Identity Fraud Risk
Identity Fraud Risk Policy
Last updated : October 1st 2023
The primary aim of this policy is to outline the controls and measures in place to mitigate the risk of identity fraud within the Boardwave Community. This policy extends to all users of our platform and internal personnel who have access to personally identifiable information (PII).
This policy applies to any data stored, processed, or transmitted that can be used to identify an individual, including but not limited to names, email addresses, and business affiliations.
All data transmitted over the internet is encrypted using SSL/TLS protocols.
Only essential personal data is collected to provide services effectively.
Multi-Factor Authentication (MFA) is mandatory for all users and internal staff with access to PII.
Role-Based Access Control (RBAC) is in place to ensure the minimum number of authorized personnel, have roles that give them access to PII.
Active User Consent
Regular penetration tests are carried out by a reputable third-party to assess the platform's vulnerability to identity fraud risks.
All data collection and processing activities are in compliance with GDPR.
Users have the right to request access, correction, or deletion of their PII.
Reporting Suspected Identity Fraud
If you believe you have been a victim of identity fraud or notice suspicious activity, contact us immediately by emailing email@example.com. Please mark the email title as "Identity Fraud Report".
Monitoring and Review
This policy is subject to periodic review and updates to adapt to technological advancements or regulatory changes.
The responsibility for implementing this policy rests with the senior management of Boardwave Limited.