Your privacy is important to PlanMyLeave. Our only purpose in collecting and using your Personal Data is to provide you and your employer with Employee Leave Management, TimeSheet Management, HR Management, workforce scheduling, and other associated services.
The PlanMyLeave product is owned by ProjectToolBelt LLC, a Wyoming-based company.
Email customer service: support@planmyleave.com
We are committed to holding your data safe and secure. PlanMyLeave's services are built around privacy and reliability, and we use trusted cloud providers to keep your data safe.
We stretch beyond our abilities to ensure that our products and services are free of security flaws. In addition, we support the following security features to help keep your data safe:
The backend of PlanMyLeave is hosted and managed within Amazon's secure data centres and uses Amazon Web Service (AWS) technology. Amazon performs ongoing risk management and submits itself to recurring audits to guarantee that it complies with industry standards.
For more information on AWS security, please visit https://aws.amazon.com/security/.
To achieve 99.9% uptime across all of our products, our monitoring and logging systems are hosted separately from our production environment to guarantee uninterrupted reporting in the event of a system outage.
PlanMyLeave's software development practices adhere to OWASP guidelines, protecting against common attacks.
PlanMyLeave has implemented and maintains the controls listed here in accordance with industry standards generally accepted by information security professionals, such as Microsoft Security Hardening Guides, the OWASP Guide to Building Secure Web Applications, and various other Center for Internet Security Standards, among others, as necessary to reasonably protect Personal Data during storage, processing, and transmission.
The risk assessment should include:
Establish strict policies and procedures to detect, monitor, document, and respond to actual or reasonably suspected Security Incidents and to encourage reporting of such incidents, including
Implement network security controls such as current firewalls, layered DMZs, and updated intrusion detection/prevention systems that include firewalls between the organization's information systems, the Internet (including internal networks connected to the Internet), other public networks, and internal networks not required for processing of the Personal Data; the firewalls must be sensibly designed to maintain the security of Personal Data and relevant information.
Physical or logical separation of Personal Data to ensure that it is not mixed with the information of another party unless approved by the Controller.
Maintain vulnerability management and regular patching procedures and technologies to identify, assess, mitigate, and protect against new and existing security vulnerabilities and threats, such as viruses, bots, and other malicious code.
Maintain application security and software development controls to prevent the introduction of security flaws into software developed by a Processor that processes personal data.
Before sending any unencrypted hard disc, portable storage device, or backup media containing Personal Data offsite for maintenance or disposal, use secure destruction procedures to sanitize it.
Establish and maintain policies, procedures, and guidelines for responding to a contingency or other occurrence that could jeopardize the security, privacy, confidentiality, integrity, or availability of Personal Data or harm the organization's information systems; such policies and procedures should include provisions for