Jump to contents

Security policy

LittleDot was designed to help parents get in touch with the best doctors and experts.

Our platform is secure and provides parents with encrypted and GDPR-compliant communication.

GDPR compliance

The LittleDot team ensures that the platform and data are always protected and GDPR compliant (Act on the Implementation of the General Data Protection Regulation). LittleDot enables secure communication for healthcare professionals under GDPR.

Encryption

LittleDot uses leading encryption standards to protect all data in transit and at rest.

All requests are made using a minimum of TLS 1.2. Video calls are encrypted in end-to-end (E2E) transmission over WebRTC security protocols. Personal data concerning health and messages are encrypted using the AES-256-CFB codebook.

Network security

LittleDot uses multiple monitoring strategies to ensure that alerts are triggered and addressed quickly. Access (who/when/how often) is monitored at the level of the individual user. Engineers have limited permissions depending on the role following the least access principle.

Physical security

LittleDot is housed in a Tier 3 certified data center, which uses a number of physical and security control measures. All equipment is housed in cages with 4 levels of security and access through a single door that is monitored 24/7 by security cameras. The facility uses controls to maintain the appropriate temperature and ensures a stable and safe environment.

Reporting security issues

LittleDot uses the latest technology and follows trends in web security. If you discover an issue in web security that you believe has an effect on the security of the LittleDot platform, please report it immediately.

If you wish to report a security issue, please do so by contacting:

[email protected]