1. Introduction

GoPerfect is committed to ensuring a secure, compliant, and ethical workplace by implementing robust data protection, training & awareness, personnel security, and information security measures. This policy aligns with applicable regulations, including GDPR, CCPA, and industry best practices, and applies to all employees, contractors, and third parties working with GoPerfect.

2. Data Protection Policy

GoPerfect prioritizes data privacy and security in compliance with global regulations such as GDPR and CCPA. The following measures ensure that personal and corporate data are safeguarded:

2.1 Data Collection & Processing

• Data is collected only for legitimate business purposes and is limited to what is necessary​.
• Personally Identifiable Information (PII) is processed only with the necessary consent or under contractual obligations​.
• Bias-free data handling: No collection or processing of gender, age, ethnicity, or location of birth to ensure fair talent sourcing​.
• Data augmentation is performed in a compliant and ethical manner, without compromising privacy​.

2.2 Data Security & Storage

• Data is stored in Google Cloud Platform (GCP) with industry-standard encryption to ensure secure storage and transmission​.
• Employees must follow access control policies, including role-based access (RBAC) and **multi-factor authentication (MFA)**​.
• Regular compliance audits are conducted to ensure adherence to privacy regulations​.

2.3 Data Retention & Deletion

• Data is retained only as long as necessary for operational or legal requirements.
• Upon request or contract termination, data is securely deleted or anonymized using verified deletion protocols​.

3. Training & Awareness Policy

GoPerfect provides ongoing security awareness training to employees, with a particular focus on phishing prevention, social engineering threats, and compliance awareness.