1. Purpose

This Information Security Policy defines the standards and requirements for safeguarding the confidentiality, integrity, and availability of all information assets managed or processed by Cheerlink ("the Company"). This policy ensures that all data—particularly customer, operational, and integration-related data—is protected in accordance with applicable laws, regulations, and industry best practices.

2. Scope

This policy applies to:

• All information systems, platforms, APIs, applications, and infrastructure operated or maintained by Cheerlink.
• All employees, contractors, and third-party service providers with access to Company-managed data.
• All customer and operational data transmitted, stored, or processed by the Company.

3. Information Security Objectives

Cheerlink is committed to maintaining:

• Confidentiality – Data is accessible only to authorized individuals.
• Integrity – Data is accurate, complete, and protected from unauthorized modification.
• Availability – Systems and data remain accessible and functional as required.

4. Data Classification

Cheerlink classifies data into the following categories:

1. Public Data – Information intended for public disclosure.
2. Internal Data – Company information for internal operations.
3. Confidential Data – Customer data, application data, access tokens, and API credentials.