The Short Version:
- Written Information Security Program (WISP): We have a comprehensive WISP in place with administrative, technical, and physical safeguards to protect sensitive data.
- Domestic Data Handling: We never send client data overseas; all data processing and storage are conducted within the United States.
- U.S. Workforce: We do not use offshore labor; all employees and contractors are U.S. citizens, ensuring compliance with domestic laws and regulations.
- CCPA Compliance: We extend the privacy rights of the California Consumer Privacy Act (CCPA) to all our clients, ensuring transparency and the right to control personal information. We do not sell any personal information.
The Details:
At Foxglove, we are committed to maintaining the highest standards of security and confidentiality for our clients’ data. To safeguard our clients’ information, we have implemented a Written Information Security Program (WISP). This comprehensive plan includes administrative, technical, and physical safeguards designed to protect sensitive data from unauthorized access, disclosure, alteration, and destruction. Our WISP ensures that all employees are trained in data security protocols and that we regularly review and update our security measures to address emerging threats.
Additionally, we have a strict policy of never sending any client data overseas. All data processing and storage are conducted within the United States, ensuring compliance with domestic data protection regulations and minimizing the risk of data breaches. By keeping data within the country, we can better control access and maintain the highest standards of security for our clients’ sensitive information.
Furthermore, we do not use any offshore labor. All our employees and contractors are U.S. citizens, ensuring that our operations remain within the jurisdiction of U.S. laws and regulations. This policy helps us maintain tighter control over our data security practices and provides our clients with the assurance that their information is handled by professionals who are fully vetted and compliant with domestic standards.
In addition, we comply with the principles of the California Consumer Privacy Act (CCPA) and extend equivalent privacy rights to all our clients, regardless of their location. This means that all our clients have the right to know what personal information we collect, how it is used, and with whom it is shared. They also have the right to request the deletion of their personal information and to opt out of the sale of their data. Importantly, we do not sell any personal information, ever. We are committed to upholding these rights and ensuring transparency in our data handling practices.