Information and Data Security Compliance Statement
The security and privacy of your data is a core part of Allsec’s business. This statement provides our clients, the assurance & our commitment to information & data security compliance. In continuously addressing security issues, we have developed Data Security programs that evolve through the changing needs of our client’s data security needs.
At Allsec Establishing appropriate security programs that our clients can rely upon, has been primal since inception. Our privacy programs stands.
Our Privacy Operations Philosophy
To move beyond compliance into a Business Assurance approach to ensuring privacy of information. Allsec focuses on continual improvement of our privacy landscape. Transition from compliance to business assurance is the key to efficient security practices and what we need is additional security models focused on IT systems with an essence of dynamism.
At Allsec, it is the way to apply current industry best practice to create our Service Management System, adopt newer dimensions of security structures and remain sensitive to evolving privacy diktats.
Allsec’s has resolved to go through all applicable privacy paradigms by all means, to ensure security and data leakage issues combined with data integrity or data quality issues are never a critical barrier for our global clients and clients’ customers in their interaction with Allsec. Working with our clients, Allsec will use its management systems as an effective tool to meet the needs of their business and to feed their anxiousness to have their information is processed with quality and at the same time be protected and to see evidence of such quality and security.
Back to Top
Our Privacy Programs
Payment Card Industry Data Security Compliance
The Payment Card Industry (PCI) Data Security Standard is a worldwide standard for payment card and consumer financial data protection. It incorporates the requirements of the Visa USA Cardholder Information Security Program (CISP) and the Visa International Account Information Security (AIS) program, the MasterCard International Site Data Protection (SDP) program, as well as the security requirements of American Express DSS, DiscoverCard DISC etc., VISA and MasterCard now require all merch ants to adhere to the PCI security standard. Our compliance with PCI standards is certified by a certified PCI compliance services provider.
Our delivery centers are tested with industry-standard PCI Compliance remote vulnerability testing and are tested at least every 90 days.
Allsec’s information and data security programs ensure compliance with the network perimeter security criteria mandated in such regulations as: the Health Insurance Portability & Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), the Sarbanes-Oxley Act (SOA) and other Electronic Data Protection regulations applicable to the business of Allsec Technologies Ltd., as a Business Process Outsourcing provider.
Back to Top
SAS 70 Type II
The SAS 70 audit is one of the most demanding certifications that a data center operator can undergo because it examines all aspects of the internal control system. Not only must the controls be present, they must also be documented and verified. Allsec is a SAS 70 Type II Certified organization since 2007 consistently maintaining the effectiveness and efficiency of the controls periodically evaluated bi-annually after they were placed in operation. This assures our clients that the control system is functioning properly and which tests, controls, or processes can be improved.
ISO 27001:2005
While PCI DSS and SAS 70 caters to strategic management of information & data security, at an operational level an information security additionally requires a hint of quality management to its control environment. Allsec, in realization of this fact, has implemented ISO 27001:2005 as an integrated management system of both quality and information security. Our environment of internal controls, across all of our accreditations undergoes not only the tight scrutiny through internal security audits but also quality process audits. Business Continuity Management / Disaster Recovery systems and Information Security governance structure enforced by ISO 27001:2005 enables Allsec to maintain secure IT environment for our clients who entrust their IT systems to Allsec.
Site Disclaimer
The information on this website has been compiled by Allsec Technologies Limited (Allsec). Although we have attempted to provide accurate information, no representation is made or warranty is given as to the completeness or accuracy of anything contained on this website. Neither Allsec nor its affiliates or agents shall be responsible for any gains or losses that may be incurred by the viewer by acting on the basis of the content of this website.
Back to Top
Privacy Policy
Allsec respects your privacy and is committed to protecting the information you provide us through this web site. We do not sell or distribute user information to third parties. We gather user information in order to serve your needs and respond to your information requests. These are the guidelines we use in protecting your privacy.
Collecting User Information
We collect information about our web visitors indirectly through our Internet access logs. When you access Allsec, the browser’s domain name and Internet address is automatically collected and placed in our Internet access logs. We use this information to learn about which sections, pages and information web site visitors access.
Use of Cookies
Allsec web site may use cookies to assist in producing overall site visitor statistics. Cookies, by themselves, cannot be used to find out the identity of any user unless they specifically tell us who they are. If you wish, you can disable cookies on your computer by changing the settings in preferences or options menu in your browser.
Disclosure of User Information
Allsec does not rent, sell, or share personal information about you with other people or nonaffiliated companies. If you have submitted user information to us through an e-mail, Allsec maintains your security by ensuring that the information is only distributed within the Allsec Group who are all responsible for responding to your requests either directly or indirectly.
Back to Top
We may disclose information in the following circumstances
- We provide the information to trusted partners who work on behalf of or with Allsec under extremely strict confidentiality agreements.
- We respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims.
- We believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law.
Links to Third Party Sites
Allsec’s web site may provide links to other third party web sites. Allsec is not responsible for the contents or policies of these web sites. These links are provided to you for convenience purposes only and Allsec is not liable for inaccuracy of any information on such sites. These sites may send their own cookies to users, or otherwise collect data or solicit personal information. If the Allsec web site links you to any third-party web site, we make no representation as to the existence, sufficiency, accuracy or completeness of their Privacy Policy.
Intellectual Property Rights
The products, technology and/or processes described in this site may be the subject of intellectual property rights reserved by Allsec or other third parties. Nothing contained herein shall be construed as conferring to you in any manner, whether by implication, estoppel or otherwise, any license, title, or ownership of or to any intellectual property right of Allsec or any third party
Back to Top