Security Policy

Security Policy 2015-04-25T11:48:15+00:00

One of Bloomerang’s core values as a company is transparency. In that spirit, we wanted to let you know about the actions we would take in the highly unlikely event of a data breach.

  1. Immediately cycle (reset) all customer passwords
  2. Notify all customers of the password reset and send new login credentials via email
  3. Notify impacted customer(s) of the issue via phone call and, if needed, email
  4. Notify law enforcement and pertinent government agencies
  5. Issue a public notification on brand social media channels (Facebook and Twitter)
  6. Investigate cause of the breach
  7. Follow-up to all customers via email once the cause and solution has been identified and implemented

In the event that one of our technology vendors (payment processors, web host, domain registrar, integration partners, etc.) experiences a data breach, the following will occur:

  1. Immedidately contact vendor to ascertain the cause of the issue and obtain a solution timeframe
  2. Issue a public notification on brand social media channels (Facebook and Twitter)
  3. Notify impacted customer(s) of the issue via phone call and, if needed, email
  4. Notify all customers via email once the cause and solution has been identified and implemented

In the unlikely event of an issue or crisis, our philosophy is to carefully gather all of the facts before communicating. Our goal is to communicate as quickly as possible without sacrificing clarity or accuracy, or causing unnecessary anxiety to those customers who are not impacted by the issue.