AGS Data Security Policy

The AGS data protection policy is our commitment to protecting client data.

We are committed to:

• Complying to our data protection principles listed below.
• Processing client data only to meet our operational needs or to fulfill legal and contractual requirements.
• Ensuring that data is collected and used fairly and lawfully.
• Establishing appropriate retention periods for client data.
• Ensuring that data subjects’ rights can be appropriately exercised.
• Ensuring that all staff is made aware of standard practice for data protection.
• Providing sufficient security measures to protect client data.
• Ensuring that inquiries about data protection, internal and external to AGS, is dealt with effectively and promptly.
• Regularly reviewing data protection procedures and guidelines within the organization.

Our data protection principles:

• Client data shall be obtained with the purpose of completing our contractual obligation to the Client, and shall not be further processed in any manner incompatible with that purpose.
• Client data shall be processed fairly and lawfully.
• Client data (processed or unprocessed) shall not be kept for longer than is necessary to complete our contractual obligation to the Client.
• Appropriate technical and organizational measures shall be taken against the unauthorized processing of Client data, and against the accidental loss, destruction, or damage to client data. To this end, Client data will be stored on our servers and protected with 128-bit encryption. Each file will be protected with a unique password, which will be held only by the Project Manager and analysts assigned to the project.

We are PCI DSS Certified

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle major credit cards. The standard was created to increase controls around cardholder data to reduce credit card fraud.

It is issued by the PCI Security Standards Council.