Incident Response Policy

In the unlikely event of a security incident or data breach, Zerix follows a structured response plan to ensure rapid containment and transparent communication.

Incident response steps

1. Detection and verification. Anomalies are automatically flagged via platform monitoring tools.
2. Containment. Affected systems are isolated immediately.
3. Assessment and reporting. The issue is assessed within 24 hours, and affected customers are notified promptly if their data may be impacted.
4. Remediation and review. Vulnerabilities are corrected, and a root-cause analysis is completed within 72 hours where possible.

All incidents are logged, reviewed and reported in line with UK GDPR Article 33 (72-hour notification window).