable user data, all sites hosted by Little Fire Digital run exclusively behind an SSL (Secure Socket Layer) and the encrypted https:// protocol it supports.
We attempt to hold the smallest amount of data possible. We store no credit card data. We share user data both about our clients and that owned by our clients with no one.
New websites are developed offline with dummy user accounts.
We do not keep offline copies of real user data except in cases where active development or specific troubleshooting requires it. Where, for whatever reason, development or troubleshooting is not possible using the developer database, a copy of the live database, including the personal data contained thereon will be downloaded, installed on the developer machine and used as the working database for the duration of the development only. It is contrary to company policy to maintain copies of live databases offline.
All data on our servers is automatically backed up on a daily basis. Data in the back up is maintained for 30 days, after which it is automatically deleted.
Little Fire Digital are have been independently certified as Cybersecurity Essentials – Certified Plus suppliers.