Back to Help Center

Security

Security

What and where does Intrro store the data it collects?

Do you fill out security assessments?

Who is the security contact?

Single Sign-On

User Roles

Passwords

Application Infrastructure

Vulnerability Management

Intrusion Detection and Prevention

Logical Separation

Incident Response

Vulnerability Disclosure

Software Development Life Cycle

Data Encryption

Data Subprocessors

New SCCs & the GDPR

California Consumer Privacy Act

High Availability

Business Continuity

Disaster Recovery

Backups

Security Training

Risk Management

Security Policies

Vendor Management

Confidentiality Agreements

Endpoint Security

SOC 2 Type II

1. Definitions

2. Customer Data subject to EU Data Protection Law

3. Purpose and Scope

4. Security

5. Data Subject Rights

6. Customer Personal Data Breach

7. Sub-Processors

8. Audit

9. Impact Assessment

10. Data Deletion

11. Transfer Mechanisms

12. Customer Data subject to CCPA

13. Customer Data subject to LGPD

14. Customer Responsibilities

15. Liability

16. Term and Termination

17. General

Annex 1A

Annex 1B

Annex 1C

Annex 2

Annex 3

Compliance Documentation

Data Subjects Rights

Consent

Data Breach

SOC 2 Type II

4. Security

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood andseverity for the rights and freedoms of Data Subjects, Intrro shall in relation to Customer Personal Data implement appropriate technical and organizational measuresto ensure a level of security appropriate to that risk (including those outlined in Annex 2of this DPA, (“Security Measures”). In assessing the appropriate level of security, Intrro shall take into account the risks that are presented by Processing Customer Personal Data including, in particular, the risks presented by a Customer Personal DataBreach (as defined in Section 6). Intrro may make such changes to the Security Measures as Intrro deems necessary or appropriate from time to time, including without limitation to comply with applicable law, but no such changes will materially reduce the overall level of protection for Customer Personal Data. Intrro will take appropriate stepsto ensure compliance with the Security Measures by its employees, agents, contract or sand Sub-Processors to the extent applicable to their scope of performance, including ensuring that all persons authorized to Process Customer Personal Data have agreedto appropriate obligations of confidentiality.