MSI Recruiting

Website Data Security Policy

 1. Purpose

The purpose of this Website Data Security Policy is to
establish the principles and procedures to protect the personal information
collected from our website’s “Contact Us” page. This policy ensures
the confidentiality, integrity, and availability of collected data and complies
with relevant data protection regulations.

2. Scope

This policy applies to all employees, contractors, and
third-party service providers who handle personal information collected from
our website.

3. Data Collection

We collect the following personal information through our
“Contact Us” page:

  • Name
  • Email Address
  • Phone Number

 

4. Data Usage

The collected data will be used solely for the purpose of
responding to inquiries and providing customer support. We will not sell,
share, or otherwise disclose this information to any third parties without
explicit consent, except as required by law.

5. Data Storage and Retention

  • Storage: Collected data will be
    stored in a secure database protected by encryption and access controls.
  • Retention: Data will be retained
    for as long as necessary to fulfill the purposes for which it was
    collected or as required by law.

 

6. Data Security Measures

To protect the personal information collected, we will
implement the following security measures:

  • Encryption: All personal data will
    be encrypted both in transit and at rest.
  • Access Controls: Access to personal data
    will be restricted to authorized personnel only. Access will be granted
    based on the principle of least privilege.
  • Authentication: Multi-factor
    authentication will be required for accessing systems that store personal
    data.
  • Network Security: Firewalls, intrusion
    detection systems, and other network security measures will be employed to
    prevent unauthorized access.
  • Regular Audits: Regular security audits
    and vulnerability assessments will be conducted to ensure the
    effectiveness of our security measures.

 

7. Employee Training

All employees and contractors who handle personal data will
receive regular training on data security practices and the importance of
protecting personal information.

8. Third-Party Service Providers

When engaging third-party service providers who may have
access to personal data, we will ensure that they have adequate data protection
measures in place. Contracts with third-party providers will include data
protection clauses.

9 . Compliance and Review

 

This policy will be reviewed annually and updated as
necessary to ensure compliance with applicable laws and regulations. Employees
are expected to comply with this policy and report any potential security risks.