This Security Policy outlines how FinchTec maintains the security of personal information in accordance with the laws of the United States, United Kingdom, Australia, and New Zealand. By using our website and services, you agree to comply with the security measures outlined in this policy.

1. Data Protection:

• FinchTec implements appropriate technical and organizational measures to protect personal information from unauthorized access, loss, misuse, or alteration.
• We follow industry best practices and comply with applicable laws and regulations to ensure the security of personal information.

2. Access Controls:

• Access to personal information is restricted to authorized personnel who have a legitimate need to access such information to perform their job duties.
• User access to systems and data is granted based on role-based permissions, limiting access to the minimum necessary for individuals to perform their tasks.

3. Data Encryption:

• FinchTec employs encryption technologies to protect personal information during transmission and storage.
• We use secure protocols (e.g., HTTPS) when transmitting data over the internet and encrypt sensitive data at rest.

4. Incident Response:

• We have procedures in place to promptly detect, respond to, and recover from security incidents.
• In the event of a security breach, FinchTec will take appropriate actions to mitigate the impact and notify affected individuals as required by applicable laws and regulations.

5. Employee Training and Awareness:

• We provide regular security awareness training to our employees to ensure they understand their responsibilities in safeguarding personal information.
• Employees are required to adhere to security policies and procedures and report any security incidents or vulnerabilities promptly.

6. Compliance with Laws:

• For users located in the United States, our security practices comply with relevant federal and state laws, including the California Consumer Privacy Act (CCPA) and applicable industry-specific regulations.
• For users located in the United Kingdom, our security practices comply with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.
• For users located in Australia, our security practices comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
• For users located in New Zealand, our security practices comply with the Privacy Act 2020.

7. Third-Party Security:

• When engaging third-party service providers, FinchTec evaluates their security practices and ensures that they have appropriate safeguards in place to protect personal information.

8. Security Policy Updates:

• We review and update our security practices regularly to adapt to changing technology and threats.
• Updates to this Security Policy will be posted on our website, and it is your responsibility to review the policy periodically.

If you have any questions or concerns about our Security Policy, please contact us via our contact page.