[vc_row kd_background_image_position=”vc_row-bg-position-top” css=”.vc_custom_1605811779090{padding-top: 100px !important;}”][vc_column width=”2/3″ css=”.vc_custom_1607016951846{padding-right: 100px !important;}” offset=”vc_col-lg-8 vc_col-md-12 vc_col-xs-12″ css_tablet_landscape=”.vc_custom_1607016951846{padding-right: 15px !important;}” css_tablet_portrait=”.vc_custom_1607016951847{padding-right: 15px !important;}” css_mobile=”.vc_custom_1607016951847{padding-right: 15px !important;}”][vc_row_inner kd_background_image_position=”vc_row-bg-position-top”][vc_column_inner offset=”vc_hidden-lg”][/vc_column_inner][/vc_row_inner][vc_column_text]

Information Security and Privacy Policy

1. Purpose

The purpose of this policy is to protect the company’s sensitive information and personal data of customers and employees.

Scope

This policy applies to all employees, contractors, and third-party vendors who have access to the company’s sensitive information and personal data.

1. Responsibilities:

• All employees are responsible for protecting the company’s sensitive information and personal data.
• The IT department is responsible for implementing and maintaining security controls and monitoring for data breaches.
• Management is responsible for ensuring that this policy is followed and that appropriate resources are allocated to protect the company’s sensitive information and personal data.

1. Data Classification:

• The company will classify its sensitive information and personal data into different levels, based on their sensitivity and the potential impact of a data breach.
• Access to sensitive information and personal data will be restricted to only those employees who need it to perform their job duties.

1. Data Protection

• The company will implement appropriate security measures to protect its sensitive information and personal data, such as encryption and access controls.
• Regular security audits and risk assessments will be conducted to identify potential vulnerabilities.
• The company will establish incident response procedures to handle data breaches.

1. Privacy

• The company will only collect, use, and disclose personal data in accordance with applicable laws and regulations.
• The company will provide customers and employees with clear and conspicuous notice of its data collection, use, and disclosure practices.
• The company will provide customers and employees with the ability to opt-out of the collection, use, and disclosure of their personal data.

[/vc_column_text][/vc_column][vc_column width=”1/3″ offset=”vc_col-lg-4 vc_col-md-12 vc_col-xs-12″][vc_widget_sidebar sidebar_id=”page-sidebar”][/vc_column][/vc_row]