Terms of Service
Date: 13-09-2024
Version: 1.2
| S. No. | Version | Date | Description |
| 1 | 1.1 | 16-Apr-2023 | New Policy |
| 2 | 1.2 | 13-Sep-2024 | Revised Policy with various additions |
Applies to: All employees, contractors, systems, and services of iSOURCe
1. Purpose
This policy defines the requirements and procedures for the use of encryption to protect sensitive and personal data handled by iSOURCe. It ensures that data collected and processed during client projects (such as lead generation and contact research) is appropriately secured in transit and at rest.
2. Scope
This policy applies to:
All electronic data collected, processed, stored, or transmitted by iSOURCe
All employees and tools used in data & lead generation projects
All devices and systems (laptops, cloud platforms, email tools, etc.)
3. Encryption Requirements
a. Data in Transit
All personal and sensitive information transmitted across networks (including client data, contact lists, or project reports) must be encrypted using secure protocols, including:
- HTTPS (TLS 1.2 or higher) for all web-based applications
- Secure file transfers using services such as SFTP, encrypted ZIP files, or client-approved platforms (e.g., Box, OneDrive)
- Email attachments containing personal data must be password-protected and passwords shared via a separate channel
b. Data at Rest
All stored data containing client information must be encrypted:
- Laptops and workstations must use full-disk encryption (BitLocker for Windows, FileVault for Mac)
- Contact databases must be stored in encrypted cloud storage (e.g., Google Drive or Microsoft OneDrive with encryption enabled)
- USB drives or portable media are prohibited
4. Key Management
- Encryption keys must be stored securely and only accessible to authorized personnel
- Passwords used for encrypted files must be strong and never transmitted in the same message as the file
- We do not manage our own encryption keys unless specifically required; we use secure services with managed key protection (e.g., Google Workspace, Microsoft 365)
5. Responsibilities
| Role | Responsibility |
| IT/Operations | Enforce encryption on company systems and storage |
| Employees | Use encrypted tools and follow secure data handling practices |
| Project Leads | Ensure data shared with clients complies with this policy |
6. Exceptions
Exceptions to this policy must be documented and approved by senior management. No sensitive or personal data may be transmitted or stored unencrypted unless explicitly authorized under contract or law.
7. Policy Review
This policy will be reviewed annually or upon significant changes in:
- The type of data processed
- Client or regulatory requirements
- Technology platforms used
8. Enforcement
Violations of this policy may result in disciplinary action, including revocation of system access or termination of contracts.
9. Contact for Questions
If you have questions or need further guidance on encryption practices:
Contact: Amit Saxena
Email: amit@isourceopportunities.com
“A consultative, partnership model with the inside sales function of an organization enables us to convert what often appears to be a volume of information requests into a qualified leads pipeline that become readily accepted by the Head of Sales”
