Data Compliance

International Syndication Company Inc. Last Updated: September 2023

Table of Contents

  1. Introduction

  2. Purpose

  3. Scope of Compliance

  4. Definitions

  5. Data Collection Methods

  6. Data Elements Collected

  7. Data Storage and Encryption

  8. Data Access Controls

  9. Data Interoperability and Integration

  10. Security Measures

  11. Data Audits and Accountability

  12. Incident Response and Data Breach Procedure

  13. Data Protection Officer (DPO)

  14. Training and Awareness

  15. Non-Compliance Penalties

  16. Amendments

  17. Contacts

1. Introduction

This document outlines the practices, controls, and guidelines concerning data compliance for the web application salescloud.isyndicate.io.

2. Purpose

To govern how salescloud.isyndicate.io is used within the company to manage campaigns, score leads, and store sensitive business information.

3. Scope of Compliance

This policy applies to all data stored and processed within the salescloud.isyndicate.io application.

4. Definitions

  • Campaign: Marketing or sales initiative stored in the platform.

  • Lead: Potential customer or business interest.

  • Report: Analyses and data summarizations.

5. Data Collection Methods

  • Manual Entry: By staff members.

  • Automated Collection: Through integration with data.isyndicate.io and mailbooster.icrmsoftware.com.

6. Data Elements Collected

7. Data Storage and Encryption

  • Storage: Encrypted AWS AlmaLinux instance.

  • Encryption: AES 256-bit encryption for at-rest data.

8. Data Access Controls

  • Role-Based Access: Different roles are assigned different permissions, with the least-privileged-access principle applied.

9. Data Interoperability and Integration

  • Interoperability: Integrated with data.isyndicate.io and mailbooster.icrmsoftware.com for data exchange and email sending.

10. Security Measures

  • Firewall: AWS firewall services activated.

  • Secure Connections: TLS/SSL protocols for secure data transmission.

11. Data Audits and Accountability

  • Logs: All data access and changes are logged for auditing.

  • Review: Regular audits are conducted for compliance and security.

12. Incident Response and Data Breach Procedure

  • Response Team: Managed by the DPO.

  • Notification: To be sent within 72 hours of breach detection.

13. Data Protection Officer (DPO)

  • Name: Mr. Chris York

  • Role: Oversee all aspects of data protection and compliance.

14. Training and Awareness

  • Training Modules: Provided for all team members.

15. Non-Compliance Penalties

  • Fines: As per organizational policy.

16. Amendments

This document may be updated to align with technological and regulatory changes.

17. Contacts

  • DPO: Mr. Chris York

PreviousData Compliance

Last updated