Customer Data Access Policy

Statement to customers regarding policies and procedures in regards to customer data stored in our network(s) and access to that data.

During the normal course of business we offer our customers many services that allow them to store information on our network. We have policies and procedures in place to protect that information. This is a summary of those policies and procedures. We cannot release the details of these policies and procedures as they contain proprietary company information.

The customer information stored on our network(s) may include and is not limited to:

• Billing information
• Application source code
• Website source code
• Website and application data used by the customer in eCommerce
• Proprietary information shared with us for the purpose of conducting business

Information stored in or on our network(s) that belong to the customer must be backed up by the customer. We do not guarantee retention of any information placed on our network by the customer. While we do our best to back up and prevent data loss, it is ultimately the responsibility of the customer to retain a copy of their own data.

Access given to our customers may be in several forms. Our customers are expected to protect this access by not sharing login or other access information with anyone outside of their trust. We may temporarily or permanently revoke access at any time for any reason.

Storage of information considered to be illegal or that may cause harm to the customer, our business or others is expressly forbidden. Information such as this found on our network will be immediately removed with no chance of recovery and may result in termination of the customers’ account(s). We reserve the right to determine what data fits these criteria at our sole discretion.

We will make reasonable efforts to protect the integrity of information stored with us. We have implemented firewalls, backup systems and redundant power systems to provide an environment where our customers can be confident that the information they store with us is protected from common threats, such as equipment failure or hacking attempts. We use the following methods, policies and procedures to ensure the protection of this information.

• Physical Security – Access to our business locations are controlled through locked doors, security and monitoring systems to prevent unauthorized access to the physical infrastructure. Access within the buildings(s) is restricted to only those employees with a need for access to perform their duties.
• Scheduled Backups – All of our data storage systems are backed up to multiple locations using multiple methods. These backups are monitored and our system administrators notified of any failures immediately.
• Offsite Backups – Our most critical information is maintained in offsite locations that can be used for restarting operations in the event of a loss of use or our headquarters.
• Scheduled Maintenance – We maintain a schedule of maintenance, both automated and manual, that includes installation of operating system and application patches and upgrades
• Monitoring – All of our computer systems, network components such as firewalls and routers, and infrastructure are monitored 24×7. System Administrators are notified immediately of any problems.
• Continuous Training – All of our employees receive training on a continual basis to help them identify and mitigate threats to the network, systems and data maintained by us.
• Incident and Disaster Recovery Plans – We have developed plans that enable us to continue operations in the event of a disaster. These plans include methods and policies to be put into action to ensure business continuity for ourselves and our customers.
• Redundant Systems – We maintain two datacenters with the ability host and migrate information between them. We maintain multiple Internet connections in our data centers. We maintain multiple power sources, including generator and battery for our data centers and headquarters.
• Offsite Business Location – In the event of the loss of our primary location for business, we have the tools and resources available to restart operations within 24 hours at a secondary location.
• Testing – All of our backup, redundancy and security systems undergo testing on a regular schedule and are completed at least quarterly.

In addition to this document, customers may have agreed to other contracts, terms or conditions given at the time of agreement. Those contracts terms and conditions may include other protections or liabilities.