Back to legal overview

Incident Response Plan

Effective Date: 01-01-2023
Last Updated: 28-11-2025
Company: SEINō B.V., Randstad 22-15, 1316 BN Almere, The Netherlands
Contact: legal@seino.ai

1. Purpose

This plan defines how SEINō detects, responds to, and recovers from security incidents to protect Customer Data, ensure service continuity, and meet regulatory obligations (including GDPR).

2. Scope

Covers all SEINō systems, networks, applications, integrations, and data — including third-party services (e.g., hosting providers, payment providers, subprocessors). Applies to all SEINō staff, contractors, and authorized third parties.

3. Roles & responsibilities

We are dedicated to upholding the following data protection principles in strict compliance with the GDPR:

  • ISO (Information Security Officer): Owns and coordinates the incident response process.
  • DPO (Data Protection Officer): Manages GDPR compliance, breach notifications to regulators/clients.
  • Engineering lead(s): Contain and remediate technical issues.
  • Support/Customer success: Communicate with affected clients if needed.
  • All staff: Must immediately report suspected incidents to ISO.

4. Incident categories

  • Data breach: Unauthorized access, loss, or disclosure of Customer Data.
  • Service disruption: Downtime, DDoS, or infrastructure outage.
  • Malware/ransomware: Detection of malicious code or suspicious activity.
  • Unauthorized access: Compromised credentials, brute force attempts.
  • Policy violation: Misuse of systems or integrations.

5. Response process

Step 1 – Identification

  • Incident detected via monitoring, user report, or third-party alert.
  • Initial triage performed within 4 hours of detection.
  • Incident logged in the SEINō Incident Register.

Step 2 – Containment

  • Containment actions started within 24 hours of confirmation.
  • Actions may include isolating affected systems, disabling accounts, blocking malicious traffic, or applying patches.

Step 3 – Notification

  • ISO + DPO assess impact within 24 hours of confirmation.
  • If Customer Data is affected:
    • Notify impacted clients without undue delay, and always within 72 hours of confirmation, in line with GDPR.
    • Notify supervisory authority if required.
  • Provide updates until resolution.

Step 4 – Eradication & Recovery

  • Remove root cause (e.g., malware, vulnerabilities).
  • Restore systems from backups if needed.
  • Monitor closely for recurrence.

Step 5 – Post-incident review

  • Conduct review within 14 days of closure.
  • Document timeline, root cause, impact, corrective actions.
  • Update controls, policies, or training as needed.

6. Communication guidelines

  • All external communication approved by ISO + DPO.
  • Clients receive clear, factual updates (nature of incident, data affected, steps taken, guidance).
  • Regulators notified in required format (GDPR, local law).
  • Internal updates posted in secure channel (#incident-response).

7. Testing & review

  • This plan is tested annually with a tabletop exercise.
  • Updated after significant incidents, organizational changes, or regulatory updates.
Use Cases
Features
Resources
Product
Join our newsletter
Subscribe
Thank you!
Your submission has been received!
Oops! Something went wrong while submitting the form.
Copyright © SEINō 2025