Data Compliance
Data Compliance Document for data.isyndicate.io
International Syndication Company LLC. Last updated: September 2023
Table of Contents
Introduction
Purpose
Scope of Compliance
Definitions
Data Collection Methods
Data Elements Collected
Data Storage and Encryption
Data Access and Export Controls
Data Validation
Security Measures
Data Audits and Accountability
Incident Response and Data Breach Procedure
Data Protection Officer (DPO)
Training and Awareness
Non-Compliance Penalties
Amendments
Contacts
1. Introduction
This document outlines the practices and guidelines concerning data compliance for the web application data.isyndicate.io.
2. Purpose
To establish and describe how data.isyndicate.io collects, processes, stores, and manages sensitive and non-sensitive data.
3. Scope of Compliance
This policy applies to all data stored within the data.isyndicate.io platform.
4. Definitions
Administrator: Users with the highest level of data access.
Manager: Users with limited data oversight.
Resource: External contributors to the database.
5. Data Collection Methods
Manual Entry: By staff and resources.
Automatic Collection: Through integration with mailbooster.icrmsoftware.com for email validation.
6. Data Elements Collected
Data Element | Source | Purpose |
Name | Various | Identification |
Various | Communication | |
Company Info | Various | Business Outreach |
7. Data Storage and Encryption
Storage: Data stored on AWS AlmaLinux instance.
Encryption: AES 256-bit encryption for at-rest data.
8. Data Access and Export Controls
Administrator: Can export up to 10k records in CSV.
Manager & Resource: Can view but not export.
9. Data Validation
Email Validation: Through integration with mailbooster.icrmsoftware.com.
10. Security Measures
Firewall: AWS firewall services in place.
Access Control: Strict role-based access controls.
11. Data Audits and Accountability
Logs: Access logs and action trails maintained for audit.
Accountability: Regular compliance checks.
12. Incident Response and Data Breach Procedure
Response Team: Managed by DPO.
Notification: Within 72 hours of identifying the breach.
13. Data Protection Officer (DPO)
Name: Mr. Chris York
Role: Overall compliance oversight.
14. Training and Awareness
Mandatory Training: For all team members.
15. Non-Compliance Penalties
Fines: Applicable as per policy.
16. Amendments
This document is subject to change to remain compliant with legal and technological advancements.
17. Contacts
DPO: Mr. Chris York
Last updated