Hi! We’re CredSpark.
CredSpark’s Security Commitment Statement
UPDATED JUNE 13, 2023
We’re committed to maintaining the highest level of security.
At CredSpark, we are committed to maintaining the highest level of security, availability, processing integrity, confidentiality, and privacy of data entrusted to us by our customers, employees, stakeholders, and partners. This Security Commitment Statement outlines our dedication to implementing robust security measures and controls that align with the Trust Services Criteria (TSC) established by the American Institute of CPAs (AICPA) for SOC 2 compliance.
Security
We will implement and maintain appropriate technical, physical, and administrative safeguards to protect against unauthorized access, disclosure, alteration, and destruction of data.
We will regularly assess and update our security controls to address emerging threats, vulnerabilities, and changes in the business environment.
We will conduct security awareness training programs for our employees to ensure they understand their roles and responsibilities in maintaining information security.2
Availability
We will strive to ensure that our systems and services are available for operation and use as agreed upon with our customers.
We will implement redundancy and disaster recovery measures to minimize disruptions and maximize uptime for our customers.
Processing Integrity
We will process data in a complete, accurate, timely, and authorized manner, adhering to the agreed-upon specifications and requirements.
We will maintain appropriate controls to detect and prevent errors, omissions, or unauthorized modifications of data.
Confidentiality
We will protect confidential information, both customer, company-owned, and information shared with our partners, from unauthorized access, use, or disclosure.
We will ensure that access to confidential information is restricted to authorized individuals only.
Privacy
We will protect confidential information, both customer, company-owned, and information shared with our partners, from unauthorized access, use, or disclosure.
We will ensure that access to confidential information is restricted to authorized individuals only.
Incident Response
We will establish and maintain an incident response plan to promptly and effectively respond to security incidents or data breaches.
We will notify affected parties in a timely manner if a security incident poses a risk to their personal information.
Continuous Improvement
We will regularly review and enhance our security controls and processes to adapt to changing technology, threats, and business requirements.
We will conduct periodic assessments and audits to ensure compliance with SOC 2 requirements.
By adhering to this Security Commitment Statement and aligning with SOC 2 principles, we demonstrate our commitment to providing a secure environment for our customers’ data and maintaining the highest standards of security and privacy.
Contact
For any security and privacy concerns, please reach out to: info@credspark.com
