Data Classification
Project and user data is categorized by sensitivity so appropriate controls can be applied across storage, access, and transmission.
Legal
Data Handling
Effective date: February 15, 2026
Access Control
Access is limited to authorized team members on a need-to-know basis, with role-based controls and account-level security practices.
Storage and Encryption
Data is stored with industry-standard protections. Where supported, encryption at rest and in transit is enforced.
Third-Party Processors
When delivery requires external infrastructure or APIs, we work with vetted vendors and follow their security controls and compliance practices.
Backups and Recovery
Operational backups may be maintained for continuity, disaster recovery, and service reliability, subject to retention limits.
Incident Response
If a security incident is identified, we follow an internal response process for containment, investigation, remediation, and required notifications.
Client Data Requests
Clients may request data export, correction, or deletion subject to contractual obligations, legal requirements, and technical feasibility.
Policy Maintenance
Our data handling standards are reviewed periodically and updated as technology, legal requirements, and operational practices evolve.
If your team needs a signed data processing document, reach us through our contact page.