RampedUp manages hundreds of millions of contacts and company records so data security is our top priority. The purpose of this Policy is to safeguard information belonging to RampedUp and its stakeholder (third parties, clients or customers and the general public), within a secure environment. This Policy informs RampedUp’s staff, customer, and business partners entitled to use RampedUp facilities, of the principles governing the holding, use and disposal of information. It is the goal of RampedUp that:
RampedUp requires all users to exercise a duty of care in relation to the operation and use of its information systems. With the exception of information published for public consumption, all users of RampedUp information systems must be formally authorized by appointment as a member of staff or by other process specifically authorized by the CEO. Authorized users will be in possession of a unique user identity. Authorized users do not know any password associated with a user’s identity by design.
RampedUp Provides 4 levels of user
RampedUp utilizes generally-accepted security measures (such as encryption) to protect against the misuse or unauthorized disclosure of any sensitive personal information you submit to us (such as log in information). Our customers are responsible for maintaining the security of their username and password. RampedUp employees do not have access to customers’ passwords. RampedUp Directors who are responsible for information systems are required to ensure that:
Duly authorized officers of RampedUp may access or monitor data contained in any RampedUp information system (mailboxes, web access logs, file-store etc). All employees must agree to the RampedUp Code of Conduct. Data security of RampedUp customers is based on the conduct, integrity and abilities of our employees. RampedUp expects all of its employees to share its commitment to high ethical and legal standards and to avoid any activities that could involve the Company or its colleagues in any real or perceived unethical, improper, or unlawful act. Our Code of Conduct Policy can be found here.
Individuals in breach of this policy are subject to disciplinary procedures at the instigation of the CEO with responsibility for the relevant information system, including referral to the local authorities where appropriate. RampedUp will take legal action to ensure that its information systems are not used by unauthorized persons.
Customer may order from RampedUp licenses to access and use RampedUp’s proprietary software application to be hosted and made available by RampedUp as software-as-a-service basis, including any software and the RampedUp website located at rampedup.io (collectively, the “Service”). The specifics of each Customer order will be set forth on a written or electronic order form, quote and/or invoice (each, an “Order Form”) provided by RampedUp or made available on the RampedUp website.
Rampedup uses Amazon Web Services (AWS) and has strategically placed a limited number of access points to the cloud to allow for a more comprehensive monitoring of inbound and outbound communications and network traffic. These customer access points are called API endpoints, and they allow secure HTTP access (HTTPS), which allows you to establish a secure communication session with your storage or compute instances within AWS. To support customers with FIPS cryptographic Amazon Web Services, the SSL-terminating load balancers in AWS GovCloud (US) are FIPS 140-2-compliant. In addition,
AWS has implemented network devices that are dedicated to managing interfacing communications with Internet service providers (ISPs). AWS employs a redundant connection to more than one communication service at each Internet-facing edge of the AWS network. These connections each have dedicated network devices. Transmission Protection You can connect to an AWS access point via HTTP or HTTPS using Secure Sockets Layer (SSL), a cryptographic protocol that is designed to protect against eavesdropping, tampering, and message forgery.
For an Incident Response Plan to be effective, there are seven stages that need to be addressed. Proper execution of the response plan will require the efforts of various different departments within an organization. Detailing the roles and responsibilities of these individuals as well as creating precise guidelines for analyzing, reacting to, and controlling security violations.
Our RTO, or Recovery Time Objective, is 4 Hours. Our RPO, or Recovery Point Objective, is 24 Hours or time between data backups and the amount of data that could be lost in between backups. As a result of our testing and handling of an incident, RampedUp may change technologies, procedures, controls, and even business terms.
The privacy of your personal information is very important to us. This statement outlines what personal information RampedUp, LLC. (“RampedUp”) collects about you and how we use it in the RampedUp software, widgets, products and services, and our website located at www.rampedup.io (the “Site”) (collectively, the “Service”). If you have any questions or concerns relating to privacy or security, please send an email to email@example.com