1. Purpose 

The purpose of this information is to describe Planet’s Technical and Organisational Measures (TOMs) pursuant to Article 32 of the General Data Protection Regulation (GDPR). 

2. Definitions 

3. Planet Data Security 

3.1 Security Programmes and Policies 

3.1.1 Security Programme 

Planet has a comprehensive security programme that defines its approach to managing security. The programme details the specific security controls implemented by Planet to protect its systems and data.. The security programme includes: 

  a) documented policies that Planet formally approves, internally publishes, communicates to appropriate personnel, and reviews at least annually; 

  b) documented, clear assignment of responsibility and authority for security programme activities; 

  c) policies covering, as applicable, acceptable computer use, data classification, cryptographic controls, access control, removable media, and remote access; and 

  d) regular testing of key controls, systems, and procedures. 

3.1.2 Privacy Programme 

Planet maintains and enforces a privacy programme with related policies that address how Personal Data is collected, used, and shared. 

3.2 Risk and Asset Management 

3.2.1 Risk Assessments 

Planet proactively manages risk through our robust Three Lines Model. This comprehensive approach helps us identify, analyse, and evaluate potential threats before taking action. Identified risks are treated effectively, monitored closely, and regularly reviewed to ensure their continued mitigation. 

3.2.2 Asset Management 

Planet maintains and enforces an asset management programme that appropriately classifies and controls hardware and software assets throughout their life cycle. 

3.3 Personnel Education and Controls 

3.3.1 Acknowledgement of Responsibility 

All Planet employees, and independent contractors who may have access to data, including those who process Personal Data, acknowledge their data security and privacy responsibilities under Planet’s policies. 

3.3.2 Controls 

For employees and contractors, Planet, either itself or through a third party: 

  a) implements pre-employment background checks and screening; 

  b) conducts security and privacy training; 

  c) implements disciplinary processes for violations of data security or privacy requirements; and 

  d) upon termination, or application role change, Planet promptly removes employee access rights and requires the employee to handle data in accordance with the data retention policy. 

3.3.3 Authentication 

Planet authenticates each employee’s, or contractor’s, identity through appropriate authentication credentials such as strong passwords, token devices, or biometrics. 

3.4 Training and Awareness 

3.4.1 Annual Security and Privacy Training 

Planet’s employees complete annual awareness training on GDPR, KYC, AML, and Information Security. 

3.5 Network and Operations Management 

3.5.1 Policies and Procedures 

Planet implements policies and procedures for network and operations management. These policies and procedures address hardening, change control, segregation of duties, separation of development and production environments, technical architecture management, network security, malware protection, protection of data in transit and at rest, data integrity, encryption, audit logs, and network segregation. 

3.5.2 Vulnerability Assessments 

Planet performs periodic vulnerability assessments and penetration testing on its systems and applications, including those that process Personal Data. 

3.6 Technical Access Controls 

3.6.1 Access Control 

Planet implements measures to prevent data processing systems from being used by unauthorised persons, including the following measures: 

  a) user identification and authentication procedures; 

  b) password complexity standards; and 

  c) automatic account blocking. 

3.6.2 Data Access Control 

Planet implements measures to ensure that persons entitled to use a data processing system gain access only to the Personal Data allowed for their access rights, and that Personal Data cannot be read, copied, modified, or deleted without authorisation, including: 

  a) internal policies and procedures; 

  b) differentiated access rights (profiles, roles, etc.); 

  c) access monitoring and logging; 

  d) access reports; 

  e) access procedures; 

  f) change procedures; and 

  g) deletion procedures. 

3.7 Physical Access Controls 

3.7.1 Data Centre Security 

Planet leverages trusted third-party service providers for hosting its production infrastructure. Planet depends on these third parties to oversee the physical access controls to the data centre facilities under their management. Some of the measures offered by Planet’s service providers to prevent unauthorised individuals from gaining physical access to the premises and facilities where Personal Data are processed include: 

  a) physical access control systems and programmes; 

  b) security video and alarm systems; 

  c) access control roles and area zones. 

  d) access control audit measures; 

  e) electronic tracking and management programme for keys; 

  f) access authorisations process for employees and third parties; 

  g) door locking (electrified locks etc.); and 

  h) trained security staff. 

3.7.2 Office Security 

Physical access to Planet offices is provided under the following set of controls:  

  a) guests are required to report to reception immediately upon arrival; 

  b) physical access to office and service rooms is protected by security doors equipped with electronic controls; 

  c) doors and windows are secured outside of business hours; and 

  d) office buildings are fitted with alarm systems. 

