Data Compliance
Data Compliance Document for iSyndicate.io
International Syndication Company LLC. Last updated: 1st September 2023
Table of Contents
Introduction
Purpose
Scope of Compliance
Definitions
Data Collection Methods
Data Elements Collected
Data Storage and Encryption
Data Sharing and Internal Usage
User Rights and Consent Mechanisms
Data Retention and Deletion
Security Measures
Data Audits and Accountability
Incident Response and Data Breach Procedure
Data Protection Officer (DPO)
Training and Awareness
Non-Compliance Penalties
Amendments
Contacts
1. Introduction
This Data Compliance Document outlines the policies and procedures in place at iSyndicate.io for ensuring the secure and compliant management of data. It is intended to align with legal and ethical standards for data protection and privacy.
2. Purpose
The purpose of this document is to provide clear guidelines for data compliance related to iSyndicate.io, specifically regarding data collection, storage, sharing, and usage.
3. Scope of Compliance
This document is applicable to all data collected via iSyndicate.io from registered users. This includes data collected through inquiry forms.
4. Definitions
Personal Data: Any information related to an identified or identifiable natural person.
Processing: Any operation performed on personal data, whether or not by automated means.
Data Subject: The individual whose personal data is being processed.
Data Controller: The entity that determines the purposes and means of processing personal data.
5. Data Collection Methods
Form Submission: A form on iSyndicate.io collects contact information after the user consents to our privacy policy.
6. Data Elements Collected
Data Element | Source | Purpose |
Name | User | Identification |
User | Communication | |
Inquiry Details | User | Customer support |
7. Data Storage and Encryption
Storage: All data collected via iSyndicate.io is stored in salescloud.isyndicate.io, our internal CRM system.
Encryption: All stored data is encrypted using AES 256-bit encryption.
8. Data Sharing and Internal Usage
Internal Sharing: Data is used internally for sales, marketing, and customer service.
Third-Party Sharing: There is no third-party sharing of data collected via iSyndicate.io.
9. User Rights and Consent Mechanisms
Consent: A checkbox is provided to obtain explicit user consent before data collection.
Rights: Users have the right to access, correct, and delete their data.
10. Data Retention and Deletion
Retention Policy: Data is retained indefinitely unless a deletion request is made by the user.
11. Security Measures
Firewall: AWS firewall services are implemented to restrict unauthorized access.
Encryption: Data is encrypted both at rest and in transit.
12. Data Audits and Accountability
Audit Logs: All access to and actions on data are logged for audit purposes.
Accountability: Employees with access to data are trained and accountable for compliant handling.
13. Incident Response and Data Breach Procedure
Incident Response Team: Headed by the Data Protection Officer, this team is responsible for managing data breaches.
Notification: In the event of a breach, affected parties will be notified within 72 hours.
14. Data Protection Officer (DPO)
Name: Mr. Chris York
Experience: 15 years
Role: Overseeing data protection strategy and its implementation to ensure compliance.
15. Training and Awareness
Employee Training: All employees are required to undergo data protection training.
16. Non-Compliance Penalties
Internal Penalties: Employees found in violation may face disciplinary action up to and including termination.
17. Amendments
This document may be periodically updated to reflect changes in laws, technologies, or company policies.
18. Contacts
For further queries and clarifications, please contact Mr. Chris York, Data Protection Officer.
Last updated