FusionByte Media LLC (“FusionByte,” “we,” “us,” or “our”) is committed to protecting the confidentiality, integrity, and availability of all information entrusted to us. This Information Security Policy (“Policy”) outlines the administrative, technical, and physical safeguards implemented to protect systems, data, and operations.

This Policy applies to all employees, contractors, vendors, partners, and users who access FusionByte systems or data.

1. Security Objectives

FusionByte’s security program is designed to:

• Protect personal, confidential, and proprietary information

• Prevent unauthorized access, disclosure, alteration, or destruction

• Maintain business continuity and system availability

• Detect, respond to, and recover from security incidents

• Support compliance with applicable legal and contractual obligations

2. Scope

This Policy applies to:

• All company systems, servers, networks, cloud services

• Websites, APIs, databases, and integrations

• Customer data, lead data, and operational data

• Employees, contractors, and authorized third parties

3. Governance and Accountability

FusionByte maintains internal responsibility for security oversight, risk management, and incident response.

Security policies are reviewed periodically and updated as needed.

4. Access Control

FusionByte enforces role-based access controls, including:

• Unique user accounts

• Strong authentication credentials

• Least-privilege permissions

• Timely revocation of access upon termination

• Monitoring of access activity

Administrative access is restricted to authorized personnel only.

5. Network and Infrastructure Security

Security controls include:

• Firewall protections

• Segmented network architecture

• Secure VPN access where applicable

• Regular patching and system updates

• Intrusion detection and monitoring

• Secure server hosting environments

6. Data Protection

FusionByte protects data through:

• Encryption in transit (HTTPS, TLS)

• Encryption at rest where appropriate

• Secure storage systems

• Access logging

• Secure backups

Data is classified based on sensitivity and handled accordingly.

7. Application and Development Security

FusionByte applies secure development practices including:

• Code reviews and testing

• Dependency management

• Vulnerability remediation

• Secure configuration management

• Change management controls

8. Endpoint and Device Security

Devices accessing FusionByte systems must:

• Use up-to-date operating systems

• Employ antivirus / endpoint protection

• Enable device-level encryption where applicable

• Use secure authentication

• Restrict unauthorized software

9. Vendor and Third-Party Security

FusionByte evaluates vendors for:

• Security posture

• Data handling practices

• Contractual safeguards

• Incident response alignment

Subprocessors are contractually required to maintain security controls.

10. Logging and Monitoring

FusionByte maintains logging and monitoring for:

• System access

• Authentication attempts

• API usage

• Network activity

• Anomaly detection

Logs are retained per operational and legal requirements.

11. Incident Response

FusionByte maintains an incident response framework to:

• Detect and assess security incidents

• Contain and mitigate threats

• Preserve forensic evidence

• Notify affected parties as required

• Implement corrective actions

12. Business Continuity and Backup

FusionByte maintains:

• Regular data backups

• Disaster recovery planning

• Redundancy strategies

• Restoration testing

13. Data Retention and Disposal

Data is retained only as long as necessary and securely deleted or anonymized when no longer required.

14. Employee Training and Awareness

Personnel receive training on:

• Security best practices

• Phishing awareness

• Data handling requirements

• Incident reporting

15. Physical Security

Facilities and equipment are protected through reasonable physical security measures including restricted access.

16. Compliance and Audits

FusionByte periodically reviews security controls and may conduct audits or assessments.

17. Policy Enforcement

Violations may result in disciplinary action, suspension of access, or termination.

18. Changes to Policy

FusionByte may update this Policy periodically.

19. Contact Information

For security inquiries or incident reporting:

📧 info@fusionbyte.io
🌐 www.fusionbyte.io