At Engage IQ, a division of Digital Convergence Technologies Inc. (DCT), we understand that data security is the foundation of trust. Whether you are a market research panelist sharing your demographic details or a corporate partner trusting us with campaign management, safeguarding your information is our highest priority.
This page outlines the technical and organizational measures we implement to protect the data entrusted to our lead generation and audience recruitment platform.
1. Data Protection and Encryption
We employ industry-standard encryption protocols to protect your data both when it is moving across networks and when it is stored on our servers.
- Data in Transit: All communications between your browser, our applications, and our databases are encrypted using TLS/SSL (Transport Layer Security/Secure Sockets Layer) to prevent interception.
- Data at Rest: Sensitive user data, including personal identifiers and survey responses, is encrypted at rest using strong encryption algorithms (e.g., AES-256) within our secure databases.
2. Infrastructure and Network Security
Our platform is hosted on secure, industry-leading cloud infrastructure designed to withstand threats and ensure high availability.
- Perimeter Defense: We utilize web application firewalls (WAF), DDoS mitigation services, and advanced bot detection mechanisms (such as Google reCAPTCHA) to block malicious traffic and brute-force attacks.
- System Monitoring: Our systems are continuously monitored for suspicious behavior, unauthorized access attempts, and performance anomalies.
- Data Backups: We maintain regular, encrypted backups of our databases across multiple geographically distinct locations to ensure rapid disaster recovery and business continuity.
3. Access Controls and Authentication
We strictly limit access to production environments and user data to authorized personnel who need it to perform their job functions.
- Role-Based Access Control (RBAC): Team members are granted the minimum level of system access necessary for their specific roles.
- Multi-Factor Authentication (MFA): All DCT administrative accounts, developer access points, and internal dashboards require MFA to prevent unauthorized logins.
- Audit Logging: We maintain comprehensive audit logs of administrative actions and data access events to trace system modifications and ensure accountability.
4. Third-Party Vendor Management
To deliver our services, we integrate with trusted third-party tools, including CRMs, HR systems, and payment processors. We hold our vendors to the same high security standards we apply to ourselves.
- Vendor Assessments: Before integrating a new service, we review their security posture, data handling practices, and compliance certifications to ensure they meet our internal security requirements.
- Secure Integrations: All data sharing with third parties is conducted over secure APIs utilizing encrypted tokens and authenticated endpoints.
5. Vulnerability Management
Security is an ongoing process, and we proactively test our systems to identify and patch potential weaknesses.
- Regular Scanning: We conduct automated vulnerability scans on our applications and underlying infrastructure.
- Patch Management: Security patches and software updates are evaluated, tested, and deployed promptly to mitigate newly discovered threats.
6. Incident Response
While we strive to prevent security incidents, we are prepared to respond swiftly if one occurs. We maintain a documented Incident Response Plan designed to rapidly identify, contain, and remediate security breaches. In the event of a confirmed data breach that impacts your personal information, we will notify affected individuals and relevant regulatory authorities as required by applicable law.
7. Report a Security Vulnerability
We welcome feedback from the security research community. If you believe you have discovered a security vulnerability in the Engage IQ platform, please report it to us immediately.