Privacy and Data Protection
NucleusTeq is committed to the lawful, ethical, and transparent handling of personal and sensitive information across its operations.
We maintain a comprehensive Data Privacy Policy that governs how personal data from customers, employees, partners, contractors, and website visitors is collected, processed, and protected. Our practices align with global data protection regulations including GDPR and CCPA, with defined accountability and oversight to ensure compliance and continuous enforcement.
Data Retention and Disposal
We follow a structured Data and Record Retention Policy to meet legal, regulatory, and contractual obligations. Data retention schedules are formally reviewed and enforced, including defined retention periods for financial, legal, and operational records. Secure disposal processes and legal hold procedures ensure data is retained or removed appropriately throughout its lifecycle.
Data Classification and Handling
All data is classified based on sensitivity and business value, including Confidential, Internal Use, Public, and External Origin categories. Classification determines how data is accessed, stored, shared, and protected, ensuring appropriate safeguards are applied consistently.
Secure Data Sharing
NucleusTeq follows SOC 2 aligned data sharing principles. Internal and external data access is governed by least privilege and need to know controls. External sharing requires formal approvals, contractual protections such as NDAs or DPAs, third party risk assessments, and encrypted transmission channels.
Media Handling and Disposal
We enforce strict controls for handling and disposing of physical and digital media containing sensitive data. Secure storage, encrypted transfer, logged handling, and approved sanitization methods are required. Where third party disposal services are used, formal certification of destruction is maintained.
Business Continuity
NucleusTeq designs its operations to remain resilient and available, even in the face of unexpected disruptions.
Business Continuity and Disaster Recovery
Our Business Continuity and Disaster Recovery framework is designed to protect the confidentiality, integrity, and availability of systems and data. We conduct regular risk assessments aligned with SOC 2 Trust Services Criteria to identify potential threats and ensure appropriate controls are in place.
Data Backup and Recovery
We maintain defined policies for regular data backups, secure storage, and restoration testing. Backup procedures apply across systems and environments to support rapid recovery and continuity of business operations. Ownership and execution are governed by dedicated IT and security teams to ensure reliability and accountability.
Product and Engineering Security
Security is embedded into how NucleusTeq designs, develops, and operates its products.
Secure Development Lifecycle
NucleusTeq follows a Secure Software Development Lifecycle that integrates security controls from design through deployment. This includes threat modeling, access control enforcement, strong authentication mechanisms, encryption of sensitive data, secure coding practices, and automated security testing. Our development practices align with industry standards including SOC 2 and GDPR requirements.
Vulnerability and Patch Management
We maintain a formal vulnerability management program to identify, assess, and remediate security risks. Regular internal and external scans are conducted, vulnerabilities are prioritized based on severity, and remediation timelines are clearly defined. Any exceptions follow documented and approved risk acceptance processes.
Software Installation Controls
Software installation on company owned systems is strictly controlled. Only authorized tools approved by IT are permitted, with defined procedures for licensed and open source software. These controls help reduce exposure to unauthorized applications and security risks.
Our Commitment
NucleusTeq continuously reviews and strengthens its policies, controls, and security practices to meet evolving regulatory, customer, and industry expectations. Trust, transparency, and accountability remain central to how we support our customers and partners.
Contact us at security@nucleusteq.com for more information
