{"id":8263,"date":"2024-10-03T10:40:16","date_gmt":"2024-10-03T10:40:16","guid":{"rendered":"https:\/\/maspartner.com\/?page_id=8263"},"modified":"2025-01-06T11:16:06","modified_gmt":"2025-01-06T11:16:06","slug":"data-security-and-privacy-policy","status":"publish","type":"page","link":"https:\/\/maspartner.com\/en-us\/data-security-and-privacy-policy\/","title":{"rendered":"Data Security and Privacy Policy"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"8263\" class=\"elementor elementor-8263\">\n\t\t\t\t\t\t<section class=\"elementor-section-with-custom-width elementor-section elementor-top-section elementor-element elementor-element-a84cd4e sc_bg_mask_bg_color elementor-section-boxed elementor-section-height-default elementor-section-height-default sc_fly_static\" data-id=\"a84cd4e\" data-element_type=\"section\" data-e-type=\"section\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t\t\t\t\t\t<div class=\"elementor-background-overlay\"><\/div>\n\t\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-0e65e9d sc_content_align_inherit sc_layouts_column_icons_position_left sc_fly_static\" data-id=\"0e65e9d\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c615532 sc_fly_static elementor-widget elementor-widget-heading\" data-id=\"c615532\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Data Security and Privacy Policy<\/h1>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-26841e3 elementor-section-boxed elementor-section-height-default elementor-section-height-default sc_fly_static\" data-id=\"26841e3\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-extended\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-2d60bea sc_content_align_inherit sc_layouts_column_icons_position_left sc_fly_static\" data-id=\"2d60bea\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fe707fe sc_fly_static elementor-widget elementor-widget-text-editor\" data-id=\"fe707fe\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<h2><span style=\"text-decoration: underline;\"><strong>1. Purpose<\/strong><\/span><\/h2><p>This Data Privacy and IT Security Policy outlines the guidelines and procedures for managing, securing, and protecting personal and financial data handled by Mercurius Advisory Services in its operations. As a firm offering tax preparation, accounting, and bookkeeping services, this policy ensures that we adhere to stringent data protection and privacy standards. It reinforces our commitment to safeguarding client data by aligning our practices with the highest standards for security, privacy, and confidentiality. It ensures that we implement robust processes to manage sensitive data and protect the rights of our clients, whether they are based locally or internationally.<\/p><h2><span style=\"text-decoration: underline;\"><strong>2. Scope<\/strong><\/span><\/h2><p>This policy applies to all employees, contractors, and partners involved in the collection, processing, storage, and transmission of data on behalf of Mercurius Advisory Services. It covers all personally identifiable information (PII), tax-related data, financial records, and sensitive personal data collected in the course of business.<\/p><h2><span style=\"text-decoration: underline;\"><strong>3. Data Privacy Standards<\/strong><\/span><\/h2><h4><strong>3.1 Data Collection<\/strong><\/h4><p><strong>\u2022 Relevance:<\/strong> Only data strictly necessary for fulfilling tax preparation and accounting services will be collected. This includes personal information, tax returns, and financial data of clients.<\/p><p><strong>\u2022 Consent:<\/strong> Informed consent from clients will be obtained before collecting any data.<\/p><p><strong>\u2022 Third Party Data Collection:<\/strong> Any data shared by clients on behalf of third parties (e.g., dependents or employees of the Company) will require the client\u2019s affirmation that appropriate consent has been obtained.<\/p><h4><strong>3.2 Data Use<\/strong><\/h4><p><strong>\u2022 Purpose Limitation<\/strong>: Data will only be used for the purposes specified during collection. Any secondary use must be disclosed and approved by the client.<\/p><p><strong>\u2022 Data Accuracy<\/strong>: Reasonable efforts will be made to ensure that data is accurate, complete, and up to date.<\/p><h4><strong>3.3 Data Retention<\/strong><\/h4><p><strong>\u2022 Retention Period:<\/strong> Client data will be retained for a period of 6 months to meet operational requirements and ensure service continuity. After this period, it can be extended if agreed with the client, otherwise, the data will be securely deleted from our systems to maintain data privacy and security.