Skip to Content
Nemu Inc.
Phys and Env Security🏒 Physical Access Policy

🏒 Physical Access Policy

1. Purpose

This document describes Nemu Inc.’s approach to physical access control for locations and devices that can access scoped data.

2. Reliance on Cloud Service Providers

Nemu Inc. does not operate its own data centers. Physical security for servers and storage is provided by:

  • Supabase’s underlying cloud infrastructure.
  • Render’s hosting environment.
  • Google Workspace data centers.

These providers implement layered physical controls including secure facilities, access badges, surveillance, and environmental controls, as documented in their security and compliance materials.

3. Office and Remote Work Practices

Nemu Inc. only operates in a remote. Do not provide any physical property.

4. Device Access Controls

  • Employees must have Full-disk encryption (e.g., FileVault, BitLocker) is enabled where supported.
  • Operating system user accounts are protected with strong passwords or biometrics.
  • Devices are configured to auto-lock after a period of inactivity.

5. Audit Evidence

  • CSP security/compliance documentation describing data center physical controls.
  • Device configuration policies or MDM profiles (if used).
  • Internal documentation describing remote work and device security expectations.

6. Compliance Mapping

  • SOC 2: CC6.6
  • ISO 27001:2013: A.11.1, A.11.2

Contact: support@mynemu.com Β© 2025 Nemu Inc.. All rights reserved.

Last updated on
Physical and Environmental SecurityPrivacy Management