Back to Home

Data Protection Guidelines

Last Updated: December 2024

1. Commitment to Data Protection

Titanium Works is committed to protecting the data entrusted to us by our clients. We implement comprehensive data protection measures aligned with international standards including GDPR and ISO 27001 principles.

2. Data Classification

We classify client data into categories:

  • Confidential: Sensitive business data, credentials, proprietary code
  • Internal: Project documentation, communications
  • Public: Published materials, public repositories

3. Technical Safeguards

We implement the following technical measures:

  • End-to-end encryption for data in transit
  • AES-256 encryption for data at rest
  • Multi-factor authentication for all systems
  • Regular security audits and penetration testing
  • Automated backup systems with encryption
  • Network segmentation and firewall protection

4. Access Control

Data access is governed by:

  • Principle of least privilege
  • Role-based access controls
  • Regular access reviews and audits
  • Immediate access revocation upon project completion

5. Data Processing

Client data is processed only for:

  • Fulfilling agreed-upon project deliverables
  • Communication regarding the project
  • Legal and compliance requirements

6. Data Breach Response

In the event of a data breach:

  • Immediate containment and investigation
  • Notification to affected clients within 72 hours
  • Detailed incident report and remediation plan
  • Cooperation with relevant authorities

7. Subprocessors

We carefully vet all subprocessors and require them to maintain equivalent data protection standards. A list of subprocessors is available upon request.

8. Data Deletion

Upon project completion or client request:

  • Secure deletion of all client data within 30 days
  • Certificate of destruction available upon request
  • Retention of legally required records only

9. Compliance

We maintain compliance with:

  • General Data Protection Regulation (GDPR)
  • Information Technology Act, 2000 (India)
  • Industry-specific regulations as applicable

10. Data Protection Officer

For data protection inquiries, contact our DPO at contact.adityapatange@gmail.com