The data collected through the eMundus solution is hosted either on eMundus servers (based in France) or on those of the client.
eMundus receives the data sent by applicants and carries out, through algorithmic processing, a conformity check on certain documents (passport, identity card, visa, identity photo) to certify that they are of the requested documents and that their format is correct.

To guard against any failure, backups of our web files and also of the databases are made on our servers (rented from the service provider SoYouStart).

In terms of backup, the encryption is AES-256 (encryption algorithm recommended by ANSSI) with a data retention policy (backup over 7 days, retention of 4 backups per month, 12 backups per year for each customer). All our machines are secure and do not use passwords to log in. We all use RSA encryption keys ranging from 2048 to 4096 bits. Some details regarding the security and confidentiality measures put in place:

• Physical access to treatment is protected (secure building)
• A user authentication process is implemented (password)
• Connection logging is performed
• A firewall filters access to the server
• The connection to the platform is encrypted via an SSL certificate
• Backups are encrypted
• Backoffice access is secure at the server level
• Risky IP addresses are blocked
• When a hacking attempt by a user is detected, this user is automatically blocked

eMundus is not responsible for the storage and deletion of application data, which is used by our customers. Only an encrypted backup of data is carried out to guarantee recovery of lost data. This backup takes place once a day and is kept for a maximum of one year. We reliably respect our GDPR policy .