Security Overview | LETSGROW Marketing Technology

LETSGROWMARTECH LLC is a service-based software development and consulting firm. This page provides our formal Information Security Policy, which governs how we protect information and manage access during client engagements.

LETSGROWMARTECH LLC

Information Security Policy

Effective Date: January 1, 2026

1. Policy Statement

LETSGROWMARTECH LLC is committed to protecting the confidentiality, integrity, and availability of information accessed or processed in the course of providing professional services. This policy establishes the principles and minimum requirements for safeguarding information assets consistent with the scope, size, and risk profile of the organization.

2. Purpose

The purpose of this policy is to define LETSGROWMARTECH LLC's approach to information security and to ensure that reasonable administrative, technical, and physical safeguards are applied to information accessed during service engagements.

3. Scope

This policy applies to:

All personnel acting on behalf of LETSGROWMARTECH LLC

All devices and systems used to access company or client information

All information accessed, processed, or transmitted in the course of service delivery

LETSGROWMARTECH LLC provides service-based consulting and development services and does not independently host, operate, or manage production infrastructure, data centers, or client platforms.

4. Definitions

Information Assets: Data accessed, created, transmitted, or processed in connection with services, including client data where applicable.

Personnel: The Managing Member and any authorized contractors acting on behalf of the company.

Client Systems: Systems, platforms, or environments owned or operated by clients or third-party service providers.

5. Governance and Responsibility

The Managing Member is responsible for:

Oversight of information security practices

Enforcement of this policy

Periodic review and updates

All personnel are responsible for complying with this policy and reporting suspected security incidents or weaknesses.

6. Access Control

Access to systems and information shall be limited to authorized users only.

Access shall be granted based on least privilege and role-based requirements.

Shared or generic user accounts are prohibited.

Access to client systems is restricted to the minimum necessary to perform contracted services.

7. Authentication and Remote Access

Strong authentication mechanisms are required for system access.

Multi-factor authentication (MFA) shall be enabled where supported by platforms or required by client security policies.

Remote access requirements, including VPN usage, shall align with client and platform security requirements.

8. Data Protection

Information shall be protected against unauthorized access, disclosure, alteration, or destruction.

Encryption in transit (e.g., TLS/HTTPS) shall be used where applicable.

LETSGROWMARTECH LLC does not independently store or retain client production data unless explicitly required by the engagement.

9. Device and Endpoint Security

Devices used for company operations shall be secured with password protection.

Operating systems and applications shall be kept reasonably up to date with security patches.

Endpoint protection controls shall be used where appropriate.

10. Physical Security

LETSGROWMARTECH LLC does not operate physical servers or data centers.

Physical security of infrastructure is the responsibility of the client or underlying cloud service provider.

Company-managed devices shall be protected against unauthorized physical access.

11. Secure Disposal

Information and media shall be securely disposed of when no longer required.

Devices and storage media shall be securely wiped or destroyed prior to disposal or reuse in accordance with industry best practices.

12. Incident Management

Security incidents related to company systems or access shall be promptly assessed.

Incidents that may impact a client shall be communicated in a timely manner in accordance with contractual obligations and engagement scope.

13. Third-Party and Platform Security

LETSGROWMARTECH LLC relies on security controls implemented by reputable third-party platforms and service providers.

Infrastructure-level controls (e.g., firewalls, intrusion detection, backups, disaster recovery) are managed by the applicable platform or system owner.

14. Compliance and Exceptions

Personnel are required to comply with this policy.

Exceptions must be approved by the Managing Member and documented where applicable.

15. Policy Review

This policy shall be reviewed at least annually and updated as necessary to reflect changes in business operations, risk, or contractual obligations.

LETSGROWMARTECH LLC

Information Security Policy

Policy Owner: George Ramos, Managing Member

LETSGROWMARTECH LLC

Information Security Policy

Effective Date: January 1, 2026

1. Policy Statement

2. Purpose

3. Scope

This policy applies to:

All personnel acting on behalf of LETSGROWMARTECH LLC

All devices and systems used to access company or client information

All information accessed, processed, or transmitted in the course of service delivery

LETSGROWMARTECH LLC provides service-based consulting and development services and does not independently host, operate, or manage production infrastructure, data centers, or client platforms.

4. Definitions

Information Assets: Data accessed, created, transmitted, or processed in connection with services, including client data where applicable.

Personnel: The Managing Member and any authorized contractors acting on behalf of the company.

Client Systems: Systems, platforms, or environments owned or operated by clients or third-party service providers.

5. Governance and Responsibility

The Managing Member is responsible for:

Oversight of information security practices

Enforcement of this policy

Periodic review and updates

All personnel are responsible for complying with this policy and reporting suspected security incidents or weaknesses.

6. Access Control

Access to systems and information shall be limited to authorized users only.

Access shall be granted based on least privilege and role-based requirements.

Shared or generic user accounts are prohibited.

Access to client systems is restricted to the minimum necessary to perform contracted services.

7. Authentication and Remote Access

Strong authentication mechanisms are required for system access.

Multi-factor authentication (MFA) shall be enabled where supported by platforms or required by client security policies.

Remote access requirements, including VPN usage, shall align with client and platform security requirements.

8. Data Protection

Information shall be protected against unauthorized access, disclosure, alteration, or destruction.

Encryption in transit (e.g., TLS/HTTPS) shall be used where applicable.

LETSGROWMARTECH LLC does not independently store or retain client production data unless explicitly required by the engagement.

9. Device and Endpoint Security

Devices used for company operations shall be secured with password protection.

Operating systems and applications shall be kept reasonably up to date with security patches.

Endpoint protection controls shall be used where appropriate.

10. Physical Security

LETSGROWMARTECH LLC does not operate physical servers or data centers.

Physical security of infrastructure is the responsibility of the client or underlying cloud service provider.

Company-managed devices shall be protected against unauthorized physical access.

11. Secure Disposal

Information and media shall be securely disposed of when no longer required.

Devices and storage media shall be securely wiped or destroyed prior to disposal or reuse in accordance with industry best practices.

12. Incident Management

Security incidents related to company systems or access shall be promptly assessed.

Incidents that may impact a client shall be communicated in a timely manner in accordance with contractual obligations and engagement scope.

13. Third-Party and Platform Security

LETSGROWMARTECH LLC relies on security controls implemented by reputable third-party platforms and service providers.

Infrastructure-level controls (e.g., firewalls, intrusion detection, backups, disaster recovery) are managed by the applicable platform or system owner.

14. Compliance and Exceptions

Personnel are required to comply with this policy.

Exceptions must be approved by the Managing Member and documented where applicable.

15. Policy Review

This policy shall be reviewed at least annually and updated as necessary to reflect changes in business operations, risk, or contractual obligations.

LETSGROWMARTECH LLC

Information Security Policy

Policy Owner: George Ramos, Managing Member