Security and data protection
This page is dedicated to outlining our comprehensive measures and protocols designed to ensure the confidentiality, integrity, and safety of your files. Learn about the robust security practices we employ to protect your data.
Data Privacy and Security
Discover how we prioritize your privacy. Explore the summary of our approach to data handling in this section
iLoveIMG's Privacy Policy
We want to be transparent about how we handle your data. In this brief overview, we'll provide key insights into our approach. For more details, check the complete Privacy Policy.
In our commitment to ensuring your privacy, we adhere to the following principles:
- Data Collection: We collect only the information necessary for providing our services.
- Data Security: Your data is securely stored and protected.
- Data Sharing: We do not sell your data to third parties.
- Cookies: We use cookies to enhance your experience. Learn more in the full policy.
- Your Rights: You have the right to control your data and its usage.
Security Policy Overview
The iLoveIMG Security Policy focuses on preventing, detecting, and responding to security incidents to safeguard confidential data and ensure uninterrupted service. It applies to all individuals interacting with iLoveIMG services. For more details, see the complete Security Policy Overview.
Key Responsibilities
Responsibilities include resource allocation by executive management, policy oversight by the Security Committee, adherence to security measures, and reporting incidents by employees and authorized users.
Key Security Measures
Critical security measures encompass access control, security training, regular system updates, and essential risk mitigation strategies. Additionally, iLoveIMG emphasizes data encryption, security audits, and a robust Continuous Improvement Plan to maintain information security and resilience.
Ongoing Evaluation and Improvement
We manage and protect information security with a Continuous Improvement Plan. We regularly review our policies to ensure their effectiveness and relevance in a changing landscape. Additionally, we actively seek opportunities for improvement in our information security processes. This commitment allows us to stay ahead of emerging threats and continuously enhance our safeguards for user data.
Certifications and compliance
Security, privacy, and trust in focus: Our adherence to standards and regulations
Product Security
Find details on how we secure and protect user data and document processing
Data Encryption
Data encryption is a fundamental pillar of our product security. We implement robust encryption protocols, including the use of the HTTPS (Hypertext Transfer Protocol Secure) protocol, to protect your data, both in transit and at rest. This stringent encryption guarantees the confidentiality and integrity of your data, offering peace of mind when using our services.
Additionally, we employ end-to-end encryption to ensure the highest level of security for your data from the moment you upload it until it's processed and delivered back to you.
Data Retention and Removal
Respecting your privacy and adhering to applicable regulations are core principles of our data retention and removal policies. At iLoveIMG, all files processed within our platform are automatically and permanently deleted within two hours of being processed. We also provide users with the option to manually delete files from the download screen, giving you even more control over your data's lifecycle. For transparency, it's important to note that we retain signed documents for a maximum of 5 years in compliance with legal requirements.
User Protection
At iLoveIMG, we prioritize user protection. As part of our commitment to enhancing security, we offer Two-Factor Authentication (2FA). With 2FA, your account is fortified with an additional layer of security, ensuring that only authorized users can access it. Your data remains protected, and your user experience is more secure than ever.
Payment Information (Powered by Stripe)
For seamless and secure transactions, iLoveIMG is powered by Stripe, a renowned and trusted payment gateway. Stripe offers top-tier security for your payment information and is certified as a PCI Level 1 Service Provider.
We do not collect any payment information and are therefore not subject to PCI obligations.
Internal Security
Discover the comprehensive measures and protocols implemented to secure iLoveIMG's internal operations and data
iLovePDF is formed of a team of experienced professionals in the Information Technology sector, whose mission is to develop products that facilitate the conversion, editing, and management of files.
The Information Security Management System (ISMS) preserves the confidentiality, integrity, and availability of information through the application of a risk management process for these products.
The Information Security Policy establishes the main principles for the ISMS, defining the following security objectives:
- Guarantee the confidentiality of the information that iLovePDF receives/sends/processes through its platforms
- Ensure the integrity, accuracy, and veracity of information to guarantee it does not suffer unauthorized alterations or modifications
- Protect access to information, allowing it to be available when requested
- Ensure maximum system availability
- Establish the necessary measures to keep the team constantly aware of adapting compliance and security policies
- Establish evaluation and monitoring measures to ensure that supplier security is aligned with the organization's ISMS
Additionally, iLovePDF is committed to compliance with all national and international regulations that apply to it, defining specific resources for competent management.
iLovePDF's Management provides all staff with the necessary resources to maintain these objectives, and there is a dedicated team that manages information security which regularly meets to discuss issues related to the ISMS.
With an established ISMS infrastructure in place, iLovePDF will regularly evaluate the actions necessary to protect the ISO/IEC 27001 certification and its continuous improvement.
Furthermore, Management commits to actively participating in the ISMS process and plays a key role in making the decisions that relate to system and information security.
Marco Grossi
January 1th, 2024
Barcelona