Metolius Privacy Policy

Last Updated: August 31, 2023

Introduction

Metolius Golf is committed to ensuring the security and privacy of the data entrusted to us by our customers. We understand the critical nature of data security, especially in the realm of data storage and processing for Business Analytics and Business Intelligence services. This Security Statement outlines our approach to security and the measures we have implemented to protect your data.

Data Collection and Storage

Metolius Golf collects, aggregates, and normalizes data for Business Analytics and Business Intelligence services. We adhere to strict data collection and storage protocols, including encryption in transit and at rest. All data is stored securely within the Google Cloud Platform (GCP), which provides robust security features and undergoes regular security audits. Learn more about GCP's commitment to security here.

Access Control

Access to customer data within Metolius Golf is limited to authorized personnel only. We implement role-based access control (RBAC) and row-level security (RLS) to ensure that individuals only have access to the necessary data for their specific responsibilities. Access is monitored and logged for auditing purposes.

Authentication and Authorization

We require that authorized users be provisioned with unique Google Accounts to access the Metolius platform. We rely on the best-in-class security of Google Accounts to access our system. From there, each user has role-based permissions to access reports, features, and data - all based on their unique login.

Encryption

Data transmitted between our systems and your organization is encrypted using industry-standard encryption protocols to prevent unauthorized interception. Data stored within GCP is also encrypted at rest to protect against data breaches.

Training, Logging, and Audits

All Metolius Golf employees complete comprehensive security training, and Metolius adheres to a "Security First" culture. The platform has robost logging, which facilitates detailed audits to identify vulnerabilities and ensure that our security controls are adequate and current.

Google Cloud Platform (GCP)

Metolius Golf operates entirely on the Google Cloud Platform (GCP), a secure and reliable cloud infrastructure provider. GCP offers numerous security features, including network firewalls, identity and access management, and DDoS protection.

Disaster Recovery

We have implemented robust disaster recovery and backup mechanisms to ensure the availability and integrity of your data in case of unforeseen events. 

Compliance

Metolius Golf is committed to complying with relevant data protection and privacy regulations, including but not limited to the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We continuously monitor and update our practices to align with evolving legal requirements.

Security Incident Response

Metolius Golf will execute its incident response plan in case of a security incident or breach. We will promptly notify affected customers and take immediate steps to mitigate the impact and prevent further breaches.

Conclusion

At Metolius Golf, we take the security of your data seriously. We have implemented robust security measures, regularly audit our systems, and stay current with industry best practices. Our commitment to security is unwavering, and we will continue to invest in protecting your data.

If you have any questions or concerns regarding our security practices, please contact our security team at support@metoliusgolf.com.