Information security

To deliver voice consultancy services, project and operational support on routing solutions, call analytics, and user experience design for our clients, Sound of Data relies on the secure processing, storage, and transmission of information. This includes information entrusted to us by our clients and, where applicable, their customers, as well as information supporting our internal operations and service delivery.

Information security within Sound of Data is essential to safeguarding customer confidentiality, maintaining routing and service integrity, and ensuring the availability and reliability of telecommunications and contact centre services. Secure configuration management, controlled access to customer environments, protection of credentials and operational data, and structured change management processes form a critical part of our operational model and governance framework.

We are committed to protecting the confidentiality, integrity, and availability of information by applying appropriate technical and organizational security measures. Information security is managed in compliance with applicable laws and regulations and supports the secure and reliable delivery of our services. Where relevant, this includes alignment with privacy and data protection requirements.

We continuously challenge ourselves to improve our information security practices and to prevent security incidents, unauthorized access, and loss or misuse of information. We monitor performance and evaluate outcomes to ensure effective risk management and integration of information security into our business processes. Everyone at Sound of Data is responsible for handling information securely, in accordance with internal information security policies and the principles established under our integrated management system.

Teamwork, engagement, ownership, and support from everyone in the organization are critical to achieving our information security objectives. We are committed to providing the necessary leadership and resources to enable Sound of Data to review, maintain, and communicate information security practices as part of our integrated management system.

We are committed to achieving high standards in the way we design, deliver, and operate our services and organizational processes. To this end, we have implemented an integrated management system that brings together our key governance domains. This system applies to the entire organization and supports consistent, controlled, and responsible management of our activities. Where applicable, our integrated management system is aligned with internationally recognized standards and is subject to independent assessment.

• We ensure that sufficient and appropriate information security measures are put in place to prevent any unlawful or unauthorized use, access, or accidental loss of personally identifiable information.

• We process personally identifiable information in a fair, lawful, and transparent manner. When relevant, we will ensure that individuals are aware of and consent to the collection and use of their personally identifiable information.

• We only collect, process, and store the personally identifiable information necessary to fulfill the specified purposes. We will not retain personally identifiable information beyond what is necessary for the purpose or purposes for which it was collected.

• We recognize that we are responsible for the personally identifiable information under our control. To ensure compliance with these principles and all applicable data protection laws and regulations, we have designated individuals to oversee this responsibility.

• We only process personally identifiable information in accordance with laws and regulations, and within the limits of the purposes specified in our privacy policy. Additionally, we adhere to the requirements outlined in our security policies and contracts with customers and suppliers.