3.7.3 Third-Party Audits 

Planet reviews third-party audit reports to verify that Planet’s service providers maintain appropriate physical access controls for the managed data centres. 

3.8 Availability Controls 

Planet has in place measures to guarantee the prompt restoration of the availability and access to Personal Data in the event of a physical or technical incident, including: 

  a) database replication; 

  b) backup procedures; 

  c) hardware redundancy; and 

  d) business continuity plans. 

3.9 Disclosure Controls 

Planet implements measures to ensure that Personal Data cannot be read, copied, modified, or deleted without authorisation during electronic transmission, transport, or storage on storage media (manual or electronic). 

3.10 Separation Controls 

Planet implements measures to ensure that Personal Data collected for different purposes can be processed separately, including: 

  a) least privilege limitation of access to data; 

  b) segregation of functions (development/testing/production); and 

  c) logical segmentation processes to manage the separation of Personal Data. 

3.11 Certifications 

3.11.1 PCI Compliance 

Planet commits to delivering its services in accordance with PCI-DSS compliance standards, as applicable to our offerings. This commitment is validated annually by an independent Qualified Security Assessor (QSA) to ensure Planet maintains its PCI certification. 

3.12 Encryption 

3.12.1 Encryption Mechanisms 

Planet employs data encryption mechanisms at various stages to reduce the risk of unauthorised access to Planet data while at rest and during transit. Furthermore, access to Planet's cryptographic key materials is limited to a select group of authorised Planet personnel. 

3.12.2 Encryption in Transit 

To safeguard data in transit, Planet mandates that all inbound and outbound data connections be encrypted using the TLS 1.2 protocol or higher. However, in certain cases where outdated technologies are employed by clients, customers, or partners, TLS versions below 1.2 may still be in use. Planet reserves the right to discontinue these connections at its discretion without prior notice. 

3.12.3 Encryption at Rest 

For data stored in Amazon Web Services, we employ AWS KMS keys (administered by AWS) to implement robust encryption at rest for both EBS (block storage) and S3 (object storage). EBS serves as the storage foundation for databases on AWS, hence applicable databases are automatically encrypted at rest using this secure mechanism. Additionally, for both EC2 and RDS storage, we employ encryption to safeguard our PCI DSS data, ensuring compliance with stringent industry standards. 

For data stored in Microsoft Azure, SQL Server databases leverage Transparent Data Encryption (TDE) activated at the instance level. This ensures comprehensive data protection by encrypting data at rest. The encryption key is securely controlled by Microsoft, eliminating the risk of unauthorised access. Furthermore, Azure Storage Accounts are encrypted by default using a key managed by Microsoft, further bolstering data confidentiality. 

For data stored in our on-premises environment, Planet implements a comprehensive data security framework comprising both encryption at rest and field-level database encryption for sensitive information. Wherever necessary, as required by applicable regulations and standards, data stored at rest is cryptographically secured using FIPS 140-2 (Level 3) certified Hardware Security Modules (HSMs). These HSMs employ AES 256 encryption, a highly robust algorithm that renders data impenetrable to unauthorised access. Further reinforcing data protection, Planet employs field-level database encryption to safeguard sensitive data within its databases. This approach enables selective encryption of specific fields or columns, ensuring that only authorised users can gain access to sensitive information. 

For data stored in our private cloud, we employ hardware-driven, on-array, back-end encryption for storage arrays. This robust encryption scheme safeguards information from unauthorised access even when physical disk drives are removed from the system. The back-end encryption implementation leverages SAS I/O modules equipped with AES-XTS data at rest encryption, ensuring adherence to stringent FIPS 140-2 Level 1 security standards. Additionally, an in-built RSA Embedded Key Manager is utilised for comprehensive key management, further reinforcing the integrity and confidentiality of customer data. 

3.13 Data Security Incident Management and Notification 

Planet implements a data security incident management programme that addresses how Planet manages incidents. 

Planet will notify impacted customers, employees, users, and Competent Authorities (where applicable) of incidents in a timely manner as required by data protection laws. 

3.14 Reviews, Audit Reports, and Security Questionnaires 

Upon receiving a written request, and in accordance with the conditions provided for in our relevant terms of service and/or data protection agreement, Planet will participate in an audit to confirm our compliance with data protection legislation. The responses provided by Planet to the security questionnaire are considered confidential data. 

3.15 Data Retention and Deletion 

Planet implements and maintains data retention policies and procedures related to Personal Data and reviews these policies and procedures as appropriate.