Privacy and Security Center

Machintel has developed and implemented comprehensive privacy and information security programs for:

• Compliance with  relevant privacy legislation and regulatory standards pertinent to our business services
• Fulfillment of customer and stakeholder expectations, along with contractual obligations
• Deployment, upkeep, surveillance, and progressive enhancement of our security and data protection measures
• Use of best practices in protection, privacy, security and compliance in all programs and their protocols

Machintel maintains a robust privacy and data protection governance framework designed to oversee privacy compliance and mitigate data protection risks effectively. This framework is anchored by a comprehensive policy that delineates the overarching structure of our privacy program, pinpointing critical control domains, methodologies, and organizational tactics for ensuring data protection and adherence to privacy mandates. Additionally, the framework encompasses precise policies and procedural guidelines aimed at conforming to specific requirements of prevailing privacy legislations.

The foundational elements of Machintel's Privacy Program include:

• Unwavering support and dedication from executive leadership
• Designation of specialized privacy and security staff
• A solid foundation of policies, procedures, standards, and guidelines
• Extensive privacy and security training and awareness initiatives
• Integration of Privacy by Design principles
• Implementation of security measures for safeguarding sensitive and confidential data
• Efficient management of privacy incidents
• Prompt data breach notification procedures
• Thorough handling of privacy inquiries and investigations
• Rigorous audits of privacy and associated security controls
• Ongoing updates and enhancements to the Privacy Program

Machintel's Information Security Program is designed to establish, enforce, and oversee the comprehensive security measures encompassing policies, procedures, standards, guidelines, and controls tailored to protect all sensitive personal and confidential information in our care. This initiative aligns with the requirements of pertinent legal and regulatory frameworks, as well as our contractual obligations.

Key pillars of Machintel's Information Security Program include:

• Strong support and commitment at the executive level
• Designation of specialized security personnel
• Comprehensive security policies, procedures, standards, and guidelines
• Ongoing information security training and awareness initiatives
• Rigorous risk assessments for critical systems
• Prompt identification and response to security incidents
• Mechanisms for secure incident reporting by the workforce
• Proactive information security breach notifications
• Robust security processes and controls for safeguarding sensitive and confidential data
• Regular audits and evaluations of security controls
• Continuous updates and maintenance of the Information Security Program

The framework of our program draws on best practices from industry-leading standards and frameworks, including the National Institute of Standards and Technology (NIST), relevant SOC 2 criteria, and the International Organization for Standardization (ISO).

Machintel has established an extensive array of policies, procedures, and controls to address and mitigate privacy and security risks effectively. This framework includes, but is not limited to:

• Information Security Risk Management Policy
• Access Control, Authentication, and Authorization Policy
• Acceptable Use Policy
• System Development Lifecycle Policy
• Password Management Policy
• Data Classification and Handling Policy
• Business Continuity and Disaster Recovery Policies
• Privacy and Security Incident Management Policies
• Record Retention and Destruction Policy alongside Retention Schedules
• Third-Party Assessment Policy with assessment tools
• GDPR and CCPA Compliance Policies and Procedures

Comprehensive Privacy and Security Training and Awareness Programs

Machintel ensures a culture of privacy and security through extensive training and awareness programs for employees and relevant stakeholders, focusing on understanding the organization’s privacy and security protocols and responsibilities.

Human Resource Controls

Machintel is committed to attracting and nurturing a diverse pool of exceptional talent, recognizing the critical role our employees play in data protection. We conduct thorough background checks in line with local laws and require all new hires to acknowledge our privacy and security policies. Continuous training, performance reviews, and a culture of diversity, equity, and inclusion are pillars of our HR strategy.

Incident and Third-party Management

Machintel has instituted a robust incident management program with a cross-functional team ready to address and mitigate any privacy or security incidents, minimizing impact and operational disruption. Our third-party assessment program rigorously evaluates the compliance and security postures of our partners, especially those linked to critical systems.

Technical and Physical Security Measures

Machintel employs a suite of IT security controls and practices, including:

• Access and Authorization Controls
• Advanced Authentication and Password Management
• Network Security Enhancements like Firewalls, IDS/IPS, and SIEM systems
• Regular Vulnerability Scanning and Penetration Testing
• Secure Wireless Networking and Server/Workstation Management
• Encryption for Data in Transit, Backups, and at Rest
• Physical Security Measures and Disaster Recovery Protocols

Machintel partners with SOC 2 compliant data centers and cloud providers to ensure the highest security standards in service delivery and internal operations.

Data Privacy Operations

Machintel’s evolving privacy program is designed to comply with international privacy laws like GDPR and CCPA, aligning with best practices and stakeholder expectations. Our operations include:

• Processing Records Maintenance
• Legitimate Interest Management
• Privacy/Data Protection Impact Assessments
• Personal Information Management and Individual Rights Fulfillment
• External Privacy Communications and Third-Party Assessments
• Regular Audits to Uphold Regulatory and Customer Commitments

Data Collection and Transparency

As a B2B data provider, Machintel responsibly collects business contact information through transparent and voluntary interactions, adhering strictly to our privacy policies. We emphasize transparency and clarity in our data practices, providing comprehensive privacy notices and various avenues for data subjects to exercise their rights.

Machintel is dedicated to lawful, necessary, and secure data processing, specializing in the collection and utilization of business contact information through a consent-based engagement process. Prospective members willingly share their details to access our exclusive content and receive targeted communications that align with their professional interests. The scope of data we collect is strictly confined to essential, non-sensitive information such as names, titles, and contact details, all handled in strict adherence to our comprehensive online privacy guidelines.

Our commitment to transparency in the management, utilization, and safeguarding of data, especially personal information, forms the cornerstone of our privacy ethos. As a dedicated B2B entity, we recognize the importance of clear, transparent communication with our members and clients regarding our data handling practices. To this end, we maintain easily accessible privacy policies and notices, prominently displayed across our digital platforms, registration interfaces, and within our email correspondences. Our framework includes a range of member agreements that delineate the terms of service use, alongside offering numerous avenues for members and clients to exercise their rights concerning their data.

Included within our privacy framework are:

• Machintel Privacy Policy
• Machintel Privacy Notice for California Residents
• Machintel Terms of Use

Specific policies and agreements tailored to our services and platforms

Our data collection practices are meticulously designed to be relevant, necessary, and in full compliance with our service provision, as explicitly outlined in our privacy documentation. We ensure a transparent and straightforward process for our members to assert their data rights, including requests for access, correction, deletion, portability, or to dissent against the sale or sharing of their personal data:

For requests under EU or UK GDPR, click here.

For requests in compliance with the California CCPA, click here.

For all other privacy inquiries, click here.

Machintel's approach to data handling assures our clientele of a secure, lawful, and ethical engagement, reflecting our unwavering dedication to privacy and data protection standards.