The IT and Software Development teams are responsible for managing all data retention and destruction activities for the Company. These departments will comply with appropriate industry standards for data retention and destruction.

​

1. The company will develop comprehensive data retention and destruction plans in accordance with established standards.

​

2. All company data is stored on secure platforms including Google Cloud Platform technologies with persistent encryption, and local network resources behind robust firewall and cybersecurity infrastructure.

​

3. Individual employees are given limited access to data only within the scope of their job duties, with credentials that are set and monitored by the IT department. These credentials can be revoked any time and are not directly viewable by the employee.

​

4. Personal USBs, CDs, and other portable hard disk devices are not allowed to be plugged in to company hardware, and there are systems in place to identify occurrences and alert IT department.

​

5. Non-digital storage mediums are rarely used and are either kept in locked storage compartments on company property, or are shredded/destroyed and disposed.

​

6. Retired company hardware storage devices are professionally destroyed and a certificate of destruction is provided as confirmation.

​

7. Personable Identifiable Information is kept highly secure and promptly deleted once it is no longer in use.

​

8. All employees are aware of data management and use policy.