About Us
Who we are

Learn about our vision and values

How we work

Learn how we deliver exceptional digital solutions

Services
Branding & Design

Remarkable visual identity for your brand

Software Solutions

Powerful software solutions for your business

Cloud Solutions

Scale your infrastructure with Cloud technology

AI Integration

Enhance productivity with AI-powered solutions

Work
Blog & Resources
Talk to an Expert

Information Security and Data Privacy Policy

Objective

Lambda and its affiliates ("Lambda " or the "Company") are committed to maintaining the integrity and security of confidential information, non-public information, and private information of Lambda and its clients and partners. It is the policy of Lambda to seek to prevent such information from being disclosed through the implementation of specific information security procedures, as described in this Information Security and Data Privacy Policy ("Policy"). The Policy sets forth Lambda 's requirements with respect to the collection, storage, use, transmission, and disposal of information in electronic, voice, or tangible written forms.

This Policy covers all personal data of the Company's employees, consultants, external vendors, clients, end customers of Company clients, and other natural persons, as well as all confidential information of the Company and any third parties who have provided confidential information to the Company (collectively, "Confidential Information"). This Policy applies to all employees, consultants, subcontractors, and agents ("Company Personnel"), as well as other third parties, who access information in any Lambda facility or on any Lambda system.

Policy Description

Privacy

Lambda values the privacy of all individuals whose information is accessible to the Company and Company Personnel. The Company seeks to adhere to the following privacy principles:

  • To collect only information that is necessary and relevant
  • To maintain information in a secure manner
  • To use reasonable practices and technology consistent with industry standards to safeguard the security and privacy of data
  • To limit access to only those persons who have a legitimate business need to access the information
  • To copy and disseminate information only as necessary to conduct Company business, perform services in accordance with client agreements, or comply with applicable laws and regulations
  • To disclose information to Company Personnel and other third parties only after receiving reasonable written assurances regarding confidentiality

Safeguards

To protect Confidential Information, Lambda seeks to implement physical, technical, and administrative safeguards, as detailed in the sections below.

1. PHYSICAL SECURITY

Facility Access and Control

Lambda maintains a policy defining secure areas such as server rooms, network management centers, backup facilities, and communication rooms.

Security for Non-Electronic Information

Company Personnel are expected to follow Lambda policies to protect Confidential Information in non-electronic form (e.g., paper, microfilm, and microfiche). Measures for information deemed highly sensitive or vulnerable to misappropriation (including PII) include storage in locked file cabinets or similar locations or in file cabinets or other storage that clearly delineate that they contain Confidential Information and that are kept secure both during and after business hours.

Removal/Disposal of Data

Destruction of materials that contain Confidential Information will be by shredding (if hard copy), or if stored in an electronic format, in a secure manner.

2. TECHNICAL SAFEGUARDS

Access Control

Lambda implements technical policies and procedures that allow only authorized persons to access Confidential Information.

Company Personnel responsible for designing, implementing, or managing Systems are required to comply with all Lambda policies for the protection of electronically stored information. Several types of measures are required for the protection of Confidential Information stored electronically, whether on servers, individual computers, portable devices, voicemail systems, or other media. These measures include password protection, authorization protocols, electronic measures (such as file protection or encryption), and common-sense procedures to minimize the possibility of theft, unauthorized access, change, or interruption.

3. ADMINISTRATIVE SAFEGUARDS

Audit Controls and Monitoring

Lambda's internal audit and compliance functions, as well as its information security function, evaluate compliance with these information security and data privacy policies and procedures. Lambda also is subject to external audits in connection with ISO and other certification processes, as well as audits conducted of particular client processes, whether conducted by the clients themselves or external consultants engaged by the clients.

Security Management Process

Lambda undertakes efforts to identify and analyze potential risks to electronic Confidential Information and to implement security measures that reduce risks and vulnerabilities to a reasonable and appropriate level. Such efforts include utilization of network monitoring and intrusion detection systems, as well as periodic risk assessments conducted by Lambda or independent third parties to identify the effectiveness of existing security measures and to take into account new or changing risks to Lambda Confidential Information and Company Systems.

Information Access Management

Lambda has policies and procedures for authorizing access to Confidential Information only when such access is appropriate based on the user or recipient's role. Such role-based access is designed to limit access to particular items of Confidential Information only to those Company Personnel who have a legitimate business need, consistent with their job function, to access such items of Confidential Information.

Information Security and Privacy Incident Management

Lambda has an information security and privacy incident management process which requires security incidents to be effectively reported, remedied, investigated, and monitored to ensure that corrective and preventive actions are taken to control and remediate security incidents in a timely manner.

4. SUPPLEMENTAL GUIDELINES OR PROCEDURES

Any supplemental guidelines or procedures referenced in this Policy may be obtained by contacting the Information Security Group. The policy will continue to be in force unless superseded by a fresh policy. Lambda reserves the right to supplement, change, or discontinue any portion of this Policy from time to time at its sole discretion.