1. Security Measures

• End-to-end encryption for sensitive data in transit and at rest
• Secure servers protected by robust access controls
• Role-based access management to ensure data is accessible only to authorized personnel
• Regular vulnerability assessments and penetration testing to identify and mitigate risks
• Continuous employee training on data privacy and security best practices

2. Incident Response

• Prompt notification to relevant authorities and affected individuals in accordance with applicable laws
• Comprehensive root cause analysis and implementation of corrective measures to prevent recurrence

3. Data Handling

• Lawful and transparent processing — data is collected and used only for specified, legitimate purposes
• Secure storage and restricted access — data is protected against unauthorized use, loss, or disclosure

Contact: policy@blackfortconsulting.com