Last updated: February 2022
Everyone in Team Eggy has a family. We know that the safety and security of your family is more important than anything. That's why we've made security and privacy a priority.
This Security Centre is your one-stop-shop for all things security and privacy related - so check in here regularly to learn more about what we're doing to help keep your information safe.
We know we can't be experts at everything, so we've worked with some of Australia's brightest minds from the beginning to make sure your information is safe and sound.
Daniel Grzelak is Eggy's Security Advisor. As a highly experienced, internationally-recognised information security specialist, Daniel oversees Eggy's security strategy. Daniel's advice to the Eggy Team ensures that Eggy's security is optimised. Daniel is currently Head of Security at Atlassian – an Australian-based, global software giant.
Eggy has also partnered with Phronesis Security, an Australian cyber security consultancy on a mission to do cyber security for good, to ensure our application and underlying infrastructure is tested and secured against the world's leading cyber threats and vulnerabilities.
Our legal partners, Edwards and Co, are a boutique Australian law firm who have been providing Eggy with expert commercial and regulatory advice since our inception, with a focus on privacy law, data protection and cyber security.
Every employee at Eggy has undergone a rigorous vetting process. All team members, including our employees, advisors and contractors, are bound by Eggy's Information Security Policy.
We're proud Queenslanders too and most of Eggy's team is based in South-East Queensland, specifically on the Gold Coast and in Brisbane.
All of our infrastructure is hosted in Amazon Web Services (AWS) data centres and all files uploaded by Eggy users' are stored in Australian AWS cloud-based data centres. Everything is kept under lock and key, including video surveillance, intrusion detection, and access log monitoring systems.
All of Eggy's technology is configured according to best practice standards. We also work with our operational security partners at Trend Micro to ensure Eggy's systems are as secure as possible through real-time threat monitoring and compliance audits.
Our identity and access management
It's crucial that we know who in our team has access to what, to be confident that our users' data is safe.
For this reason, we've developed identity and access management policies that include a requirement for all Eggy team members (including our employees, advisors, and contractors) to use multi-factor authentication (MFA) via a registered device to access any Eggy systems or data.
From their first day on the job to their final farewell drink, we ensure everyone in the Eggy team is given access to only what they need to do their job, as per the principle of least privilege.
Your data at rest
Any file that you upload to your Eggy account is protected at rest using AES-256 - the same encryption algorithm used to protect bank records and Top Secret government data. This means that your files cannot be read or accessed by any unauthorised users, even with physical access to the server.
Your data in transit
All your communications with the Eggy app and website are protected in transit using TLS1.3, the latest and most secure security protocol. This means no-one can snoop on your information as it's on its way to our servers, even if the communications were intercepted.
We know that personal information, like your life admin info, is so important to you. That's why we only collect the information that's necessary to deliver on our intention of making life a little bit easier.
We also believe it's important for you to have complete control of your personal information - so you can download or delete your data at any time, and we won't share it with anyone unless you tell us it's okay.
If you believe you've discovered a potential security vulnerability within our products or services, let us know as quickly as possible by emailing firstname.lastname@example.org. We appreciate your help and promise to treat you as a friend and ally as long as you act in good faith. Check out Eggy's Vulnerability Disclosure Policy for more details.
If you have any questions about Eggy's security or privacy, please contact us by emailing email@example.com