We connect companies and project owners with fans and community groups, allowing everyone to benefit financially.

Data Security Policy

PURPOSE

This document defines the data security policy of SoKap Community Networks Inc. ("SoKap") as it related to its website sokap.com. SoKap takes the privacy of our employees and the members of SoKap listed projects very seriously. To ensure that we are protecting our corporate and client data from security breaches, this policy must be followed and will be enforced to the fullest extent.

INTENT

The goal of this policy is to inform employees and contractors at SoKap of the rules and procedures relating to data security compliance.

The data covered by this policy includes, but is not limited to, all electronic information found in e-mail, databases, applications and other media; paper information, such as hard copies of electronic data, employee files, internal memos, and so on.

AUDIENCE

This policy applies to all employees, management, contractors, vendors, business partners and any other parties who have access to company data.

DATA TYPES

SoKap deals with two main kinds of data:

  1. Company-owned data that relates to such areas as corporate financial information, employment records, payroll and related items.
  2. Private data that is the property of members of SoKap listed projects and/or employees, such as social insurance numbers, credit card information, contact information, etc.

DATA CLASSIFICATIONS

SoKap's data is comprised of four (4) classifications of information:

  1. Public/Unclassified. This is defined as information that is generally available to anyone within or outside of the company. Access to this data is unrestricted, may already be available and can be distributed as needed. Public/unclassified data includes, but is not limited to, marketing materials, company policies relating to dealing with external persons and organizations, new releases and other data as applicable.

    Employees may send or communicate a public/unclassified piece of data with anyone inside or outside of the company.

  2. Private. This is defined as corporate information that is to be kept within the company. Access to this data may be limited to specific departments and cannot be distributed outside of the workplace. Private data includes, but is not limited to, work phone directories, organizational charts, company financial information, company policies (except for those specifically identified as Public/ Unclassified) and other data as applicable.

    All information not otherwise classified will be assumed to be Private.

    Employees may not disclose private data to anyone who is not a current employee of the company.

  3. Confidential. This is defined as personal or corporate information that may be considered potentially damaging if released and is only accessible to specific groups (e.g. payroll, human resources, member support, etc]. Confidential data includes, but is not limited to, social insurance numbers, contact information, tax forms, accounting data, security procedures and other data as applicable. SoKap considers it a top priority to protect the privacy of the members of SoKap listed projects and employees. A separate Privacy Policy outlines our commitment to protecting personal data.

    Employees may only share confidential data within the department or named distribution list.

  4. Secret/Restricted. This is defined as sensitive data which, if leaked, would be harmful to SoKap, its employees, contractors and other parties as applicable. Access is limited to authorized personnel and third parties as required. Secret/restricted data includes, but is not limited to, audit reports, legal documentation, business strategy details and other data as applicable.

    Secret/restricted data cannot be disclosed by anyone other than the original author, owner or distributor.

It is the responsibility of everyone who works at SoKap to protect our data. Even unintentional abuse of classified data will be considered punishable in accordance with the extent and frequency of the abuse.

RESPONSIBILITIES

All employees are responsible for adhering to the policy and reporting any activities that do not comply with this policy.

Management is responsible for ensuring that their direct reports understand the scope and implications of this policy. Human Resources must also ensure that all employees have a signed copy of this policy in their file.

Security staff will be monitoring data for any unauthorized activity and are responsible for updating access requirements as needed.

Any employee who authors or generates corporate or client data must classify that data according to the criteria outlined above.

MANAGEMENT

Ownership of this policy falls to the Chief Financial Officer ("CFO"). For any questions about this policy, or to report misuse of corporate or personal data, please contact the CFO at the telephone number or email address provided in the staff directory. The Chief Technology Officer ("CTO") will work in conjunction with the CFO to maintain data access privileges, which will be updated as required when an employee joins or leaves the company.

These are the accepted technologies SoKap uses to enforce and ensure data security:

  1. Access Controls
  2. Strong Passwords
  3. System Monitoring

REVIEW

Management is responsible for keeping this policy current. This policy will be reviewed annually or as circumstances arise.

Also annually, a full security audit will be performed by a Security Team selected by the CTO and CFO to ensure that the policy is properly aligned with company directives, third party security requirements and legislated security requirements.

ENFORCEMENT

Employees found to be in violation of this policy by either unintentionally or maliciously stealing, using or otherwise compromising corporate or personal data may be subject to disciplinary action up to and including termination.

Company and Project Owners

If you want to promote your work on SoKap, click here.

Contact Us

Questions? Brilliant ideas? Need a recommendation? Contact us and we’ll be happy to help.