YYT Consulting

Notice

Data Security

Data Security for visitors, clients, procurement teams, and partners of YYT Consulting.

Security approach

YYT Consulting protects client and business information through administrative, technical, and organizational safeguards designed to reduce unauthorized access, disclosure, alteration, and loss. Security practices are proportionate to the sensitivity of the information and the nature of the engagement.

Confidentiality governance

Client strategy, financial, organizational, personnel, market, customer, and project materials are treated as confidential. YYT personnel and approved collaborators are expected to use information only for the relevant business purpose.

Access controls

Project materials are generally organized by client and project. Access is limited to individuals with a business need. Additional restrictions, approvals, or client-approved platforms may be used for sensitive materials.

Data minimization

YYT seeks to collect and use only the information reasonably needed to evaluate inquiries, deliver services, manage relationships, and meet legal or contractual obligations. Clients are encouraged to avoid sending unnecessary sensitive information.

Transmission and storage

YYT encourages secure transfer channels for sensitive files. Where appropriate, project teams may use password protection, access-controlled workspaces, encrypted services, or client-designated systems.

Vendor management

Service providers that support hosting, collaboration, communications, analytics, or other operations may process information for YYT. YYT aims to select vendors with reasonable security practices and appropriate contractual commitments.

Retention and disposal

Project file retention, archiving, return, or deletion is handled according to the applicable agreement, client requirements, legal obligations, and reasonable business needs. Different types of records may have different retention periods.

Incident response

If YYT becomes aware of a security event that may affect client or personal information, it will assess the event, take reasonable containment steps, and notify relevant parties as required by law, contract, and reasonable business practice.

Client responsibilities

Security is shared. Clients should use approved transfer channels, limit unnecessary sensitive data, manage their own access rights, and promptly notify YYT if they believe information was sent to the wrong recipient or compromised.

No absolute security

No system, transmission method, or storage environment can be guaranteed to be completely secure. YYT uses reasonable safeguards, but cannot guarantee that unauthorized access or security incidents will never occur.