<\/p><p><strong>\u2022 Archiving<\/strong>: Archived data will be stored securely with restricted access.<\/p><h4><strong>3.4 Data Sharing and Transfer<\/strong><\/h4><p><strong>\u2022 Cross-border Data Transfer<\/strong>: We will ensure that data transferred to \/ outside of India is directed only to jurisdictions that maintain appropriate data protection standards.<\/p><p><strong>\u2022 Third-Party Processors<\/strong>: Data sharing with third-party vendors will be restricted and managed under contractual agreements ensuring compliance with privacy and security obligations.<\/p><h2><span style=\"text-decoration: underline;\"><strong>4. Information Security Standards<\/strong><\/span><\/h2><h4><strong>4.1 Data Encryption<\/strong><\/h4><p><strong>\u2022 Data-at-Rest<\/strong>: All client data stored on servers, databases, and storage devices will be encrypted.<\/p><p><strong>\u2022 Data-in-Transit<\/strong>: Encryption protocols (e.g., TLS\/SSL) will be used to protect data transmitted over public networks.<\/p><h4><strong>4.2 Access Control<\/strong><\/h4><p><strong>\u2022 User Authentication<\/strong>: Multi-factor authentication (MFA) will be implemented for all system users accessing client data. Unique user IDs will be assigned, and access will be role-based.<\/p><p><strong>\u2022 Role-Based Access Control (RBAC): <\/strong>Access to data will be regulated based on individual job functions, ensuring that only authorized personnel with specific roles are permitted to view or modify sensitive information.<\/p><h4><strong>4.3 System Security<\/strong><\/h4><p><strong>\u2022 Firewalls and Intrusion Detection<\/strong>: Firewalls, intrusion detection systems (IDS), and intrusion prevention systems (IPS) will be deployed to monitor and prevent unauthorized access.<\/p><p><strong>\u2022 Patch Management<\/strong>: All software and systems will be regularly updated and patched to protect against vulnerabilities.<\/p><h4><strong>4.4 Network Security<\/strong><\/h4><p><strong>\u2022 Virtual Private Networks (VPNs)<\/strong>: Employees working remotely will use secure VPNs to connect to internal systems.<\/p><p><strong>\u2022 Wi-Fi Security<\/strong>: Access to office Wi-Fi will be secured using strong encryption methods and monitored for unauthorized connections.<\/p><h4><strong>4.5 Physical Security<\/strong><\/h4><p><strong>\u2022 Server Room Security<\/strong>: Physical access to Servers will be restricted to authorized personnel, monitored with CCTV and secured with keycard access.<\/p><p><strong>\u2022 Workstation Security<\/strong>: All workstations and mobile devices used to access sensitive data will be secured with password protection &amp; automatic lockout.<\/p><h2><span style=\"text-decoration: underline;\"><strong>5. Employee Training and Awareness<\/strong><\/span><\/h2><p>\u2022 Regular training programs will be conducted to ensure that all staff are aware of their responsibilities related to data privacy and IT security.<\/p><p>\u2022 Employees will receive training on phishing prevention, password management, handling PII, and responding to security incidents.<\/p><h2><span style=\"text-decoration: underline;\"><strong>6. Audits and Monitoring<\/strong><\/span><\/h2><p>\u2022 The firm will conduct internal and external audits regularly to ensure compliance with data privacy laws and IT security policies.<\/p><p><strong>\u2022 Log Monitoring<\/strong>: Continuous monitoring of system and access logs will be performed to detect and prevent unauthorized access or breaches.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Data Security and Privacy Policy 1. Purpose This Data Privacy and IT Security Policy outlines\u2026<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-8263","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/maspartner.com\/en-us\/wp-json\/wp\/v2\/pages\/8263","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/maspartner.com\/en-us\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/maspartner.com\/en-us\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/maspartner.com\/en-us\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/maspartner.com\/en-us\/wp-json\/wp\/v2\/comments?post=8263"}],"version-history":[{"count":0,"href":"https:\/\/maspartner.com\/en-us\/wp-json\/wp\/v2\/pages\/8263\/revisions"}],"wp:attachment":[{"href":"https:\/\/maspartner.com\/en-us\/wp-json\/wp\/v2\/media?parent=8263"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}