Data Security Policy

Purpose
This Data Security Policy outlines Texliff's commitment to protecting data and ensuring that all personal and project-related information entrusted to us by clients is handled securely. This policy serves as a framework for our data protection practices and our adherence to applicable laws and industry standards.

Scope
This policy applies to all Texliff employees, contractors, and partners who have access to client information and project data, whether stored digitally or physically.

Data Collection and Use
Texliff collects data only as necessary to provide translation and related services effectively. This may include client contact information, project files, and payment details. All collected data is used solely for the purpose of delivering services and is not sold or shared with unauthorized parties.

Data Protection Measures
Texliff employs comprehensive measures to safeguard data, including but not limited to:

  • ISO 27001 Certified Data Centers: All client data is processed and stored in data centers that are ISO 27001 certified, ensuring adherence to international standards for information security management.
  • 256-bit SSL Encryption: We use 256-bit Secure Socket Layer (SSL) encryption to protect data during transmission, ensuring that client information is secure from unauthorized access.
  • Access Controls: Data access is restricted to authorized personnel based on the principle of least privilege.
  • Secure Storage: Data is stored in secured environments that are monitored for unauthorized access.
  • Regular Security Audits: We conduct periodic security assessments to identify and address vulnerabilities in our systems.
  • Training: All employees undergo regular training on data protection best practices and are required to comply with this policy.

Data Retention and Disposal
Texliff retains client data only for as long as necessary to fulfill service obligations or comply with legal and contractual requirements. When data is no longer needed, it is securely disposed of using industry-approved methods to prevent unauthorized access or recovery.

Incident Response
Texliff has an established incident response plan to address any data breach or security incident. This plan includes:

  • Immediate containment and investigation of the incident.
  • Notification of affected clients in accordance with legal requirements.
  • Implementation of corrective actions to prevent future incidents.

Third-Party Relationships
When working with third-party service providers, Texliff ensures that these partners comply with our data security standards and contractual obligations to protect client data.

Client Rights
Clients have the right to access, correct, or request the deletion of their personal data held by Texliff. Requests can be made via info@texliff.com.

Policy Review and Updates
Texliff’s Data Security Policy is reviewed and updated annually or as necessary to reflect changes in regulatory requirements, technological advancements, and business practices.

Contact Information
For questions or concerns regarding this policy or data security at Texliff, please contact us at info@texliff.com.