Terms and conditions of use

Privacy Policy

Hosting

Lucifer relies on industry leading service providers for server, hosting and infrastructure management. The Luxifer application and website are hosted by an external cloud provider (Microsoft Azure) with a certified high availability infrastructure and a documented disaster recovery plan.

The servers used by this provider are located within the European Union. The use of Microsoft Azure allows us to deploy new versions of our application, and to ensure that you always have access to the most secure and efficient version of WeTransact. Your data processed by the WeTransact application is stored by Microsoft Azure on servers also hosted within the European Union.

These hosting services offer industry-leading scalability, data availability, security and performance, with a documented business continuity plan.
These hosting providers are certified to leading international standards, including ISO/IEC 27001, and are audited annually by an independent body.Their data centers have 24/7 physical security and some of the most advanced safeguards in the world. This means our data centers are secured by the best infrastructure professionals in the business. Using Microsoft Azure gives us access to levels of security and quality of service that our application can reliably rely on. In addition, all key production systems are backed up and maintain redundancy.This backup service is provided by Azure and is physically located on Azure servers within the European Union in a different availability zone than the primary server in case of physical damage to the data center.

Encryption

On Microsoft Azure, all of your data is encrypted, which helps prevent unauthorized access to your data (including the host itself). This way, even someone who would have physical access to the servers could not read the data. All data flows are encrypted from end to end, whether they are between the application and you, the Microsoft Azure servers, or our teams.

Authentication

If you have a Microsoft account, Azure Active Directory Single Sign-On (SSO) is used to access the application to comply with your organisation authentification governance. If preferred, WeTransact can issue an identifier and password to access the application. An access control system identifies each user and prevents unauthorized users from accessing or using the information resources.

Passwords are stored encrypted with a 256-bit AES encryption algorithm. Encryption keys are deployed in accordance with good IT security practices to prevent fraud or malicious attacks.

Protection of personal data

We only process personal data of our users for the purpose of providing and improving the Luxifer application and the provision of application maintenance and support. In accordance with the GDPR, these processing operations, their legal basis, duration, and purpose are detailed in the Data Processing Agreement attached to our general terms and conditions and in our Privacy Policy.

The Data Processing Agreement concerns all processing of Personal Data for which the Customer determines the purpose and means of such processing and for which we are a subcontractor. The Privacy Policy covers all processing of Personal Data for which we are the data controller. Our subcontractor Microsoft Azure is also subject to the requirements of the GDPR due to the fact that the data subjects whose data we process are European and that Microsoft Azure acts as subcontractor of Luxifer a Belgium company subject to the GDPR.

Our users’ personal data is not used for commercial purposes and is not part of our business model. Our users keep control of their data and can at any time exercise their rights to access, modify or delete their personal data by writing to Jeremy Goldyn.

Security of the application

The security of the application is regularly tested. Any vulnerabilities found are corrected as part of our iterative process of constantly improving the security of the application.