Scope

• This policy applies to all individuals who access, manage, or interact with www.petemergencyacademy.com, including customers, users, course participants, employees, contractors, and visitors.

Data Security

• Information Collection and Use
  • We collect only the information necessary to provide our services, such as names and email addresses for user access to courses and their account.
  • Contact information for newsletter subscriptions, promotions or contact information for inquiries.
  •  All personal data is processed transparently and in accordance with applicable data protection laws.

Storage and Transmission

•  Data is stored in secure, encrypted databases with access limited to authorized personnel only.
• Sensitive information transmitted over the internet is protected through the use of encryption, such as SSL (Secure Socket Layer) technology.

System Security

• Access Control
  • Access to sensitive systems and data is restricted to authorized personnel, based on their role and the principle of least privilege.
  • Multi-factor authentication (MFA) is required for accessing critical systems.

Malware Protection

• Comprehensive antivirus and anti-malware solutions are deployed across all systems to detect, prevent, and remove malicious software.

Regular Updates and Patch Management

• Systems and software are regularly updated to ensure protection against known vulnerabilities.
• A routine patch management process is in place to apply critical security updates in a timely manner.

Incident Response and Management

• A formal Incident Response Plan (IRP) is established to address potential security breaches or cyber incidents.
  • The plan includes procedures for incident detection, assessment, containment, eradication, and recovery.
  • All security incidents are logged and reviewed to improve future response and prevention strategies.

User Education and Awareness

• Regular training programs on cybersecurity best practices are provided to employees and contractors.
• Resources and guidance on how to safely navigate and use the website are available to visitors.

Third-party Services

• Third-party services and vendors are evaluated for compliance with our cybersecurity standards before integration.
• Contracts with third parties include clauses that mandate adherence to data protection and security requirements.

Compliance

• This policy is regularly reviewed and updated to comply with current laws, regulations, and industry standards related to cybersecurity and data protection.

Contact Information

• For any questions or concerns regarding our Cyber Protections Policy or cybersecurity practices, please contact us at support@petemergencyacademy.com.