Social Sync Security
At Social Sync, security is our absolute highest priority.
In the spirit of openness and transparency, this page summarises some of the security measures we take to protect and defend the Social Sync platform and our Customer’s data.
These security measures are part of Social Workshop Ltd’s Information Security Management System (ISMS). A full list of all ISMS policies is found at the bottom of this page.
Social Sync is wholly owned and operated by Social Workshop Ltd. A privately owned company registered in the United Kingdom.
Information Security Management System Objectives
It is the policy of Social Workshop Ltd that information, as defined hereinafter, in all its forms–written, spoken, recorded electronically or printed–will be protected from accidental or intentional unauthorized modification, destruction or disclosure throughout its life-cycle.
Ultimately, the information security goal of Social Workshop Ltd is to maintain:
- Confidentiality: data and information are protected from unauthorized access
- Integrity: Data is intact, complete and accurate
- Availability: IT systems are available when needed
Social Workshop Ltd’s information security objectives, consistent with the company’s information security program are:
- To protect information from all internal, external, deliberate, or accidental threats;
- To encourage consistent and professional use of information;
- To enable secure information sharing;
- To ensure clarity about roles and responsibilities associated with protecting information, both internally and externally;
- To ensure business continuity and minimize business damage; and,
- To protect the company from legal liability and the inappropriate use of information.
Scope
Social Workshop Ltd’s Information Security Program applies to:
- Information in any form, regardless of the media on which it is stored, as well as, any facility, system, or network used to store, process, and/or transfer information.
- All Social Workshop Ltd employees, temporary staff, partners, contractors, vendors, suppliers, and any other person (collectively also referred to as “Staff” or “Users”) or entity that accesses the Company’s systems or any other public or private network through the Company’s networks or systems.
- All activity while using or accessing the Company’s information or information processing, storage, or transmission equipment.
- Information resources that have been entrusted to the Company by any entity external to the Company (i.e. Customers, Contractors, and others).
- Documents, messages, and other communications created on or communicated via the Company systems are considered the company’s business records and, as such, are subject to review by third parties in relation to audits, litigation, process improvement, and compliance.
Roles and Responsibilities
The Compliance Team is responsible for:
- The design, development, maintenance, dissemination, and enforcement of the items contained in the ISMS policies.
- The monitoring and periodic review of all ISMS policies.
- Spot checks to ensure all employees, contractors and system users are compliant with ISMS policies and associated procedures.
- Reporting on the performance of the ISMS.
The Compliance Team is comprised of the following members of staff:
Compliance manager: Chief Executive Officer
Compliance team members: Chief Operating Officer, Chief of Staff, Head of Product, Head of Engineering
Policy Review
At minimum on an annual basis, a security and/or compliance committee composed of senior management and key personnel must discuss, evaluate and document the company’s ISMS, ensuring strategic goals and objectives are continually being developed.
At a minimum on an annual basis, all ISMS policies must be reviewed, modified and/or edited to meet necessary security standards.
All security policies
Please find below the full list of policies and documents which make up Social Workshop Ltd’s Information Security Management System (in alphabetical order):
Revision history
Version | Date | Description of Changes |
---|---|---|
V1 | August 15th, 2022 | Initial Creation |
V1.1 | August 30st, 2022 | Minor tweaks and publication |
V1.2 | October 31st, 2023 | Reviewed with minor updates for new website |
V1.3 | August 22nd, 2024 | Reviewed with minor updates |