1. Overview

Rundoo maintains a comprehensive Information Security Program (“Program”) designed to protect the confidentiality, integrity, and availability of sensitive information, including customer data, company records, and proprietary information. The Program is aligned with industry standards and applicable legal requirements but is tailored to Rundoo’s specific operational needs and priorities.

2. Scope

This Program applies to all employees, contractors, and third-party service providers of Rundoo who handle sensitive information or access Rundoo’s systems and infrastructure. The guidelines set forth in this policy serve as a framework for ensuring secure operations, but adherence does not constitute any warranty or guarantee of complete security.

3. Key Elements of the Program

• Risk Management: Rundoo conducts periodic risk assessments to identify potential vulnerabilities in its systems and processes. Risk mitigation strategies are implemented based on these assessments but are not exhaustive of all risks.
• Access Controls: Role-based access is enforced to ensure that individuals only access data necessary for their job functions. Access controls are reviewed regularly but are not a guarantee against unauthorized access.
• Data Encryption: Rundoo employs encryption technologies to safeguard sensitive data both at rest and in transit, though encryption does not ensure absolute protection from breaches or unauthorized disclosure.
• Incident Response: Rundoo has an incident response plan in place to address data breaches or security incidents promptly. Response efforts are handled as appropriate to the nature of the event but do not guarantee specific remedies or resolutions.
• Employee Training: All personnel receive training on data security protocols relevant to their roles. Ongoing education is provided, but Rundoo does not warrant that all potential threats will be covered or mitigated.

4. Program Modifications

Rundoo reserves the right to modify or update this Information Security Program at its discretion, without prior notice. Any changes will be made in the interest of protecting Rundoo’s operations and data, and no specific results or security outcomes are guaranteed.

5. Disclaimer

This policy is intended as a general guideline for information security management. It does not create any contractual obligations, representations, or warranties by Rundoo regarding the absolute security of information or systems. The Program is subject to change based on evolving threats, legal requirements, and business needs.

https://embed.notionlytics.com/wt/ZXlKM2IzSnJjM0JoWTJWVWNtRmphMlZ5U1dRaU9pSkNZMlJNVm1seFdHUjViMmRYZERKbVlsQkpaaUlzSW5CaFoyVkpaQ0k2SWpFeU1HVXhNVE01T0RabFlUZ3dZMlJoTldVMFptWXhZekl6WXpsbE1EbGhJbjA9