Resources
Legal documents and security related resources
Master Services Agreement
Omnibus Service Attachment
Schedule of Services
Data Processing Agreement
Service Level Agreement
Schedule of Third Party Services
Privacy Policy
SOC 2 Type 2
Security Roles and Responsibilities
Subprocessors
To support delivery of our Services, Imagis may engage and use third-parties or data processors with access to certain Customer Data (each, a "Subprocessor"). The The Schedule of Third Party Services lists all possible third-party vendors that may be resold to the client as well as each potential data Subprocessor. Prior to engaging any third party or data Subprocessor, Imagis performs due diligence to evaluate privacy, security and confidentiality practices, and executes an agreement implementing its applicable obligations. Any product or vendor that is used in delivering services to our clients undergoes a process that may include some or all of the following - • Formal evaluation and comparison framework is established based on business requirements. • Top providers are researched and chosen based on independent third-party reviews and industry surveys such as Gartner • Providers undergo our internal third-party risk management process and which may include a security risk assessment or review of the recent SOC2 or ISO27001 reports • The product or solution is tested for appropriate interoperability with existing solutions and service processes. • The solution is tested in a sandbox or isolated test environment • A product owner or champion is assigned to own the solution internally • Deployment of the solution internally within our own business. • Training and relevant certifications are obtained to support and deploy the product
Monitoring
Compliance
Data privacy and security frameworks Imagis aligns to or maintains certifications in.