Figures Logo

Privacy is at the core of what we do.

A GDPR-compliant Data Protection Agreement is signed between Figures and every participant. Anonymous data is being collected, stored (in Europe) and processed in accordance with GDPR regulation. Your data is safe with us.

The objectives for information security at Figures are the following:

Protect confidentiality, integrity, availability and traceabilityy of information, systems, facilities and people.
Ensure the people, processes and systems at Figures are trustworthy by ensuring:
  • · Information is disclosed only to authorized parties
  • · Information is altered by only authorized parties
  • · Information is available to authorized parties when needed.
Maintain compliance with applicable legal, regulatory and contractual requirements that are related to information security.
Deliver information security primarily driven by risks, standards based and independently verified.

More information about your data security:

We conduct the following security measures :

Establish, document, approve, communicate, apply, evaluate and maintain policies and procedures for application security to provide guidance to the appropriate planning, delivery and support of the organization's application security capabilities. Review and update the policies and procedures at least annually.

Establish, document and maintain baseline requirements for securing different applications.

Define and implement technical and operational metrics in alignment with business objectives, security requirements, and compliance obligations.

Define and implement a SDLC process for application design, development, deployment, and operation in accordance with security requirements defined by the organization.

Implement a testing strategy, including criteria for acceptance of new information systems, upgrades and new versions, which provides application security assurance and maintains compliance while enabling organizational speed of delivery goals. Automate when applicable and possible.

Establish and implement strategies and capabilities for secure, standardized, and compliant application deployment. Automate where possible.

Define and implement a process to remediate application security vulnerabilities, automating remediation when possible.