

Security Policy
Last updated: January 21, 2025
1. Introduction
At Hiking in London (HIL), we prioritize the protection of our users’ data and the integrity of our systems. This document explains the principles and guidelines we follow to ensure security.
2. Scope
This policy covers:
- The main site www.hikinginlondon.co.uk
- All subdomains and services under our control
3. Security Objectives
- Confidentiality: Prevent unauthorized access to sensitive information.
- Integrity: Protect data and systems from unauthorized alterations.
- Availability: Keep our site and services operational and resilient.
- Transparency: Notify affected parties when incidents occur.
4. Protective Measures
- Encryption: We use SSL/TLS certificates for secure connections.
- Access Control: Minimum privilege principles restrict system access.
- Monitoring: Tools to track system health and detect intrusions.
- Regular Updates: Magento and extensions are patched promptly.
5. Vulnerability Reporting
If you discover a vulnerability, please follow our Responsible Disclosure guidelines. We appreciate and respond to all legitimate reports.
6. Data Storage
- Databases: Restricted access, password encryption, and firewalls.
- Logs: Retained for audit and anomaly detection, then purged periodically.
7. Internal Responsibilities
Our IT team manages updates and server health. Our development team fixes reported issues. Leadership oversees risk management and approves security plans.
8. Incident Notification
In case of a security breach:
- We analyze impact and root cause immediately.
- We notify affected users if required, abiding by applicable laws (e.g., GDPR).
- We communicate any necessary steps to contain and resolve the issue.
9. Continuous Improvement
HIL reviews this policy regularly to integrate new measures and adapt to evolving threats.
10. Limitations
No system is 100% invulnerable. We commit to our best efforts and timely responses to potential threats.
11. Contact
For questions regarding this policy or to report a security issue, email events@hikinginlondon.co.uk, or see our Security Contact page.
© 2025 Hiking in London Club