General Statement
InfoQuest Systems is committed to protecting Customer information using commercially reasonable efforts.
Any security objectives and requirements specified by the Customer within the MSA are met.
Secure Environment
All Customer data (including PII and Usage Data) that is collected, stored or otherwise maintained by InfoQuest Systems is maintained in a secure environment that meets industry standards for website security.
Any Customer data (including PII and Usage Data) that is collected or obtained by InfoQuest Systems is stored and transmitted in encrypted or otherwise secure form.
Personal Data Protection
InfoQuest Systems will use commercially reasonable efforts to protect personal data that Customer inputs into the InfoQuest Sales Compensation Platform.
Customer personally identifiable information (PII) will be used only for the stated purposes.
Data subject consent is obtained prior to use of the personally identifiable information.
Data Confidentiality
InfoQuest Systems will use commercially reasonable efforts to keep all Customer data (including PII and Usage Data) confidential.
Customer business data will be kept confidential and disclosed only to authorized parties.
Customer data is classified according to a predefined InfoQuest Systems Data Classification Policy.
Strong authentication techniques are implemented to validate user identity prior to accessing Customer data.
Customer data within the SQL Databases is encrypted at rest using TDE with a minimum of 256-bit encryption.
Access Control
InfoQuest Systems only allows staff to access the Customer data that have a need to know in order to properly perform their job duties.
InfoQuest Systems will perform periodic security audits of its access system and methods and will change authentication elements periodically to maintain the integrity and security of access.
Security Breach Notification
InfoQuest Systems will promptly notify Customer of any actual and confirmed security breach of which that results in the unauthorized access to or disclosure of unencrypted Customer Data.
In the event of an actual breach of security of any system, website, database, equipment or storage medium or facility controlled by InfoQuest Systems or a Service Provider that results in unauthorized access to Customer Data by any third party (including any staff that is not authorized to access such information), any loss, misuse, destruction, deletion or modification that it knows or reasonably believes to have occurred InfoQuest Systems will notify the Customer immediately.
Software Development and Change Management
InfoQuest Systems will follow commercially reasonable software development practices, including version control, change management, quality assurance, and testing in the development of the Sales Compensation Platform.
Backup and Recovery
InfoQuest Systems will back-up files containing Customer data on a regular basis, which will not be less than less than once every week and maintain such back-up files in a secure manner.
Business Continuity and Disaster Recovery
InfoQuest Systems maintain business continuity and disaster recovery plans and processes; providing availability of services for the benefit of the Customer in the event of an emergency.
Staff Security
InfoQuest Systems will have a background investigation performed on staff, including but not limited to, a check of felony and misdemeanor criminal convictions for at least the seven (7) year period immediately preceding the date of hire or otherwise being retained with InfoQuest Systems.
InfoQuest Systems staff will be provided security and data protection awareness training upon hire and on an annual basis thereafter.
InfoQuest Systems is committed to protecting Customer information using commercially reasonable efforts.
Any security objectives and requirements specified by the Customer within the MSA are met.
Secure Environment
All Customer data (including PII and Usage Data) that is collected, stored or otherwise maintained by InfoQuest Systems is maintained in a secure environment that meets industry standards for website security.
Any Customer data (including PII and Usage Data) that is collected or obtained by InfoQuest Systems is stored and transmitted in encrypted or otherwise secure form.
Personal Data Protection
InfoQuest Systems will use commercially reasonable efforts to protect personal data that Customer inputs into the InfoQuest Sales Compensation Platform.
Customer personally identifiable information (PII) will be used only for the stated purposes.
Data subject consent is obtained prior to use of the personally identifiable information.
Data Confidentiality
InfoQuest Systems will use commercially reasonable efforts to keep all Customer data (including PII and Usage Data) confidential.
Customer business data will be kept confidential and disclosed only to authorized parties.
Customer data is classified according to a predefined InfoQuest Systems Data Classification Policy.
Strong authentication techniques are implemented to validate user identity prior to accessing Customer data.
Customer data within the SQL Databases is encrypted at rest using TDE with a minimum of 256-bit encryption.
Access Control
InfoQuest Systems only allows staff to access the Customer data that have a need to know in order to properly perform their job duties.
InfoQuest Systems will perform periodic security audits of its access system and methods and will change authentication elements periodically to maintain the integrity and security of access.
Security Breach Notification
InfoQuest Systems will promptly notify Customer of any actual and confirmed security breach of which that results in the unauthorized access to or disclosure of unencrypted Customer Data.
In the event of an actual breach of security of any system, website, database, equipment or storage medium or facility controlled by InfoQuest Systems or a Service Provider that results in unauthorized access to Customer Data by any third party (including any staff that is not authorized to access such information), any loss, misuse, destruction, deletion or modification that it knows or reasonably believes to have occurred InfoQuest Systems will notify the Customer immediately.
Software Development and Change Management
InfoQuest Systems will follow commercially reasonable software development practices, including version control, change management, quality assurance, and testing in the development of the Sales Compensation Platform.
Backup and Recovery
InfoQuest Systems will back-up files containing Customer data on a regular basis, which will not be less than less than once every week and maintain such back-up files in a secure manner.
Business Continuity and Disaster Recovery
InfoQuest Systems maintain business continuity and disaster recovery plans and processes; providing availability of services for the benefit of the Customer in the event of an emergency.
Staff Security
InfoQuest Systems will have a background investigation performed on staff, including but not limited to, a check of felony and misdemeanor criminal convictions for at least the seven (7) year period immediately preceding the date of hire or otherwise being retained with InfoQuest Systems.
InfoQuest Systems staff will be provided security and data protection awareness training upon hire and on an annual basis thereafter.