# Data Compliance **Table of Contents** 1. Introduction 2. Purpose 3. Scope of Compliance 4. Definitions 5. Data Collection Methods 6. Data Elements Collected 7. Data Storage and Encryption 8. Data Access Controls 9. Data Interoperability and Integration 10. Security Measures 11. Data Audits and Accountability 12. Incident Response and Data Breach Procedure 13. Data Protection Officer (DPO) 14. Training and Awareness 15. Non-Compliance Penalties 16. Amendments 17. Contacts *** **1. Introduction** This document delineates the guidelines, practices, and controls regarding data compliance for the web application mailbooster.icrmsoftware.com. *** **2. Purpose** To govern the data collected, processed, and stored within mailbooster.icrmsoftware.com, an advanced AI-based email marketing application. *** **3. Scope of Compliance** This policy applies to all data processed within mailbooster.icrmsoftware.com, despite being owned by ICRM Software Pvt Ltd. *** **4. Definitions** * Campaign: An email marketing initiative stored and managed in the application. * List: A collection of email recipients. * SMTP Server: An outgoing mail server used for sending emails. *** **5. Data Collection Methods** * Manual Upload: CSV files containing prospect data are manually uploaded by authorized personnel. *** **6. Data Elements Collected** | Data Element | Source | Purpose | | ----------------- | -------- | ---------------------- | | Prospect Info | Internal | Email Marketing | | Campaign Settings | Internal | Campaign Configuration | *** **7. Data Storage and Encryption** * Storage: Data is stored in ICRM Software’s secure servers. * Encryption: All data is stored in encrypted format. *** **8. Data Access Controls** * Role-Based Access: Permissions are defined based on job functions. *** **9. Data Interoperability and Integration** * Interoperability: Integrated with AWS SES, MailChimp, SendInBlue, MailJet, Private SMTP, and various other third-party services. *** **10. Security Measures** * Compliance: GDPR, CCPA, and other necessary compliances in place. * Firewall: Additional firewalls and security protocols are in place. *** **11. Data Audits and Accountability** * Audits: Periodic audits to check for compliance. * Logs: All data interactions are logged. *** **12. Incident Response and Data Breach Procedure** * Response Team: Comprises of internal and external experts. * Notification: Immediate action upon breach detection. *** **13. Data Protection Officer (DPO)** * Name: Mr. Chris York * Role: Ensure all compliance measures are adhered to within International Syndication Company Inc. *** **14. Training and Awareness** * Training: Regular training sessions for employees regarding data protection. *** **15. Non-Compliance Penalties** * Sanctions: Disciplinary actions against non-compliance. *** **16. Amendments** The policy is subject to change based on updates in data protection laws and technology. *** **17. Contacts** * DPO: Mr. Chris York