Scope. Socialie maintains an information security program that contains administrative, technical, and physical safeguards that, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing of Personal Data and the associated risks, are appropriate to (i) the type of Personal Data that Socialie will process; and (ii) the need for the security and confidentiality of such Personal Data. In formulating and implementing Socialie’s information security program, Socialie has attempted to (i) identify reasonably foreseeable internal and external risks to the security, confidentiality, and/or integrity of any electronic, paper or other records containing personal information; (ii) assess the likelihood and potential damage of these threats, taking into consideration the sensitivity of the personal information; (iii) evaluate the sufficiency of existing policies, procedures, customer information systems, and other safeguards in place to control risks; (iv) design and implement a plan that puts safeguards in place to reduce those risks; and (v) regularly monitor the effectiveness of those safeguards.
Data Security Coordinator. Socialie has designated its Chief Technology Officer to implement, supervise and maintain the information security program.
Security Awareness and Training. Socialie provides security awareness and training to its employees on relevant elements of Socialie’s information security program.
Physical Security. Socialie uses, or ensures that its third party vendors use, safeguards that provide reasonable assurance that access to physical servers at the data centers storing Personal Data are limited to properly authorized individuals and that environmental controls are established to detect, prevent and control environmental hazards.
Access Controls. Socialie uses administrative and technical controls to limit access to its information systems and the facilities in which they are housed to authorized personnel, to prevent personnel and others that should not have access to personal data from obtaining access, and to remove access in the event of a change in job status.
Security Incident Procedures. Socialie maintains incident response procedures to be followed in the event of any security incident affecting Personal Data.
Contingency Planning. Socialie maintains procedures for responding to an emergency or other occurrence that could damage Personal Data.
Systems Monitoring. Socialie monitors networks and systems to detect events that could cause problems.
Change Management. Socialie maintains procedures for managing changes Socialie makes to its production systems that process Personal Data.
Third Party Vendor Management. Socialie evaluates the ability of each of its third party service providers to protect the Personal Data to which Socialie has permitted them access and takes steps reasonably necessary to validate that such third party service providers are applying appropriate security measures.
Evaluation. Socialie reviews the scope of its security measures periodically, including when there is a material change in Socialie business practices that may implicate the security or integrity of records containing Personal Data.