This document provides an overview of the multitude of securities policies in place within Reimagined Parking (“Reimagined Parking”, “us”, “our”).  The following information does not overwrite any written agreement/contract with a customer/client (“you” or “your”) but is designed to provide an overview of Reimagined Parking’s security processes and policies.  To the extent there is a conflict between your Agreement with Reimagined Parking and the terms of this Security Program overview, the terms of your Agreement will prevail.

Reimagined Parking maintains an Information Security Program and a Privacy Information Management Program that contains technical, physical and organizational measures designed to protect data of any type that is stored, processed, transmitted, or managed by or on behalf of the Customer for services provided by us to you (“Customer Data”).  This Security Overview describes safety measures that Reimagined Parking has in place to protect such data.  Reimagined Parking will review and update this Security Overview from time to time, and such updates shall be designed to enhance and not diminish the overall level of protection for the Data.

 

1. Information Security Policies and Procedures. Reimagined Parking’s information security program includes policies and procedures designed to: (i) maintain the confidentiality, integrity, and availability of Customer Data in Reimagined Parking’s possession or control; (ii) protect such Customer Data against unauthorized access, use, disclosure, alteration, or destruction; and (iii) identify and mitigate potential threats, risks or hazards to the security of Customer Data.

 

2. Third Party Management Policy. The security of data is vital to our company mission,and our 3^rdparty vendors are managed through our Third-Party Management process, which includes evaluation of data security measures, due diligence in vendor selection, detailed reviews of contractual agreements, performance oversight and monitoring, compliance monitoring, and risk assessments that identify and mitigate risks associated with vendor relationships and ensure they adhere to Reimagined Parking’s security policies.

 

3. Physical Security. Reimagined Parking uses Infrastructure-As-A-Service (IaaS) cloud providers.  eimagined Parking utilizes data center infrastructure of cloud providers to provide services to you.  To ensure a cloud provider has appropriate physical and environmental controls for its data centers hosting the Customer Data, Reimagined Parking monitors its cloud providers compliance, attestations, and certifications that are completed by 3^rdparty auditors.

 

4. Technical Security. The technical security controls that Reimagined Parking maintains are designed to: (i) restrict access to its information systems, and include, but not limited to; firewalls, intrusion detection and prevention systems, access control lists, and routing protocols; (ii) safeguard data on Reimagined Parking devices (i.e., laptops or other mobile devices); and (iii) encrypt and protect Customer Data from unauthorized access during electronic transmission, transport, or storage.  Reimagined Parking conducts regular vulnerability scanning, penetration testing and other appropriate security testing and security audits, including obtaining third party certifications such as PCI-DSS, ISO 27001, and meets data privacy security standards.

 

5. Organizational Security. Reimagined Parking enforces policies, procedures, and technical controls to limit access to Customer Data only those  authorized to have access, and to remove access rights promptly.  Reimagined Parking requires personnel to comply with its information security program and maintains a security awareness program to train personnel about their security obligations.

 

6. Incident Response Plan.Reimagined Parking has established a robust security incident monitoring process that proactively identifies different types of incidents.  These processes are designed to effectively detect, track, and respond to security incidents in a timely manner.  Monitoring activities are designed to align with relevant policies, procedures, and legal and regulatory requirements to ensure compliance and to safeguard the confidentiality, integrity, and availability of information.  The process includes but is not limited to, establishing an Incident Response Team (IRT), conducting information security forensics analysis, properly logging and tracking activities that pertain to the incident, communication to appropriate internal and external individuals or organizations as a “need-to-know,” conducting root cause analyses, and completing lessons learned review.

 

7. Business Continuity and Disaster Recovery (“BC/DR Plan”). Reimagined Parking maintains, implements, and invokes, when needed, business continuity and disaster recovery plans to mitigate the effects of breaches, data loss, system failures, environmental or infrastructure disruptions, natural disasters, emergencies, or similar events on Reimagined Parking’s information systems and environments.  The program is built on a foundation of robust planning, advanced technology, and a culture of resilience, aligning with the industry’s best practices and standards, such as NIST and ISO 27001.  

 

 The BCDR Plan incorporates Reimagined Parking’s contingency plans, recovery plans (including recovery point objective and recovery time objective) and risk controls designed to enable continued performance. Reimagined Parking regularly reviews and updates these plans.

 

The program structure and strategy include:

• Completing regular risk assessments and BIA (Business Impact Analysis) to identify potential threats to our operations and prioritize our resources to protect critical business functions.
• Incident management and response enables Reimagined Parking to respond swiftly to incidents, minimizing their impact on operations, which includes predefined response teams, escalation procedures, and communication plans.
• Training and awareness for all employees is received on a regular basis andat least annually.  This training outlines roles and responsibilities during an incident which fosters a culture of preparedness and resilience across the organization.
• Leveraging state-of-the-art technology is a cornerstone of Reimagined Parking’s resiliency and security programs.  We utilize cloud computing for enhanced flexibility and scalability, advanced cybersecurity measures to protect against digital threats, and communication tools that ensure effective collaboration, even in a disrupted environment.
• Regular reviews and exercises to evaluate and refine our BC/DR strategies by incorporating feedback from lessons learned into continuous improvements.
• Complying with relevant regulations and standards ensures appropriate certifications are attained demonstrating our commitment to best practices in resilience, security, and continuity management.