Scope and Commitment
At Connected, we assume the role of Data Processor for the information your company entrusts to us. We are committed to implementing all necessary technical, administrative, and physical measures to ensure that your clients’ information is handled with the highest level of integrity and confidentiality.
Operational and Workplace Security
Our operational infrastructure is designed to prevent any information leaks through strict controls:
- Secure Workplace: We implement “Clean Desk” policies. Restricted entry of mobile devices or storage media.
- Role-Based Access: Minimum information access necessary for specific duties, reviewed monthly.
- Robust Authentication: Multi-factor authentication (MFA) required for all system interactions.
Technical Data Protection and Encryption
End-to-End Encryption
TLS 1.3 or higher for all voice and data communications.
Network Security
Next-generation firewalls and 24/7 intrusion prevention monitoring.
Secure Connections: Access granted exclusively through corporate VPNs with dedicated encryption tunnels.
Data Lifecycle Management
We align with your company’s retention policies to ensure data is not kept longer than necessary:
- Scheduled Retention: Data logs stored for the exact period requested by the Client.
- Secure Destruction: Logical and physical deletion methods that prevent recovery after contract termination.
- Right to Erasure: Real-time reporting on all end-user requests to delete or correct personal data.
Personnel Confidentiality & Audit
Every employee signs a legally binding confidentiality agreement before gaining access. Furthermore, Connected maintains an “Open Books” policy, providing your company the ability to conduct periodic security audits at our facilities.