Data Compliance

International Syndication Company LLC. Last updated: September 2023


Table of Contents

  1. Introduction

  2. Purpose

  3. Scope of Compliance

  4. Definitions

  5. Data Collection Methods

  6. Data Elements Collected

  7. Data Storage and Encryption

  8. Data Sharing and Third-Party Integrations

  9. User Rights and Consent Mechanisms

  10. Data Retention and Deletion

  11. Security Measures

  12. Data Audits and Accountability

  13. Incident Response and Data Breach Procedure

  14. Data Protection Officer (DPO)

  15. Training and Awareness

  16. Non-Compliance Penalties

  17. Amendments

  18. Contacts


1. Introduction

This document outlines the practices and guidelines for data compliance at iSyndicatenews.com, with a focus on the protection of data for subscribers and clients.


2. Purpose

The purpose is to clearly define how data is collected, stored, used, and shared on iSyndicatenews.com, aligning with GDPR, CCPA, and other relevant legal requirements.


3. Scope of Compliance

The scope covers all data collected from subscribers of iSyndicatenews.com and data shared with third-party platforms.


4. Definitions

  • Personal Data: Information related to an identified or identifiable natural person.

  • Processing: Actions performed on personal data.

  • Lead : A subscriber who has downloaded content.

  • Intent Actions: User behaviour metrics that indicate interest.


5. Data Collection Methods

  • Subscription: Through LinkedIn or manual registration, which requires email verification.

  • Content Download: Requires subscription to the platform.


6. Data Elements Collected

Data Element

Source

Purpose

Name

User

Identification

Email

User

Communication

Content Viewed

Behavior

Intent Actions


7. Data Storage and Encryption

  • Storage: Data is stored in encrypted format in data.isyndicate.io.

  • Encryption: AES 256-bit encryption is used.


8. Data Sharing and Third-Party Integrations

  • Lead Sharing: Data is sold or shared with clients.

  • Third-Party Integration: Content is syndicated to 150+ compliant publishing platforms.


9. User Rights and Consent Mechanisms

  • Consent: Users provide consent for newsletters and content preferences.

  • Rights: Access, correction, deletion of data.


10. Data Retention and Deletion

  • Retention: Indefinite until deletion is requested by the user.


11. Security Measures

  • Firewall: AWS firewall services.

  • Encryption: Data in transit and at rest are encrypted.


12. Data Audits and Accountability

  • Audit Logs: For auditing purposes, logs are maintained.

  • Accountability: Staff training and written agreements with third-party platforms.


13. Incident Response and Data Breach Procedure

  • Response Team: Headed by the DPO.

  • Notification: Within 72 hours of discovering a breach.


14. Data Protection Officer (DPO)

  • Name: Mr. Chris York

  • Role: Compliance oversight.


15. Training and Awareness

  • Training: Mandatory for all employees.


16. Non-Compliance Penalties

  • Penalties: Includes fines and disciplinary action.


17. Amendments

Subject to change based on laws and technology.


18. Contacts

  • DPO: Mr. Chris York

Last updated