Scope
This policy applies to all information systems, data, and records maintained by ATX Global Ventures, LLC, including but not limited to: client order data and delivery schedules, warehouse inventory and lot-traceability records, facility access control records, employee and vendor contact information, and digital systems supporting our 3PL and supply chain operations.
Administrative Safeguards
ATX Global Ventures implements the following administrative controls to protect information:
- Formal access control policy restricting data access to personnel with a demonstrated business need
- Annual security awareness training for all personnel with access to client or operational data
- Background screening for personnel in sensitive operational or data-handling roles
- Written confidentiality agreements for all employees, contractors, and operating partners
- Regular review of this policy and associated security procedures
Technical Safeguards
- TLS/HTTPS encryption for all data transmitted through our website and client-facing portals
- Password policies requiring strong credentials and periodic rotation for all system accounts
- Multi-factor authentication (MFA) for remote access to operational systems
- Automated backups of critical operational data with off-site redundancy
- Patching and update schedules for all networked systems on a defined cadence
Physical Safeguards
- Keycard and PIN-controlled access to warehouse floor and server/network closets
- 24/7 CCTV surveillance of all facility entry points, dock doors, and storage areas
- Clean desk and locked cabinet policies for sensitive paper records
- Secure destruction of physical media and documents containing confidential information
Inventory & Order Data Handling
Client order data, delivery schedules, and inventory records are maintained in access-controlled systems and are shared only with personnel directly involved in order fulfillment. Lot-level traceability records are archived for a minimum of three years to support regulatory audit, food-safety recall, and government contract record-retention requirements.
Incident Response
In the event of a confirmed or suspected data security incident, ATX Global Ventures will:
- Contain and assess the incident within 24 hours of discovery
- Notify affected clients and, where required by law, regulatory authorities within the applicable timeframe
- Conduct a post-incident review and implement corrective actions within 30 days
- Document the incident and response in our security incident log
Subcontractor & Vendor Flow-Down
All subcontractors, logistics partners, and vendors who receive or process client data or have access to our operational systems are required to maintain security controls consistent with this policy as a condition of their engagement. Flow-down requirements are documented in applicable vendor agreements.
Contact
For information security questions or to report a potential security incident:
- Email: compliance@atxglobalventures.com
- Phone: (512) 243-6269