Information Security Policy

1. Purpose

The purpose of this policy is to outline the security measures, controls, and practices to be followed by Crypto Mart in order to safeguard the confidentiality, integrity, and availability of its sensitive information, customer data, and operational assets.

2. Scope

The policy applies to all employees, contractors, vendors, and any other personnel who have access to Crypto Mart’s information systems, networks, and data.

3. Access Controls

Maintaining the confidentiality of information within Crypto Mart’s BTM operations relies fundamentally on security controls. We place a stringent limit on access to your personal information and take reasonable precautions to ensure that your data remains inaccessible to unauthorized individuals. Measures including strong authentication, including multi-factor authentication (MFA) will be rigorously enforced to ensure that your personal information is not accessible to the public. During both transmission and storage, advanced Transport Layer Security (TLS) encryption safeguards this data, assuring its confidentiality. Access to personal or transactional information is strictly restricted to employees or third-party agents who require this information for specific job-related tasks.

4. Responsibility of Personnel

Our employees and extended team, including contractors and third-party agents, are resolutely dedicated to upholding the security and privacy of your personal information. Strict adherence to our company policies stands as a fundamental principle, and any violations of these policies will be met with appropriate disciplinary measures. Regular training will be conducted for all relevant personnel to educate them about potential threats and best practices.

5. Physical Security

Comprehensive physical security measures are in place to safeguard the physical locations of our BTMs. Surveillance systems, tamper-resistant casings, locks, and software alerts work in tandem to provide a robust defense against potential attackers. These protocols collectively contribute to the safeguarding of our operational environments.

6. Incident Response and Reporting

In compliance with applicable federal and state laws, Crypto Mart is committed to promptly notifying customers and relevant regulatory agencies in the event of an information security breach involving personal information. All employees or third-party agents are responsible for reporting any security incidents to the BSA Compliance Officer and/or Senior Management. The team shall work diligently to investigate the root causes of the breach, mitigate its impact, and take appropriate measures to prevent future occurrences.