WEBSITE SAFEGUARD POLICY
In an effort to protect consumers’ private information and to comply with the Federal Trade Commission’s Safeguard Rule, the following policy and procedures are implemented and adopted. The company has access to consumers’ personal information that must be protected. The Company considers identity theft as the main risk to consumers when they supply confidential information to us via our website. The following plan shall ensure that the information obtained is secure, properly utilized and properly disposed of.
Violations of this or any other company policy will result in disciplinary action up to and including termination of employment.
Mauricio Ordonez, President is the designated officer/employee of the company that will be responsible for the implementation and ongoing monitoring of the plan. He will be monitoring the websites of our software vendors and read relevant industry publications for news about emerging threats and available defenses and will promptly pass along information and instructions to employees regarding any new security risks or possible breaches.
This plan will be reviewed annually to evaluate and adjust the program in light of relevant circumstances, including changes in the company’s business or operations, or the results of security testing and monitoring identify and assess additional risks to consumer data and information systems. Documentation of each annual review will be maintained by the company for a period of at least 3 years.
The Company’s website http://www. qkapital.com will be controlled and serviced from 18851 NE 29 Ave, Suite 104 Aventura, FL 33180. Consumer information is obtained directly from the consumer at the company’s website. This information will be limited to their full name, phone number, email address and the best time to contact them. Employee access to this information will be limited to those who need this information to perform their duties.
Because we will not be collecting any non-public information from the consumer through the website we do not believe there is any risk of the consumer’s information being stolen or misused.
The Company will exercise appropriate due diligence in selecting service providers, and ensure service providers have implemented adequate security controls to safeguard customer information.
Protection of Information
Prior to engaging any vendor and at least annually Mauricio Ordonez, President will review the security measures each vendor has in place to prevent unwarranted intrusion by outside parties, and verify that their Safeguard Policy complies with the Federal Trade Commission’s Safeguards Rule and, if they don’t have a compliant Safeguards policy then he will insist that they establish one before we do business with them.
Verify that any approved vendor has adopted policies and practices designed to:
- Ensure that its security controls, procedures and policies examined, measured and validated by Cybertrust, or another industry recognized group.
- Ensure the security and confidentiality of business and consumer information,
- Protect against any anticipated threats or hazards to the security or integrity of business and consumer information, and
- Protect against unauthorized access to or use of business and consumer information that could result in substantial harm or inconvenience to any client or consumer.
Such measures include access controls on computer systems which require users to log in with a unique user identification and strong passwords, “firewall” technology, access restrictions at physical locations where business or consumer information is maintained, encryption of information transmitted and stored electronically, employee screening, and monitoring of security measures, both internally and in connection with information shared with third parties.
Penetration testing will be performed at least annually and anytime there is a significant infrastructure or application upgrade or modification.
At all times the company shall maintain antivirus software on any computer that is used to access or store consumer information.
Software patch updates will be performed as quickly as possible after notification of availability is received.
If, at any time, an employee or affiliate suspects that there has been a breach concerning any consumers’ private information, the employee shall immediately report same to the president of the company who will determine the appropriate measures and reporting requirements of any breach.
Upon hire, each new employee shall meet with the president of the company to review this policy. In addition, each new hire shall be given a copy of FTC Facts for Business: Complying with the Safeguards Rule. https://www.ftc.gov/tips-advice/business-center/guidance/financial-institutions-customer-information-complying In addition, all new hires are subject to background checks. References will be checked. All employees must affirm to subscribe to the company’s confidentiality standards.
At least annually, Mauricio Ordonez, President shall require a mandatory training session for all employees to review the safeguards policy and discuss the appropriate procedures.