Infinity Metric Data Security Policy

Purpose This policy outlines our commitment and the measures we take to protect the confidentiality, integrity, and availability of all data entrusted to us by our clients and collected via our website.

• Scope
  • This policy applies to all sensitive client data, including but not limited to: login credentials for social media and ad accounts, business strategy documents, customer lists (for ad targeting), performance data, and creative assets.
• Access Control
  • We operate on the principle of “least privilege.” Access to sensitive client data is strictly limited to employees who require it to perform their job duties.
  • Two-Factor Authentication (2FA) is mandatory for all internal and external services that store or provide access to client data, including social media platforms and cloud storage.
• Data Handling and Storage
  • All client credentials and sensitive data are stored in an encrypted password manager.
  • We use secure, reputable cloud storage providers with robust security protocols.
• Employee Training
  • All employees receive regular training on data security best practices, including phishing awareness, password security, and secure data handling procedures.
• Incident Response
  • In the event of a suspected data breach, we will take immediate steps to identify and contain the threat, assess the impact, and notify any affected clients in a timely and transparent manner.
• Data Retention and Deletion
  • Client data is retained only for as long as necessary to provide our services and for a reasonable period after the termination of our engagement. Upon request, we will securely delete all client-provided data from our systems.