Information
Future in SuperScale s.r.o. is secured
As a modern, forward-looking business, SuperScale s.r.o. recognises at senior level the need to ensure that its business operates smoothly and without interruption for the benefit of its employees, customers, shareholders and other stakeholders.
Senior management recognizes the importance of information security to protect information and business assets and in order to provide such a level of continuous operation, SuperScale s.r.o. has developed an Information Security Management System (ISMS) in line with international standard ISO/IEC 27001 and independent cybersecurity reputation risk management solution provided by CyberGRX.
The operation of this ISMS has many benefits for the business, including:
Protection of revenue streams and company profitability
Ensuring the supply of goods and services to customers
Maintenance and enhancement of shareholder value
Compliance with legal and regulatory requirements
Reducing risks to acceptable level and effective process integration
Following the ISO 27001 standard and risk management check by CyberGRX, here are the security basics we follow to improve the trust our clients can have in our products but also the security feelings of our employees and suppliers.
To ensure adequate business continuity of our services, we rely on well-tested and well-proven cloud security providers such as Google Cloud Platform or Digital Ocean. In addition to assured resiliency by cloud service providers, we perform server image backups to ensure we will not loose data necessary to provider our services.
All communications channels with our servers and services are encrypted using TLS with configuration best practices, we make sure data in transit are encrypted and up to date secure encryption methods are used.
Data reside in MongoDB databases; documents reside in Google Workspace with adequate backup frequency to ensure we will not loose data necessary to provide our services.
For secure authentication we utilize integration with Google SSO SAML and enforce 2FA authentication where it is technically possible. We never store password and authentication information in clear text. Access to information and files is strictly setup as per our control access principles of role-based access control, principle of least privilege and need to know. Every 3 months we review accesses and permissions to ensure only authorized people have an adequate level of access. Employees use password management system to enforce strong and complex password policy.
All our developers are made aware of best practices and minimum-security requirements in secure development, code we write is double checked and analysed for known vulnerabilities. Various functionality and security tests are run before each new code deployment. Every year we engage external subject matter experts to perform their independent penetration testing of our application.
All our computers and work mobile devices have drives encrypted, and run with up-to-date NextGen Antivirus solution including enhanced functionality such as MDM, HIPS and EDR. Mobile devices are authorized and under our visibility by Google Endpoint management tool.
We engaged external subject matter experts to provide us with SOC services, advanced monitoring including SIEM services, periodic vulnerability scanning of our infrastructure and threat intelligence reporting to ensure security posture is up-to-date in today’s ever-changing world where new vulnerabilities and threats are discovered every week.
Commitment to the delivery of information security extends to senior levels of the organization and is demonstrated through the information security policy and strategy, and the provision of appropriate resources to continuously improve the ISMS program.
We encourage all employees and other stakeholders in our business to ensure that they play their part in delivering our information security objectives. It is responsibility of every employee to follow principles of ISMS policies and security awareness trainings to ensure information and processes are protected in respect of desired level of confidentiality, availability and integrity.
Company established security steering committee board that participate on periodic management review meetings to oversee the execution and effectiveness of ISMS program, asset owners responsible for the protection of the assets under their administration and the information security officer (CISO).
Main goals for next period is to continuously monitor the risks to reduce any identified ones to an acceptable level and to enhance our established and executed ISMS program to new ISO27001:2022 version when it is officially released.
Yours sincerely,
Management board
We are a growth partner for game developers & publishers. We combine expertise and technology to scale games through user acquisition, unlocking monetization potential, and deep understanding of data.
For technical issues and general inquiries, please contact our support.
We use cookies on our website. By clicking "Accept All", you consent to the use of ALL the cookies. However, you may visit "Manage cookies" to provide a controlled consent. You can also "Decline All". More information in Privacy Policy.
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
elementor | never | This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. |
bcookie | 2 years | LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID. |
bscookie | 2 years | LinkedIn sets this cookie to store performed actions on the website. |
lang | session | LinkedIn sets this cookie to remember a user's language setting. |
lidc | 1 day | LinkedIn sets the lidc cookie to facilitate data center selection. |
UserMatchHistory | 1 month | LinkedIn sets this cookie for LinkedIn Ads ID syncing. |
Cookie | Duration | Description |
---|---|---|
_ga | 2 years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
_ga_PSXVCB6R9N | 2 years | This cookie is installed by Google Analytics. |
_gat_gtag_UA_173282740_1 | 1 minute | Set by Google to distinguish users. |
_gid | 1 day | Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. |
_hjAbsoluteSessionInProgress | 30 minutes | Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie. |
_hjFirstSeen | 30 minutes | Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user. |
_hjIncludedInPageviewSample | 2 minutes | Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit. |
_hjIncludedInSessionSample | 2 minutes | Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's daily session limit. |
pardot | past | The pardot cookie is set while the visitor is logged in as a Pardot user. The cookie indicates an active session and is not used for tracking. |
Cookie | Duration | Description |
---|---|---|
_fbp | 3 months | This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website. |
fr | 3 months | Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin. |
Cookie | Duration | Description |
---|---|---|
_hjSession_2874212 | 30 minutes | No description |
_hjSessionUser_2874212 | 1 year | No description |
AnalyticsSyncHistory | 1 month | No description |
li_gc | 2 years | No description |
lpv971653 | 30 minutes | No description |
visitor_id971653 | 10 years | No description |
visitor_id971653-hash | 10 years | No description |