Request a Quote

Data Security Policy for ITDecisionMakersList.com

Effective Date: 16th January 2026
Last Updated: 16th January 2026

At IT Decision Makers List (“we”, “us”, “our”), we are committed to safeguarding the confidentiality, integrity, and availability of the data we collect, store, process, and transmit. This Data Security Policy outlines our security practices and controls designed to protect personal and business information and ensure compliance with applicable laws and industry best practices.

1. Scope and Purpose

This policy applies to all digital and physical environments where we collect, process, store, transmit, or access data related to our customers, Site visitors, partners, and internal operations. It aims to:

  • Protect against unauthorized access, use, disclosure, loss, or destruction of data
  • Ensure secure handling and processing of data entrusted to us
  • Outline our security measures and the responsibilities of our team and partners

2. Data We Protect

We handle business and professional contact information, such as names, business postal addresses, work phone numbers, email addresses, and job titles — commonly referred to as Personally Identifiable Information (PII) when linked to an identifiable individual. We do not collect or store highly sensitive personal data, such as financial account details, Social Security numbers, biometric data, or similar high‑risk information.

3. Security Practices & Controls

To secure the data assets in our possession, we implement a combination of administrative, technical, and physical safeguards:

Administrative Safeguards

  • Access to data is limited to authorized employees and contractors who require it to perform legitimate business duties.
  • We conduct background checks and mandate security and privacy awareness training for employees.
  • We maintain documented security policies and response procedures.

Technical Safeguards

  • Use of industry‑standard encryption for data in transit and at rest.
  • Secure authentication controls and periodic password and credential management.
  • Firewalls, anti‑virus/anti‑malware detection, and intrusion monitoring systems.
  • Regular vulnerability scanning and patch management.

Physical Safeguards

  • Protection of on‑site servers, workstations, and storage systems through controlled access facilities.
  • Secure disposal of hardware containing sensitive data in accordance with best practices.

Third‑Party & Vendor Controls

We evaluate and monitor third parties that process or manage data on our behalf to ensure appropriate security measures and compliance with industry standards are in place.

4. Secure Transmission and Storage

  • We use encryption (such as HTTPS/TLS) whenever data is transmitted across public or untrusted networks.
  • Stored data is protected using suitable encryption and access controls to prevent unauthorized manipulation or access.

5. Monitoring, Audits & Testing

  • Regular internal and external audits are performed to assess compliance with security policies and identify areas for improvement.
  • System logs, access patterns, and security alerts are monitored to detect and respond to unusual activity.

6. Incident Response & Breach Notification

In the event of a security incident or data breach:

  • We follow a structured incident response plan to investigate, contain, and remediate the issue.
  • Affected individuals and authorities will be notified as required by applicable law and regulatory standards where appropriate.

7. Employee Responsibility

All employees and contractors accessing organizational data or systems must:

  • Follow security best practices and this policy’s requirements
  • Report any suspected security incidents or policy violations promptly
  • Protect login credentials and prevent unauthorized access

8. User Responsibilities

Visitors and users of our Site should:

  • Protect their own user account credentials
  • Immediately report any suspicious Site activity
  • Not share private login information with others

9. Data Retention and Disposal

We retain personal and business data only as long as necessary for compliance with legal obligations, business needs, or as permitted under data retention policies. When data is no longer needed, it is securely deleted or anonymized in accordance with industry‑standard methods.

10. Policy Updates

We may revise this Data Security Policy periodically to reflect changes in technology, regulations, and business practices. Updated versions will be posted on our Site with a revised “Last Updated” date.

11. Contact & Support

If you have questions about this policy or security practices, contact:

Email: info@itdecisionmakerslist.com
Phone: (646) 918‑5786
Address: United States