Data Encryption and Security Policy
/Data Encryption and Security Policy

Data Encryption and Security Policy

Last Updated on July 5, 2026

Data Encryption and Security Policy

Last Updated on July 5, 2026

Welcome to Marketeq Digital Inc. (hereinafter referred to as "Marketeq," "we," "us," or "our"). This Data Encryption and Security Policy (the "Policy") describes the technical and organizational measures that Marketeq employs to protect the confidentiality, integrity, and availability of the data it processes, including personal data. As an IT consulting firm entrusted with sensitive information, Marketeq treats data security as a foundational priority. This Policy supplements our Privacy Policy and GDPR Compliance and Data Protection Statement and should be read together with them. If you have any questions about this Policy, you may contact us at legal@marketeqdigital.com.

1. Purpose and Scope

The purpose of this Policy is to set out the principles and measures through which Marketeq safeguards data against unauthorized access, disclosure, alteration, and destruction. This Policy applies to all data processed by Marketeq across its systems, networks, and devices, and to all personnel and processors who handle such data. It reflects our commitment to implementing appropriate safeguards commensurate with the nature and sensitivity of the data we process. The measures described in this Policy are designed with regard to prevailing standards, the state of the art, and the risks associated with our processing activities. This Policy forms part of our broader information governance framework.

2. Encryption

Marketeq employs encryption as a core safeguard for protecting data both in transit and at rest, where appropriate. Data transmitted across public networks is protected using industry-standard transport encryption protocols to reduce the risk of interception. Data at rest within our systems may be encrypted using recognized cryptographic methods to protect it in the event of unauthorized access to storage media. We manage cryptographic keys using controlled processes designed to protect them from compromise. Our use of encryption is reviewed periodically to ensure it remains aligned with prevailing standards and evolving threats.

3. Access Controls

Access to data held by Marketeq is restricted to authorized personnel and processors who require it to perform their duties, in accordance with the principle of least privilege. We implement authentication and authorization measures, which may include multi-factor authentication, role-based access controls, and periodic access reviews. Access rights are granted, modified, and revoked through controlled processes, and access is promptly removed when it is no longer required. We maintain logs of access to sensitive systems and data to support monitoring and accountability. These controls are designed to ensure that data is accessed only by those with a legitimate need.

4. Network and Infrastructure Security

Marketeq implements measures to protect the networks and infrastructure through which data is processed and stored. These measures may include firewalls, intrusion detection and prevention capabilities, network segmentation, and secure configuration of systems and devices. We apply security updates and patches in a timely manner to address known vulnerabilities. We monitor our infrastructure for anomalous or unauthorized activity and take appropriate action when potential threats are identified. Our infrastructure security measures are designed to reduce the likelihood and impact of security incidents.

5. Organizational Measures

In addition to technical safeguards, Marketeq implements organizational measures to support the security of data. Personnel who handle data are made aware of their security responsibilities and are expected to comply with our security policies and procedures. We apply principles of data protection by design and by default when developing and operating our systems. We maintain internal policies governing acceptable use, access management, and incident response. These organizational measures complement our technical safeguards and reinforce a culture of security throughout our operations.

6. Vendor and Processor Security

Where Marketeq engages vendors or processors to handle data on its behalf, we take reasonable steps to ensure that they maintain appropriate security measures. We enter into agreements that require such parties to protect data in accordance with our standards and applicable law. We assess the security practices of vendors and processors as part of our engagement processes and monitor their compliance where appropriate. Further detail regarding our approach to vendors is set out in our Vendor Data Handling Policy. We hold our vendors and processors to security expectations consistent with those we apply to ourselves.

7. Incident Detection and Response

Marketeq maintains procedures for detecting, investigating, and responding to security incidents. Upon identifying a potential incident, we act promptly to contain it, assess its scope and impact, and take appropriate remedial measures. Where an incident involves personal data and gives rise to a notification obligation, we will notify the relevant authorities and affected individuals in accordance with applicable law. We document security incidents and the measures taken in response to support continuous improvement. Our incident response procedures are designed to minimize harm and to restore normal operations as quickly as possible.

8. Continuous Improvement and Testing

Marketeq periodically reviews, tests, and updates its security measures to ensure they remain effective against evolving threats. This may include vulnerability assessments, security reviews, and evaluation of our controls against recognized standards and best practices. We use the results of such activities to identify and address areas for improvement. Security is treated as an ongoing effort rather than a fixed state, and we adapt our measures as technology and risks evolve. Despite our efforts, no security measure can provide absolute protection, and we cannot guarantee that data will be entirely secure.

9. Changes to This Policy

Marketeq reserves the right to modify or update this Data Encryption and Security Policy at any time to reflect changes in our practices, technology, or legal requirements. Any changes will become effective upon posting the revised Policy, and we encourage you to review it periodically. Where changes are material, we will endeavor to provide additional notice through appropriate means.

10. Contact Information

If you have any questions, concerns, or requests regarding this Data Encryption and Security Policy, or if you wish to report a suspected security issue, please contact us at legal@marketeqdigital.com. We are committed to protecting the data entrusted to us and to addressing security matters promptly and responsibly.