SCG COMPANY & CO S.R.L.
Last updated: November 2025

1. Commitment to Data Security

At SCG, we take data protection and system security seriously.
All data is stored and processed in compliance with:

• EU General Data Protection Regulation (GDPR),

• Romanian Law no. 190/2018, and

• relevant EU and ISO/IEC 27001 standards.

 

2. Data Hosting

All servers and backups are hosted within the European Union, primarily under IONOS SE’s GDPR-compliant infrastructure, ensuring redundancy, encryption, and uptime monitoring.

 

3. Access Control and Encryption

• Data transmission is secured via SSL/TLS encryption.

• Internal access is restricted through role-based authentication.

• Administrative accounts require strong passwords and multi-factor authentication (MFA).

 

4. Data Backup and Retention

• All business-critical data is backed up regularly on secure, encrypted storage systems.

• Retention periods comply with EU and Romanian business and tax regulations.

 

5. Incident Management

In the event of a suspected security breach or data loss, SCG will:

• immediately assess and isolate the issue,

• notify affected clients within 72 hours (as required by GDPR), and

• implement remedial measures to prevent recurrence.

 

6. Third-Party Providers

All third-party tools and service providers (e.g. hosting, analytics, plugins) are carefully vetted for GDPR compliance.
Data Processing Agreements (DPAs) are in place where required.

 

7. Client Responsibility

Customers using SCG’s hosting, websites, or integrations are responsible for maintaining the security of their own login credentials and systems.
SCG provides technical guidance but cannot assume liability for misuse of client-side access.

 

8. Contact

For any questions related to security, compliance, or data protection, please contact:
[email protected]