The processes and practices we use to secure your data.

Data protection and security are serious topics – especially when it comes to the personal, clinical, health and medical data that you store within your Nookal account.

So, contrary to the general lightheartedness you may see in our product, website and team, we want you to be confident that above all else, the security and protection of your data is our number one priority (no exceptions).

It’s also important to understand that any information we publicise and provide to you is generalised and cannot be as detailed as the security processes or protocols we have in place, as any specific information can aid the people we’re protecting you (and ourselves) from.

Below you will find an overview of the security measures that we use to ensure your peace of mind.

General Measures

  • All Nookal staff members are educated on data protection procedures and password safety management.
  • We use encryption algorithms compliant with standard AES-256 during transmission and storage of data.
  • All Nookal account data is stored within secured data centres around the world – including:
    • Sydney – for Client Data in AU Accounts.
    • Ireland – for Client Data in EU/UK Accounts.
    • Ohio – for Client Data in US/CA Accounts.
  • We have a Personal Data Breach Protocol for quick and efficient reactions in case of suspicion of data being compromised.

Account Access

  • Access to all Nookal accounts is secured by login, passwords and 2-factor authentication are available for all users.
  • Each user has their own access and is instructed on risk of sharing access.
  • Detailed Permission settings are available for account owners to control each section and task users can access within their account.
  • Data is not shared unless identity of the account owner has been established and/or written consent has been provided by account owner to share data to a third party.

Database Access

  • All databases are secured with VPN and specific email/password combination.
  • Database access is restricted.
  • All databases require login after short time of inactivity.
  • All activity within a database is logged.

Security Testing

We engage in regular testing and certification with third party industry experts.

For a copy of our most recent security assessment please contact:

Additional Information

Additional information about how we store and process different types of data is available in our Privacy Policy.

For any additional questions on Security Measures, please contact:

Chat with Us!

🍪 Your Privacy Choices

We use cookies to provide functionality, improve, analyse, market, and support relevant solutions for you. Read more ›

🍪 Cookies