Data Security at SDF

Effective as of 10 August 2023.

SDF Labs adheres to top-tier security and privacy standards, ensuring the safety of our client's data while querying, connecting and analyzing. We are dedicated to assisting clients across various scales in fulfilling their data security and compliance needs, and SDF has demonstrated its commitment by securing a SOC 2 Type II report. This report validates our effective implementation and strict compliance with security controls and procedures.

Data Security is our #1 Priority

SDF Labs fosters a security-centric culture, emphasizing our responsibility to safeguard customer data through security and privacy. Mandatory data security trainings and strict adherence to protocols necessary for maintaining SOC2 certification are essential for all employees. To reinforce compliance with these policies and to guard against breaches, SDF has engaged software vendors and consultants who play a critical role in ensuring employees follow these guidelines and in testing defenses against potential intrusions.

Purpose and Scope

Promise XYZ, Inc. recognizes the importance of an effective security program to protect the company’s employees, assets, information, integrity and reputation from potential threats. From time to time, Promise XYZ, Inc. may update this policy and implement different levels of security controls for different information assets, based on risk and other considerations. This policy is guided by security requirements specific to Promise XYZ, Inc. including applicable laws and regulations.

Core Principles at SDF

The company commitment is guided by the basic core values, code of conduct and business ethics which shape and influence the way Promise XYZ, Inc. operates. These core values include professionalism, respect for employees, stakeholders and customers and a permanent concern for health, safety and the protection of the environment.

Promise XYZ, Inc. recognizes that secure operations are dependent upon employee participation, commitment and accountability. All security activities must adhere to the general principles as laid down in the company’s Code of Conduct, Acceptable Use Policy, Information Security Policy, Internal Control Policy, Network Security Policy and Physical Security Policy and be in line with the Company Mission statement.

Control

SDF Labs offers support for Single Sign-On (SSO) options like Google Apps and OKTA, catering to organizations with GDPR compliance or other privacy and security needs. SDF's strategy in managing data access is beneficial for companies with specific security requirements.

Additionally, SDF Labs has an extensive control framework based on User Roles, which restricts user actions within the SDF environment and can, if activated, determine the default roles assigned to new users.

Data Security Policy

  • Guaranteed Privacy & Security Commitment
    Promise XYZ, Inc. Security Team and Line Management must be continually aware of and take responsibility for the security aspects of its business activities. Security organization and resources must reflect this commitment.
  • Prioritized Prevention Strategies
    Prevention must be a priority. Threats analysis and risk evaluation should be carried out on a continuous basis.
  • Proactive Preparedness and Response Plans
    Preparedness is essential to mitigate incidents rapidly and effectively. Response plans must be developed and tested to deal with assessed risks.
  • Exemplary Professionalism
    The level of professionalism, knowledge and integrity of staff involved in security matters on behalf of Promise XYZ, Inc. must be tightly controlled and exemplary.
  • Minimal Impact with Maximum Effort
    Mindful of the need to introduce security measures to protect its employees, personnel and customers, SDF nonetheless makes every effort to minimize the impact of these measures on everyone involved.

As far as possible, security procedures and guidelines reflect the seamless integration of security and business activities.

Contact Us

For questions regarding this security statement, or to get a full copy of our Soc2 Type II report, please contact us at:

Promise XYZ, Inc.
Security Team
1525 11th Ave,
FL 3,
Seattle, WA, 98122
Email: security@sdf.com
Promise XYZ, Inc.