Data Security & Information Handling

JGA is committed to protecting the confidentiality, integrity, and security of client information across all engagements.

Scope of Services:

Goldman WMS operates as an advisory, system implementation, and staff augmentation partner. We do not function as a data hosting provider and do not maintain client production systems or databases unless explicitly required as part of a defined engagement.

Where access to client systems or data is necessary, such access is limited, controlled, and governed by client-specific policies and contractual agreements.

Access Control:

Access to client information is strictly limited to authorized personnel based on project requirements.
Access is granted on a need-to-know basis
Credentials and permissions follow client-defined security protocols
Access is removed promptly upon project completion or role change
‍
Data Handling Practices:

Goldman WMS follows responsible data handling practices to minimize risk and ensure confidentiality:

Client data is only accessed when necessary for project delivery
Sensitive information is shared through secure and approved channels
Data is not stored locally or outside of client-approved environments unless explicitly authorized
All data handling is governed by confidentiality agreements and contractual obligations
System & Communication Security

We utilize secure systems and communication methods in all client engagements:
‍
Secure networks and trusted systems are used for all work activities
Encryption and secure file transfer methods are used where applicable
Unsecured or personal storage of sensitive client data is prohibited
Client Policy Alignment

Goldman WMS aligns with client-specific information security and IT governance requirements, including:

Access control policies
Security and compliance frameworks
Audit and review procedures

We actively participate in vendor security reviews and comply with reasonable client security requirements.

Confidentiality

All personnel engaged by Goldman WMS are subject to confidentiality obligations.

We maintain strict standards regarding:

Protection of sensitive business information
Ethical handling of client data
Compliance with non-disclosure agreements
Third-Party & Subcontractor Controls

When third-party or subcontractor resources are utilized:

They are bound by confidentiality and data protection requirements
Access is restricted and controlled in accordance with client expectations
They are required to adhere to the same data security standards as Goldman WMS
Incident Response

In the event of a suspected data security issue, Goldman WMS will:Notify the client promptly
Cooperate fully in investigation and resolution
Take appropriate corrective actions to mitigate risk
Continuous Improvement.

JGA periodically reviews its data security practices to ensure alignment with evolving client requirements and industry expectations.