Privacy Policy
This Privacy Policy outlines our commitment to protecting personal data in compliance with applicable privacy regulations.
1. Data Protection Principles
We are committed to processing data in accordance with our responsibilities under privacy regulations. We ensure data is:
- Processed lawfully, fairly, and transparently
- Collected for specified, explicit, and legitimate purposes
- Adequate, relevant, and limited to what is necessary
- Accurate and kept up to date
- Stored only as long as necessary
- Processed securely and protected against unauthorized access
2. Third-Party Risk Management
We implement risk assessment frameworks for all vendors handling personal data, including:
- Review availability of vendor audit reports such as SOC 2 Type II
- Availability of Vendor’s Privacy Policy
- Monitor Adverse Media Coverage
3. Security Measures
We maintain appropriate security measures including:
- Access controls and authentication requirements including MFA.
- Employee training on data protection
4. Data Subject Rights
We respect and facilitate the exercise of data subject rights, including:
- Right to access personal data
- Right to rectification
- Right to erasure
- Right to restrict processing
- Right to data portability
For any questions or clarifications, please reach out to us at contact@vendormanagementoffice.net
5. Updates and Review
This privacy policy is regularly reviewed and updated to ensure continued compliance with evolving regulatory requirements and industry standards.
Last Updated: February 10, 2025