GymMaster Security Policy

  1. The team at GymMaster work hard to make sure you have easy and efficient access to your personal data, but we’re also committed to keeping it safe. We employ multiple levels of security to your data, our systems and our networks.

    1. Passwords

      In order to protect your data, we start with the basics, with all devices and files password protected. Further to this, our internal password policy requires our staff to use strong, randomly generated passwords that are changed regularly, and to ensure they are kept safe, we use an industry standard password manager.

    1. Personal / Confidential Information

      When accessing client information, our staff follow a strict information disclosure policy, where the confidentiality of Client’s and Member’s personal data is held in highest regard. A copy of our policy is available on request.

    1. Internal Security

      our internal security and systems are routinely checked via monthly internal security and penetration tests, and our overall codebase is updated and patched weekly, meaning any potential issues are proactively identified, isolated and remediated.

    1. Hardware

      All on-premise hard drives are encrypted at rest, meaning that in the event of a physical security issue, all data remains safely protected.

    1. Data Centres

      Our data centres are maintained and managed to the highest industry standards and have the following compliance certifications:

      • ISO/IEC 27001:2013
      • SOC3
      • PCI-DSS

      In addition, our security policy is supported by our data centres having the following policies and practices –

      • Access to the data center floor is restricted to data center employees and authorized visitors
      • Data Centers are staffed 24/7/365 with security guards and technicians
      • All employees and visitors are identified using biometrics and ID checks before entering the facility
      • HVAC and power have redundant back-ups, so if one goes out, the others keep our systems powered and within operating temperature
      • Multiple Internet carriers using independent fiber connections to the data center floor ensure a failsafe connection to the cloud
      • Our networks within the data centers have redundant routers, switches, and service providers. Multiple systems can fail without affecting downtime, performance or security

    1. Updates to this Policy

      We may need to make changes to this Security Policy from time to time. Any changes will become effective as soon as they are posted to our website, or communicated by other means.

    1. Contact Us

      If you have any questions regarding this Security Policy, please get in touch by email at – security@gymmaster.com