SalesPage data privacy pledge 2023
SalesPage assists asset manager clients to consume, leverage, and monetize their investment in data more effectively. Our goal is to help our clients realize an ROI on data they own or license, through more intelligent and effective distribution.
SalesPage clients, partners, and third-party data providers rightfully have concerns about the integrity and security of their data. Third-party data providers are concerned about the way that their intellectual property is used, managed, and disseminated. Asset managers are dealing increasingly with more regulations and higher standards for confidentiality surrounding their data.
SalesPage advocates for establishing and maintaining best practices designed to meet confidentiality requirements and protect the intellectual property of all parties. We have worked with our clients and industry peers to identify, describe, and adopt those best practices. To be as transparent as possible about the measures we’re taking to preserve the integrity and security of data and intellectual property—our own, that of our clients, and that of third-party data providers and partners—we will publish these standards annually and welcome feedback from our peers.
We pledge that:
- SalesPage clients must own all the data they are asking SalesPage to process or have a proper license for that data from the relevant third-party provider. Each client must also confirm that SalesPage’s data privacy and security standards meet or exceed their contractual obligations under third-party license agreements.
- SalesPage Enterprise and LumaSuite are not “data consortium” solutions. In every instance, these SalesPage solutions will standardize and process data only on behalf of individual and specific clients; each client’s data will be treated solely for their use within their secure SalesPage software solution or their client-specific environment, and each client’s data will be processed separately from every other client’s data and data elements residing in a client’s data will not be introduced to any other SalesPage business, product family member, or third party without explicit written approval from all data owners—including other SalesPage clients.
- SalesPage will continue to strictly segregate operations related to our agreements with each client. We will establish a private environment for each SalesPage client. Individual client environments will be kept separate from internal databases that are used for client development, as well as from SalesPage-controlled data sources and from third-party data. An individual client’s data elements will not be introduced to any other client environment, either deliberately or through cross contamination, without written approval from all data owners.
- SalesPage will not provide extracts of data from any client’s environment to a third party except at the client’s written request.
- Access to a client’s environment and data (including licensed third-party data) will be granted only to those SalesPage team members who are assigned to provide services to that client.
- SalesPage will continue to segregate each product offering to its own infrastructure and network and will continue to use separate operations teams to manage each offering. Access to each offering’s specific client environments will be strictly limited based on specific team members’ job requirements and employment status.
- All SalesPage team members will sign non-disclosure agreements and complete annual confidentiality and security training. Any team members who have access to multiple sets of proprietary data will be required to meet the confidentiality and IP protections that are in place for each data set.
- SalesPage will maintain strict data governance and security protocols. These protocols will include at least the following measures: proactive monitoring for potential breaches; a defined notification process in the event of a security incident; and an annual review process, audit, and staff training.
- SalesPage will appoint a Data Protection Officer who will be responsible for reviewing, maintaining, and updating SalesPage policies and standards related to data privacy, security, and IP protection. The Data Protection Officer will report directly to the CEO.
Together with our clients, partners, and advisors, SalesPage will strive continuously to protect your data. We want our industry to be recognized for having the highest standards of protection for intellectual property and privacy, and we will work with all our clients and partners to meet that goal.
SOC 2 Type II Attestation
SalesPage completed its SOC 2 Type II audit, performed by KirkpatrickPrice. Receiving this attestation confirms SalesPage’s strong commitment to security and delivering high-quality services to our clients by demonstrating that we have the necessary internal controls and processes in place.