Sign in

    At DigiKat, we understand the importance of protecting our clients' confidential information. As we build CRM systems and handle significant client data, we are committed to maintaining the highest standards of confidentiality and security. This policy outlines our practices for managing confidential information and ensuring its protection.

    Definition of Confidential Information
    Confidential information includes, but is not limited to:

    Client Data: Customer records, financial information, business operations details.
    Proprietary Business Information: Internal project plans, marketing strategies, financial projections.
    Technical Information: Software code, system architecture, product designs.
    Personal Data: Information related to employees and clients as defined by data protection laws.

     

    Access Control

    Authorisation: Access to confidential information is restricted to authorised personnel only.
    Authentication: Strong authentication methods (e.g., passwords, two-factor authentication) are used to protect access.
    Role-Based Access: Access levels are assigned based on job responsibilities.

     

    Data Protection


    Storage: Confidential information is stored in secure locations such as encrypted databases and secure servers.
    Transmission: Encryption is used for transmitting confidential information over networks.
    Backup: Regular backups of confidential information are performed and stored securely.

     

    Information Sharing


    Need-to-Know Basis: Confidential information is shared only with individuals who have a legitimate need to know.
    Secure Methods: Secure methods (e.g., encrypted emails, secure file transfer protocols) are used for sharing information.
    Third-Party Access: Third parties must comply with our confidentiality policy and sign confidentiality agreements.

     

    Physical Security


    Secure Storage: Physical copies of confidential information are stored in locked cabinets.
    Restricted Areas: Security measures (e.g., access controls, surveillance) are implemented in areas where confidential information is stored.

     

    Incident Response


    Reporting: Suspected or confirmed breaches of confidential information must be immediately reported to the designated security officer.
    Investigation: Thorough investigations are conducted to determine the scope and impact of breaches.
    Mitigation: Appropriate measures are taken to contain and mitigate breaches.
    Notification: Affected parties are notified as required by law and company policies.

     

    Training and Awareness


    Regular Training: Employees and contractors receive regular training on their responsibilities under this policy.
    Awareness Programs: Ongoing awareness programs are conducted to reinforce the importance of confidentiality.

     

    Compliance


    Disciplinary Action: Failure to comply with this policy may result in disciplinary action, up to and including termination of employment or contract.
    Legal Action: Legal actions may be pursued if applicable.

     

    Review and Updates


    This policy is reviewed and updated regularly to ensure it remains effective and compliant with relevant laws and regulations.

    Approved by: Mick Goman

    Date: 23/03/24