Effective Date: 21 May 2025
Version: 1.0
The purpose of this Information Security Management System (ISMS Policy) Policy is to protect the information assets of Tru Performance from all threats, whether internal or external, deliberate or accidental, to ensure business continuity, minimize business risk, and maximize return on investments and business opportunities.
This policy applies to all employees, contractors, and third-party users of information systems and services within Tru Performance. It encompasses all aspects of information security related to the digital marketing, IT development, and BPO services provided to our clients, especially those based in North America and India. It also encompasses all data processing activities, including those involving personal data of individuals in jurisdictions governed by CCPA and GDPR, irrespective of where the data is processed.
Ensuring that information is accessible only to those authorized to have access.
Safeguarding the accuracy and completeness of information and processing methods.
Ensuring that authorized users have access to information and associated assets when required.
Protecting personal data in compliance with applicable data protection laws and ensuring individuals’ privacy rights are respected.
Regularly assess risks to the company’s information assets and implement appropriate measures to mitigate identified risks.
All employees will receive regular training on information security and its importance.
Access to information will be controlled on the basis of business and security requirements.
Information security incidents will be reported and investigated to prevent recurrence.
Compliance with legal, statutory, regulatory, and contractual requirements will be ensured.
Implement measures for data minimization, purpose limitation, and uphold data subject rights such as access, rectification, and erasure.
Conduct risk assessments for third-party service providers and establish data processing agreements to ensure compliance with data protection obligations.
Senior management is committed to supporting ISMS initiatives to improve the overall security posture of Tru Performance.
All employees are responsible for adhering to the ISMS policy in their day-to-day operations.
An ISMS team shall be responsible for implementing, maintaining, and improving information security.
Tru Performance will ensure compliance with international data transfer regulations when handling client data across borders. The company will implement appropriate measures such as Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs), to protect the privacy and security of client data in accordance with relevant laws and agreements.
Dispute resolution mechanisms related to information security matters will be established, clarifying how disputes will be resolved between Tru Performance and its clients.
Tru Performance will maintain comprehensive records related to information security incidents, risk assessments, and compliance activities to meet potential legal and regulatory requirements. Tru Performance will maintain records of employee training on information security, useful for demonstrating compliance during audits or legal inquiries.
Key terms used in this policy include:
Tru Performance acknowledges and upholds the rights of data subjects under applicable data protection laws, including:
Tru Performance will monitor and assess changes to legal and regulatory requirements related to information security and data protection. The teams responsible will evaluate implications and update the ISMS policy as needed.
In the event of a data breach, Tru Performance will follow breach notification procedures in accordance with applicable laws. Affected data subjects and regulatory bodies will be notified within the timelines stipulated under the applicable laws.
This policy will be reviewed annually or following significant changes to the organization or the risk environment, to ensure its continuing suitability, adequacy, and effectiveness.
From the beginning of our partnership, we were a young company creating a new category for data visibility, security and protection. And, it’s not always easy to work with startups like ours that face a multitude of challenges. But they took our challenges with focus, expertise, and relentless dedication – and helped us grow all the way through acquisition in just a few short years. I can confidently say we would not be where we are today without them. They’re also a joy to work with – always on – and staying several steps ahead!
“We have partnered with Tru Performance to run digital marketing projects in various English, Spanish and German speaking countries. It is beautiful to work with them. We appreciated in particular their great service, seamless integration of their work into our projects, technical expertise and their innovative approaches to solve customer’s marketing problems. Highly recommended.”
“I came in contact with Tru Performance searching for a Marketing Outsourcing Services provider. By taking a look at their previous projects and having calls, we agreed to work together, basically, on SEO and Digital PR. They have worked incredibly well with our clients by being communicative and transparent all the time.”
“Tru Performance has helped us in the development of one of our projects which involved development, designing and managing an online store. The company’s talents are evident with their excellent work on this scope, using both web design skills as well as advertising strategies to promote it further.”
“The Tru Performance team is a great partner in our efforts to build out and improve our digital presence. They are dedicated to meeting our high (and sometimes shifting!) needs. Additionally, the team goes above and beyond to recommend ways to quickly approve and adapt our processes to better leverage the tools we have in our tech stack for sales and marketing. Great team. Great partners.”
