Published data policy
Eunoiana Dev classifies and handles client data, project materials, credentials and sensitive information according to risk. Sensitive data is protected with access restrictions, secure handling practices and encryption controls where applicable.
Eunoiana Dev maintains data classification and handling practices for information used in company operations and client projects. Data is classified according to sensitivity, business purpose and potential impact if disclosed, altered or lost.
Sensitive data is restricted to authorised purposes. Data is encrypted in transit using HTTPS/TLS where applicable, and sensitive data stored in reputable cloud platforms, hosting providers or managed services is protected using provider-supported encryption at rest.
Eunoiana Dev classifies information into practical categories including public information, internal business information, client project information, personal data, credentials, production secrets and sensitive operational information.
Sensitive data includes personal data, authentication credentials, API keys, production secrets, payment-related configuration, private client documentation, proprietary code and other information that could create risk if exposed.
Access to sensitive data is limited to authorised users and legitimate project, support, operational or compliance purposes. Least-privilege access controls are used to reduce unnecessary exposure.
Public web applications, admin interfaces and cloud services are expected to use HTTPS/TLS in production. Where Eunoiana Dev manages deployment configuration, secure transport settings are enabled through the hosting platform, CDN or application gateway.
Sensitive data stored in cloud hosting platforms, managed databases, SaaS tools, repositories or approved storage services is protected using provider-supported encryption at rest where available and appropriate for the service.
Passwords, API keys, tokens and production secrets are stored using password managers, hosting environment variables or platform secret management where appropriate. Secrets are not intentionally committed to public repositories.
Eunoiana Dev aims to collect, copy, export and retain only the information required for agreed project work. Test data should avoid unnecessary use of live personal data where practical.
Sensitive data should be shared only through approved systems and only with authorised recipients. Unapproved public links, casual file sharing and unnecessary email attachments are avoided for sensitive material.
This data classification and encryption policy is reviewed as systems, tools, client requirements and regulatory expectations change.
Questions about these controls can be sent to hello@eunoiana.com.