Information Security Policy

Founded 2023, Teachec is a comprehensive platform dedicated to empowering online sellers and entrepreneurs with the tools, resources and services they need to scale their businesses. Teachec simplifies the complexities of online selling. Our mission is to support your growth at every stage, providing expert guidance, innovative products, and services that help you succeed in the competitive world of e-commerce. 

At Teachec we are very committed to Information Security. meaning that our framework of policies and procedures that includes all legal, physical and technical controls involved in an our information risk management processes adhere to this world-wide renowned high standard.

Information security is an important aspect of our business in all aspects: we need to protect the data from our customers, users and ourselves.

Our Information Security Policy describes the information security management system (or ISMS) that our company uses. Anyone in our company (or at key positions at suppliers) that is handling confidential or sensitive data should be aware of this policy and act in accordance with it. The entire management team of our company has been involved in creating this policy.

 

1. Policy Statement

1.1. Information Classification

Information is classified into three categories:

Confidential: Information that requires the highest level of protection and is disclosed only to authorized personnel. This includes, but is not limited to, customer data, financial records, and proprietary information.

Internal Use: Information for internal use only, which should not be shared outside the organization without proper authorization.

Public: Information that is suitable for public consumption and does not require special protection.

1.2. Access Control

Access to information is restricted to authorized individuals only. Users will be assigned unique credentials, and access permissions will be granted based on the principle of least privilege, ensuring that individuals have access only to information necessary for their job functions.

1.3. Data Protection

All sensitive information will be encrypted, whether at rest or in transit, to prevent unauthorized access or interception.

1.4. Incident Response

Procedures will be in place to report and respond to security incidents. All employees are responsible for reporting any suspected or confirmed breaches or security incidents promptly.

1.5. Security Awareness

Employees will receive training on information security best practices, and the organization will promote a culture of security awareness.

1.6. Compliance

The organization will comply with all relevant laws, regulations, and industry standards related to information security, including GDPR, HIPAA, or other applicable regulations.

2. Responsibilities

All employees, contractors, and third-party vendors have a shared responsibility for information security. Key responsibilities include:

Complying with this policy and related procedures.
Reporting any security incidents or breaches.
Safeguarding access credentials and information.

3. Enforcement

Violations of this policy may result in disciplinary action, up to and including termination of employment or legal action. Enforcement of this policy is the responsibility of the Information Security Officer or designated individuals.

4. Review and Revision

This Information Security Policy will be reviewed regularly and updated to address evolving security threats and organizational changes.

5. Contact Information

For any questions, concerns, or reporting of security incidents, please contact “contac@teachec.com”