Log In
Sign Up
security policy
Last updated: May 2025
For The Chef Network (TCN)
Operated by Matalino.ai
INTRODUCTION
The Chef Network (TCN) is committed to protecting the information of chefs, employers, and users. We believe security is not just about compliance — it’s about trust. This Security Policy outlines the systems and safeguards we’ve implemented to keep your data secure and outlines what you can expect from us if things go wrong.
TLDR: We treat your data like it’s our own — securely encrypted, tightly controlled, and monitored 24/7 for threats.
1. OUR APPROACH
Security is designed into our platform from day one. We focus on three principles:- Proactive prevention – stopping threats before they happen.
- Minimal data access – only authorized staff, only when needed.
- Rapid response – clear internal processes if something does go wrong.
Plain English: We don’t wait for problems. We build our platform to avoid them.
2. INFRASTRUCTURE SECURITY
- Hosted in secure, accredited data centers with 24/7 monitoring.
- Encrypted database storage.
- Isolation of test and production environments.
- Regular patching and server hardening.
Real-life analogy: Like separating your pantry from your fridge, we separate test systems from live ones so no accidental mixing can occur.
3. SECURITY PRACTICES
We implement the following measures:- SSL/TLS encryption across all user-facing systems.
- Secure credential storage using industry-standard hashing algorithms.
- Access control: only authorized staff may access user data.
- Regular back-ups of critical databases and configuration files.
- Session timeouts and activity-based session monitoring.
- Bot detection via cookie-based fingerprinting and traffic anomaly tracking.
Real-world example: Let’s say a chef logs in and then disappears. Their session times out automatically. If someone tries to flood the job board or scrape our database, our bot filters detect the unusual activity and block it instantly.
TLDR: Encrypted logins, backups, strict access rules, and smart bot blockers protect your account and data.
4. BREACH RESPONSE PLAN
Even with strong safeguards, no system is bulletproof. If we ever detect a breach, we follow this protocol:- Contain – isolate affected systems immediately.
- Assess – identify what data was affected.
- Notify – inform affected users within 72 hours (UK GDPR standard).
- Remediate – fix the issue and prevent recurrence.
- Report – log internally and to authorities if required.
Plain English: If something ever goes wrong, we’ll tell you quickly and fix it fast.
5. USER RESPONSIBILITIES
Security is a shared effort. Users are expected to:- Use strong passwords.
- Keep credentials private.
- Report suspicious activity.
- Avoid sharing sensitive data unless necessary.
TLDR: We protect the platform — you protect your account.
6. COMMITMENT TO YOUR CONCERNS
We understand not everyone is a tech expert. If you have concerns or fears about how your data is handled, we welcome them. Reach out to us — we will always respond clearly and honestly.Plain English: Got a weird login alert or unsure how your data is used? Email us. We’ll talk you through it.