Compliance and Security Documentation

This section gathers the operational policies, designations, and risk-management documents that complement the Privacy Policy, the Terms of Service, the Subprocessors page, and the Obscreen Private License Agreement (OBPLv1).

Scope note. The technical measures described in these documents apply to the services operated by Obscreen (Obscreen Cloud, license issuance, update / status APIs, public websites, internal tooling) and to the personnel who operate them. For self-hosted deployments of the Obscreen software, the configuration and security of the customer's infrastructure are the sole responsibility of the customer, in accordance with the Terms of Service. The principles described here may be used as reference by self-hosted customers, but Obscreen does not implement, monitor, or guarantee them on infrastructure that it does not operate.

Policies

• Information Security Policy
• Systems Security and Integrity Policy
• Customer Data Encryption Policy

Designations

• Data Protection Officer (DPO) Designation
• Information Security Officer (CISO) Designation

Risk Management

• Customer Personal Data Risk Analysis
• Incident Management Plan
• Business Continuity and Resilience Plan

Other

• Data Localization

Contact

For any question regarding these documents, or to report a security incident or vulnerability, please contact us at [email protected].