We understand that when you transfer your business processes to us, you are not just transferring tasks; you are entrusting us with your most valuable asset: your data. We take this responsibility seriously.
This pledge outlines our unwavering commitment to safeguarding the confidentiality, integrity, and availability of the information entrusted to us by our clients and their customers.
1. Zero-Compromise Compliance
We operate strictly within the legal frameworks of every jurisdiction we serve. We pledge to:
• Adhere to Global Standards: Fully comply with major data protection regulations, including GDPR (Europe), CCPA (California), and other relevant local.
• Audit-Ready Transparency: Maintain open books for client audits and third- party certifications (such as ISO 27001 and SOC 2 Type II) to prove our adherence to security.
• Lawful Processing: Only process personal data for the specific purposes authorised by our clients, ensuring no unauthorized usage or “data “.
2. Fortified Technical Security
We employ defense-in-depth strategies to secure your data against cyber threats. We pledge to:
• Encryption Everywhere: Encrypt all sensitive data both in transit (using TLS 2+) and at rest (using AES-256 standards).
• Access Control: Implement strict Role-Based Access Control (RBAC) and Multi-Factor Authentication (MFA). Employees only access the specific data required to perform their current.
• Continuous Monitoring: Utilize 24/7 security operation centers (SOC) to detect, analyze, and neutralize threats in real-time.
3. The Human Firewall
We recognice that human error is a significant risk vector. We pledge to:
• Rigorous Vetting: Conduct comprehensive background checks and screening for all employees before they access client systems.
• Clean Desk Policy: Enforce physical security measures in our operational centers, including a strict ban on mobile phones, recording devices, and writing materials on the production.
• Ongoing Training: Mandate regular data privacy training and phishing
simulations for all staff to ensure security awareness is part of our daily culture.
4. Transparency s Incident Response
We believe in honesty and speed if the unexpected happens. We pledge to:
• Immediate Notification: In the unlikely event of a security incident, we commit to notifying affected clients immediately, well within regulatory.
• Full Cooperation: Work hand-in-hand with your internal security teams to remediate issues and prevent.
• Data Sovereignty: Respect your requirements regarding where your data resides, ensuring it is not transferred across borders without your explicit.
Our Promise to You
“Your data is safe in our hands. We treat your information with the same vigilance
and care as we treat our own, ensuring that your business continuity and reputation are never compromised.”
Signed:
Prashant Hanmantgad
CEO/ Founder
PH7 Global Services Ltd.
Effective Date: April 2025 Review Date: April 2027