Security Statement

SystemService is designed with a practical security approach based on access control, role separation, data minimisation, auditability and secure platform operation.

Security measures are reviewed and improved as the platform, infrastructure and business requirements evolve.

Access to SystemService is role-based. Users only receive access to the areas and functions that are relevant to their role and organisation.

Roles may include client, employee, administrator and platform owner roles, depending on the configuration of the platform.

Administrative and platform-level access is restricted to authorised users.

SystemService is designed to separate data between companies or workspaces so that users access only the data linked to their authorised organisation.

Tenant separation is an important part of the platform architecture and is considered when developing service, admin, warehouse and client-facing features.

User access is protected through authentication and session handling. Users are responsible for keeping their login credentials confidential.

SystemService may restrict, suspend or reset access when this is necessary to protect accounts, data or the platform.

SystemService uses hosting, database, email, payment and infrastructure providers where needed to operate the service.

Where applicable, communication with the platform should take place over secure HTTPS connections.

Infrastructure, deployment and backup processes may be adjusted as the platform moves between local, staging and production environments.

The platform may allow users to upload files, images, reports or other attachments needed for service workflows.

Users should only upload files that are necessary for the relevant request or process and should avoid uploading excessive, unlawful or unnecessary sensitive information.

SystemService may keep technical logs, security logs and audit records to support troubleshooting, accountability, security monitoring and misuse prevention.

Access to logs is limited to authorised users or technical operators where needed for support, maintenance, security or legal reasons.

Where AI-assisted features are used, access to information should follow the same permission model as the surrounding platform area.

Users should not enter unnecessary confidential, sensitive or excessive personal data into AI-assisted features.

Users and business customers are responsible for managing their own authorised users, keeping credentials secure, entering accurate data and using the platform lawfully.

Business customers should ensure that their own employees and users follow appropriate internal procedures when using SystemService.

If SystemService becomes aware of a security incident that may affect data or platform integrity, it will take appropriate steps to investigate, limit and remediate the issue.

Where legally required, SystemService will cooperate with affected customers, service providers or competent authorities.

This Security Statement may be updated when the platform, infrastructure, providers, security measures or legal requirements change.

The current version is published on this page.