IT asks: How does Empatyzer handle security incidents and customer notifications?

Empatyzer follows a defined incident response process covering detection, analysis, containment and communication. When an incident is detected the system isolates the threat and collects logs while the security team investigates root causes. We notify customers as soon as key facts are confirmed and always issue a formal notification within five business days of detection. Notifications outline the event scope, types of data affected, impact assessment and immediate corrective actions plus a remediation plan; subsequent updates are provided on a scheduled basis until the incident is closed and preventive measures are implemented. Customer data is stored on servers in the European Union with logical separation between tenants and encryption both at rest and in transit. Provider-side administrative access is restricted to a small team and all actions are logged and audited. If escalation is needed we coordinate with the customer and external specialists and, when required by law, inform supervisory authorities. After resolution we deliver a post-incident report with root cause analysis, implemented measures and recommendations. If a customer terminates the service we remove their data according to the contract.

As quickly as possible, no later than 5 business days.