1. Purpose
GoRabbit works according to established information security principles to ensure that all data is handled confidentially, available and correctly.
2. Framework and approach
GoRabbit follows recognised security principles drawn from frameworks such as ISO 27001 and CIS Controls, without claiming full certification or a complete ISMS implementation.
These principles guide how we build, operate and develop the service.
- risk-based assessment of changes and new modules
- access management based on least privilege
- logging of relevant system events
- controlled handling of errors and deviations
- regular quality assurance of operationally critical parts of the platform
3. Access management
Access is granted only to authorised operators who need it to perform work related to operations or error handling.
- all access is logged
- access is reviewed as needed
- customer data is never shared without an agreement
4. Secure operation
GoRabbit carries out ongoing technical quality assurance of the modules in the platform, including RabbitEngine, RabbitWarmUp, RabbitOutput and RabbitStudio.
- encrypted communication between all service components
- continuous monitoring of operational processes
- controlled handling of deviations and errors
- periodic security assessment at major changes
5. Incident handling
System events are logged and assessed. Critical events can trigger internal alerts and manual follow-up.
6. Sub-processors
Sub-processors are used only where necessary for the service, and all are governed by a data processing agreement (DPA) where this is required.
7. Continuous improvement
GoRabbit is developed continuously. Security improvements are implemented on an ongoing basis as part of ordinary service development.