Vendor Privacy Policy
Effective Date: 2/16/2023
This Vendor Privacy Policy outlines the policies and procedures we have in place to ensure the security and privacy of the data you may have access to or handle while providing services to our Company.
1. Overview
At VectorizeData, we are committed to protecting the privacy and security of our customers' and partners' data. This Vendor Privacy Policy applies to all vendors, contractors, and third-party service providers ("Vendors") who provide services to VectorozieData as well as clients of VectorizeData and may have access to personal data or sensitive information.
2. Confidentiality
As a Vendor of VectorizeData, you may have access to confidential information, including but not limited to customer data, intellectual property, and proprietary business information. You agree to maintain the confidentiality of all such information and not to disclose it to any third party without prior written consent from VectorizeData.
3. Security Measures
a. Access Control: Vendors will only be granted access to the minimum amount of data necessary to perform their services. Access to data will be restricted based on the principle of least privilege.
b. Data Encryption: All sensitive data transmitted between VectorizeData and it's Vendors and clients will be encrypted using industry-standard encryption protocols.
c. Physical Security: Vendors must implement appropriate physical security measures to protect any physical assets or documents containing confidential information.
d. Employee Training: Vendors must provide adequate training to their employees who may have access to VectorizeData's data, ensuring they understand their responsibilities regarding data privacy and security.
e. Incident Response: Vendors must have procedures in place to promptly respond to and report any data breaches or security incidents involving VectorizeData's data.
4. Data Handling
a. Data Usage: Vendors may only use VectorizeData's data for the purposes outlined in the agreement between the parties and must not use the data for any other purpose without prior written consent.
b. Data Retention: Vendors must adhere to VectorizeData's data retention policies and promptly delete or return any data upon termination of the agreement or at the request of VectorizeData.
c. Subcontractors: Vendors must obtain prior written approval from VectorizeData before engaging subcontractors to perform services on their behalf. Subcontractors must adhere to the same data privacy and security standards as outlined in this policy.
5. Compliance with Laws and Regulations
Vendors must comply with all applicable data protection laws and regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and any other relevant laws or regulations in the jurisdictions where they operate.
6. Audit and Compliance
VectorizeData reserves the right to audit Vendor's compliance with this Vendor Privacy Policy and may request documentation or evidence of compliance at any time.
7. Changes to Policy
VectorizeData reserves the right to update or modify this Vendor Privacy Policy at any time. Vendors will be notified of any changes, and continued use of VectorizeData's services after such changes constitutes acceptance of the revised policy.