- Privacy
-
- osCommerce Freelancers collects contact information for clients and is used for the duration of the project. However, the contact information may also be used for any service level, on going support, or retainer agreements executed after project completion.
- osCommerce Freelancers self imposes a requirement to execute a non-disclosure agreement with each client thereby ensuring all communications and actions have a legal expectation of privacy.
- Types of contact data collected and the preferred method of storage include:
- Encrypted - CRM - Client first and last name
- Encrypted - CRM - Client phone number
- Encrypted - CRM - Client mailing address
- Encrypted - CRM - Client email address
- Public - Instant Messenger Buddy List(s) - Instant messenger handles
- Security
-
-
Physical Security
- All customer information is stored on an encrypted disk with an established Access Control List on a Debian based Linux intra-company LAN server.
- Access to the CRM server is controlled via Cisco hardware firewall and also server level iptables firewall for redundancy.
- All subversion repositories are located on the encrypted disk and must be mounted locally by the developer. No client files or data is ever stored on an individuals workstation.
-
Transmission Security
- All access to the CRM software served from the encrypted disk must be transmitted using SSL v3 or TLS cryptographic protocols.
- Administrative access to the server is via secure connection between the SSH2 server and authenticated SSH2 client.
|
