Contact Information Policy
ClackTECH keeps your contact information within a Microsoft Outlook (hosted at Microsoft) contact list. This information may contain one or multiple of the following private information: office phone number, private cell phone, private residence, business email, private email, or business address, private residence address. This information is secured using multi-factor authentication (MFA) to login and gain access to. This information is never shared with 3rd party vendors or other clients.
Stored Payment Options Policy
ClackTECH does not store any credit card or ACH information within our private storage, cloud storage, email, nor physical office facilities. All payment information authorized for storage at ClackTECH is stored at Stripe and Adobe within their secured systems.
We will only keep this information within Stripe and Adobe should you electronically fill out the authorized payment options form. This form will contain your payment information, and is processed through Adobe Acrobat electronic signature, and then transferred to Stripe for proper storage and future processing.
Stripe, Inc. and Adobe Inc. are third party data processing companies.
Password Retention Policy
ClackTECH does not store passwords on any systems nor cloud storage systems. Passwords if needed during assistance are written down on physical paper and shredded at the end of each service call.
Data Sharing Policy
We do not share any data with vendors regarding projects, equipment at projects, or data in use at client facilities.
We only share address data with Verizon within our Verizon Wireless partnership. This is required for fixed 4G/5G Business Internet to operate properly at locations which we service through our partnership with Verizon Wireless. No contact nor business information is passed on to Verizon Wireless beyond the address receiving service.
CCTV Data Sharing Policy
ClackTECH does not share any data, video, audio, or chronological data from CCTV surveillance systems to 3rd parties, vendors, government agencies without the consent of the client which owns these systems. All ClackTECH Cloud NVR systems fall within these parameters, and data stored at our facilities is classified as owned by the client which the systems are recording.
You may at anytime during or after the installation of your system, grant permission for ClackTECH to gather and share data with government agencies such as police, sheriff, or federal on an as-needed basis. We will never grant unattended access to your systems to any private or government agency. All data requests must be submitted for a specific event on a specific date and time frame not to exceed 24 hours. Without automatic permission, we will reach out to you the client for permission should we be approached by any agency requesting data from your system.
Cannabis Industry Security Policy: Due to state regulations on the cannabis industry in California, Oklahoma, Colorado, Illinois, and Nevada, ClackTECH may gather data regarding chronological stored data and share with the cannabis boards of these states upon inspection or request. This data is required to meet the minimum security requirements at legal cannabis growing and retail locations. This data does not provide any defining information such as faces, audio, personal information, and is provided to prove CCTV systems and access controls are operating and storing necessary logs to remain in compliance with the laws instituted by the state which your facility is operating in.
NDAA and TAA Compliance
In order to remain compliant with cybersecurity requirements, ClackTECH / CLackLINK will only sell or provide hardware certified NDAA or TAA compliant. This ensures no spyware can infiltrate our networks from the inside, which could compromise the data integrity of our clients’ and their clients’ data. The use of NDAA and/or TAA compliant hardware is determined on a client-by-client basis.
NDAA Requirements
We install in all of our networks a minimum of NDAA compliant hardware. We have many relationships with corporations and private individuals based on our level of expertise, and unwillingness to compromise the security of client data. For this reason, we will kindly refuse offers to install hardware made by Hikvision and its subsidiaries (LTS, Hunt Electronics, and Hikvision OEM/unbranded models), Dahua and its subsidiaries, Hytera, Aventura, Huawei, ZTE, and Kaspersky Lab.
As an approved MSSP of multiple franchise based corporations, we are unable to accommodate requests to install unapproved hardware. Our camera systems by Uniview Technologies are NDAA compliant, however are not TAA compliant as they are owned and manufactured in People’s Republic of China (PRC). Holding the NDAA compliance ensures the hardware does not contain spyware that would return information such as client usage, geographical locations, payment data, facial data, nor other personal browsing data back into the hands of hackers.
TAA Requirements
If your business is involved with providing, manufacturing, or installing items under a GSA Schedule Contract (or for DOD), you must comply with the Trade Agreements Act (TAA). To comply with these measures, we offer hardware and surveillance equipment that is certified under the TAA and will pass all inspections necessary. TAA is more strict than NDAA, and such items offered under NDAA will not be offered should you be required to abide by TAA compliances. products manufactured in People’s Republic of China (PRC) are not authorized for use in these environments. We will not install non-TAA compliant hardware in these environments, and can provide for you affidavits, logs, and photos to backup all installations. Our first goal in these environments is to protect the integrity and security of the citizens of the United States, a goal of which we do not take lightly, nor will cut corners. TAA compliant hardware may cost more than NDAA compliant hardware. Our camera systems