Incident response
Überprüft am 26. März 2026
Incident response programme
Severity tiers, SLAs, and how we communicate incidents to customers.
PDF herunterladen
Verantwortlich: Head of Security
Our incident response process follows the NIST SP 800-61r2 lifecycle. Incidents are triaged into four severity tiers with defined response and customer-communication SLAs.
Customers are notified of confirmed incidents that affect their data within 72 hours, in line with UK GDPR Article 33.