Security and Privacy Policy
1. Introduction
At Classify, Inc. ("Classify"), we highly value the trust our customers place in us, and safeguarding their data is our top priority. We are dedicated to maintaining a secure environment across all our operations, including data processing, software development, and machine learning services. This Security and Privacy Policy outlines our core principles, responsibilities, and the measures we take to protect information and services.
2. Policy Scope
This policy is applicable to all Classify employees, contractors, partners, and any other entities interacting with our systems or handling our data. It covers all systems, networks, devices, data, communications, and applications owned or managed by Classify.
3. Roles and Responsibilities
At Classify, security is a shared responsibility.
Employees & Contractors: They are required to follow all established security policies, protocols, and procedures. Any security incidents or suspicions thereof must be reported immediately.
Management: Management is responsible for providing the necessary resources to establish and maintain a secure environment, including adequate staffing, tools, and training.
4. Information Classification and Handling
Classify categorizes all data into four levels: public, internal, confidential, and highly sensitive. Each category requires different handling procedures, with the most stringent controls applied to the most sensitive data.
5. Physical and Environmental Security
Access to our premises and data centers is strictly regulated. Only authorized personnel are granted access. We have monitoring systems and controls in place to prevent unauthorized access and to maintain optimal environmental conditions for our equipment.
6. Access Control
Access to our systems is carefully managed based on the principle of least privilege. All users are required to use two-factor authentication.
7. Network Security
Our network is secured with advanced security technologies, including intrusion detection systems (IDS), firewalls, and secure gateways. All traffic is closely monitored and filtered for potential threats.
8. Application Security
We adhere to secure coding practices when developing our software. All applications undergo rigorous testing and vulnerability assessments prior to deployment. Regular updates and patches are applied to ensure ongoing security.
9. Incident Management
In the event of a security incident, our team is prepared to promptly identify, respond to, and recover from the issue. We conduct thorough investigations following each incident to prevent future occurrences.
10. Business Continuity and Disaster Recovery
We have a comprehensive business continuity plan (BCP) and disaster recovery plan (DRP) to ensure that our operations can continue during significant disruptions. Regular backups of critical data are performed, and we maintain the capability to quickly restore our services.
11. Compliance
Classify adheres to all relevant regulations and standards. Regular audits are performed to ensure ongoing compliance.
12. Policy Review and Updates
This Security and Privacy Policy is reviewed and updated annually or as needed in response to significant changes in our operations or the threat landscape.
13. Contact Information
For any inquiries or security concerns, please reach out to our security team at security@tryclassify.com.
14. Enforcement
Non-compliance with this policy may result in disciplinary actions, up to and including termination of employment or contracts.
This policy is effective as of January 1, 2025.
Classify reserves the right to modify or update this policy at any time. Any changes will be posted on this page, and continued use of our services after such changes are posted will signify your acceptance of those changes