• Home
  • Incubation programs
    Start
    For startups at the idea stage
    Launch
    For startups with a (semi) developed product
  • Incubation criteria
  • Who we are
  • Contact us
Apply here
Apply here

Security Statement

LAST UPDATED: OCTOBER 1, 2022

Introduction

This security statement applies to the products, services, websites and apps, collectively referred to as “Services” offered by Jubile Tech Incubator Ltd., a Venture Capital and Software Development company UK Limited Company with registration number 14363692 and official address Kemp House, 160 City Road, EC1V2NX, London, United Kingdom (collectively, “Jubile” / "Jubile Startup Builder" / "Jubile Tech Incubator" / “we” / “our” / “us”). We value the trust that you place in us by letting us act as custodians of your data and take our responsibility to protect and secure your information responsively and aim for complete transparency around our security practices.

Encryption

We encrypt your data in transit using secure TLS cryptographic protocols. All connections to our services are via TLS 1.1 and above and we support forward secrecy and AES-GCM. We prohibit insecure connections, as well as secure connections attempting to use TLS 1.0 and below or RC4, as these are widely considered to also be insecure. Protocols and Cipher Suites for encryption used by our services are regularly reviewed to be in line with industry best practices.

Data Centre and Infrastructure

Our services are hosted in the UK with our servers benefitting from hardware and software firewall protection located in ultra-secure, ISO 27001 accredited data centres. The infrastructure our servers are on is monitored and maintained on a 24-7-365 basis with regular threat scans and analysis as well as penetration testing on core infrastructure. Encrypted backups are taken nightly of all data to an alternative UK based data centre location with backups being stored for up to six months. Access to our servers is heavily limited and restricted, only available from specific locations and connections with privileges granted on a need to know basis, with least privileges required.

Software Development Quality

Our development teams strive to adhere to best practices and secure coding techniques. Including, but not limited to, using the highly regarded OWASP Top Ten as the most effective guide to critical security risks for web applications. We run and maintain separate environments for development, testing and production. Updates are not made available to the production environment without first going through development and testing environments. We make use of a GIT revision control system to maintain the source code for services which allows for tracking of and reviews of all code changes before deployment to any environment. This also allows us the ability to select important and critical updates and accelerate them to our production servers. Access to source code is maintained on a need to know basis with least privileges required.

Logging and Monitoring

Our services and infrastructure have multiple levels of logging and audit information systems in place for both security and quality of service purposes. Our logs are actively monitored and analysed for abnormal pattern and unauthorised access attempts, as well as to maintain performance levels and in support of troubleshooting efforts. Access to this information is strictly limited and where possible only retained for up to 6 months.

Email Communications

All emails that are sent from our services use Microsoft Outlook with enterprise security layers, ensuring the best overall security communication protocols. We can guarantee that all emails leaving our services are free from viruses and spyware, however as messages are then relayed through multiple further servers to reach the intended recipient, we would recommend that as with all emails, they are scanned upon arrival to a company network. This will be the case for any email from any user to any network and all providers should scan email before delivering to a user account.

Your Account

We provide our clients with control of their own users and their data. As such it is important for clients and their users to practice good security practices by using strong account passwords and where necessary, restricting user accounts access and permissions to aid in keeping your data secure. We can guarantee that all emails leaving our services are free from viruses and spyware, however as messages are then relayed through multiple further servers to reach the intended recipient, we would recommend that as with all emails, they are scanned upon arrival to a company network. This will be the case for any email from any user to any network and all providers should scan email before delivering to a user account.

Certified Security Assessments

Since Privacy by Design is one of our core values, we conduct regular privacy and security policy assessments with reputable legal and security experts. Every assessment cycle takes place regularly on a yearly basis and also before releasing any major piece of functionality in order to maintain the highest security standards. 

Contact

If you have any questions or concerns about your privacy, security and data protection in relation to the use of Jubile's Website, Product or Services please contact our privacy officer:

  • Email: data-privacy@jubile.tech
  • Phone: +44 204 577 1290
  • Letter to our Headquarters: Kemp House, 160 City Road, EC1V2NX, London, United Kingdom

Links to Other Legal Documents

  • Privacy Policy
  • GDPR Compliance
  • Terms of Use
  • CCPA Compliance
  • Vulnerability Disclosure
If you desire to print this document, please use the keyboard shortcut Ctrl + P (for Windows) or Command + P (for macOS) to start the print process; all modern browsers support this operation.
Back to top

UK Office: Kemp House, 160 City Road, EC1V2NX, London

SITEMAP

  • HomeIncubation programIncubation criteriaWho we areContact usIncubatee application

Legal

  • Terms of UsePrivacy PolicyCCPA Compliance
GDPR ComplianceSecurity StatementVulnerability Disclosure

contact

  • contact@jubile.tech
  • LinkedIn's logo branded in Jubile's light purple colour. When clicked, it leads to Jubile's official LinkedIn account.

Copyright @2022 for Jubile Tech Incubator Ltd., a UK Limited company with registration number 14363692. All rights reserved.