General Statement

ClearComp is committed to protecting Customer information using commercially reasonable efforts.

Any security objectives and requirements specified by the Customer within the MSA are met.

Secure Environment

All Customer data (including PII and Usage Data) collected, stored, or otherwise maintained by ClearComp is kept in a secure environment that meets industry standards for cybersecurity. 

Any Customer data (including PII and Usage Data) collected or obtained by ClearComp is stored and transmitted in encrypted or otherwise secure form.

Personal Data Protection

ClearComp will use commercially reasonable efforts to protect personal data that the Customer inputs into the ClearComp Sales Compensation Platform.

Customer personally identifiable information (PII) will be used only for the stated purposes.

Data subject consent is obtained before the use of the personally identifiable information.

Data Confidentiality

ClearComp will make commercially reasonable efforts to keep all customer data (including PII and usage data) confidential.

Customer business data will be kept confidential and disclosed only to authorized parties.

Customer data is classified according to a predefined ClearComp Data Classification Policy.

Strong authentication techniques are implemented to validate user identity before accessing Customer data.

Customer data within the ClearComp Platform is encrypted at rest using a minimum of 256-bit encryption.

Access Control

ClearComp only allows staff to access the Customer data they need to know to perform their job duties properly.

ClearComp will perform periodic security audits of its access system and methods and will change authentication elements periodically to maintain the integrity and security of access.

Security Breach Notification

ClearComp will promptly notify the Customer of any actual and confirmed security breach that results in the unauthorized access to or disclosure of unencrypted Customer Data.

In the event of an actual breach of security of any system, website, database, equipment or storage medium, or facility controlled by ClearComp or a Service Provider that results in unauthorized access to Customer Data by any third party (including any staff that is not authorized to access such information), any loss, misuse, destruction, deletion or modification that it knows or reasonably believes to have occurred ClearComp will notify the Customer immediately.

Software Development and Change Management

ClearComp will follow commercially reasonable software development practices, including version control, change management, quality assurance, and testing in the development of the Sales Compensation Platform.

Backup and Recovery

ClearComp will regularly back up files containing customer data, which will be at least once every week, and securely maintain such backup files.

Business Continuity and Disaster Recovery

ClearComp maintains business continuity and disaster recovery plans and processes, providing the availability of services for the customer’s benefit in the event of an emergency.

Staff Security

ClearComp will have a background investigation performed on staff, including but not limited to a check of felony and misdemeanor criminal convictions for at least the seven (7) year period immediately preceding the date of hire or otherwise being retained with ClearComp.

ClearComp staff will be provided security and data protection awareness training upon hire and annually thereafter.