Protection of customer data :
Cherry is committed to respecting, protecting and safeguarding privacy and confidentiality of data and information entrusted to it by its customers. In order to ensure that our customer's data is safeguarded adequately Cherry has following systems in place to mitigate internal and external sources of risk:
People :
- Employee background checks
- Employee training
- Real time monitoring of personnel
- Dedicated teams for each client for the development, implementation and coordination of policies and procedures specific to that client's processes
- Each employee is required to follow our “Code of Conduct”
Physical Security :
- Security personnel deployed in all entry and exit points.
- Mandatory frisking of all employees
- Biometric or some advanced technologies can be used to track the employee movement on client demand
- Paperless office (No recording instruments, mobiles or phones are allowed on service floor)
- Physically secure network operations data center(s) (NOC)
- No one is allowed without proper ID.
- Physical isolation of customer teams on floor
- Only management has access to crucial data. Any material movement of data must be
authorized by the concerned person and is trackable. - Image capturing devices like scanners or photocopiers are not allowed in the work spot
- Restricted Internet access on the service floor
- Computer in the working area are secure against data duplication.
- We adopt extensive log monitoring, analysis and co-relation, etc.
IT Systems :
- Hierarchical access permissions for IT management
- We use LivePerson chat application that is equipped with SSL Encryption ( Secure Sockets Layer (SSL) protocol) to keep customer-sensitive data, such as financial information and credit card numbers, completely secure. Designated-sensitive communications are transferred over an SSL connection, which uses a private key to encrypt data.
- Rigorous password management
- Layered Firewall security
- Constrained user interface and controlled Internet access for associates
- CD and floppy drives removed from service floor systems
- Data should be exchanged over the broadband through the secure server in an highly
encrypted manner - All entry/exit points are secure and all movement is logged.
Service Level Agreements (SLA) : We have very strict confidentiality and security clauses built into them at the network and data level. Such SLAs also cover all relevant laws that our clients want us to comply with and actions that can be taken in case of breaches.
No marketing lists : We do not engage in creating or selling lists of consumer names for direct marketing purposes nor do we selling or license consumer names or other personal information to companies or individuals who use the information for that purpose
Non Disclosure agreements (NDA) : We have strict NDAs with our clients which address the issue of client confidentiality.