Overview

At Corazon, we prioritize operating in full accordance with all applicable laws, regulations, and industry standards. This commitment to legal and regulatory compliance is integral to maintaining the trust of our stakeholders, including grantors, clients, employees, and partners.

Key Principles:

  1. Ethical Conduct: We uphold the highest standards of ethics in all aspects of our operations. This includes interactions with grantors, clients, colleagues, and the community at large.

  2. Privacy and Data Protection: We take the protection of personal and sensitive data seriously. Our policies and procedures comply with applicable data privacy laws, ensuring the confidentiality and security of information.

  3. Anti-Discrimination and Harassment: Corazon is committed to maintaining a workplace free from discrimination, harassment, and any form of unlawful conduct. We strictly prohibit discrimination based on race, gender, religion, age, disability, or any other protected characteristic.

  4. Health and Safety: We adhere to all relevant health and safety regulations to provide a safe and secure work environment for our team members. This includes regular inspections, training, and emergency response protocols.

Regulatory Compliance:

Corazon operates in a highly regulated environment. We diligently monitor and ensure compliance with all industry-specific regulations and licensing requirements. This ensures that we provide services that meet the highest standards of quality and integrity.

Reporting Concerns:

If you become aware of any potential compliance violations, it is your duty to report them promptly. We encourage open communication and have established channels for reporting concerns or seeking guidance.

Data Privacy & Security

At Corazon, we understand the critical importance of safeguarding sensitive information. Our commitment to data privacy and security is unwavering, and we have implemented comprehensive measures to protect the confidentiality and integrity of all data entrusted to us.

Key Measures:

  1. Access Control: We strictly limit access to sensitive data only to authorized personnel with a legitimate need to access it. This ensures that information is only accessible to those who require it for their job responsibilities.

  2. Encryption: Sensitive data is encrypted during transit and at rest. This adds an extra layer of protection, ensuring that even in the unlikely event of unauthorized access, the data remains secure and unreadable.

  3. Regular Audits and Assessments: We conduct regular internal and external audits and assessments to ensure that our data protection measures remain effective and compliant with all applicable regulations.

  4. Incident Response and Notification: In the event of a data breach or security incident, we have established procedures to promptly identify, contain, and respond to the incident. We also adhere to legal requirements for notifying affected parties.

  5. Training and Awareness: All team members are provided with comprehensive training on data protection best practices. This includes awareness of phishing attempts, secure handling of data, and compliance with privacy policies.

Third Party Vendors:

When working with third-party vendors who may have access to our data, we conduct thorough assessments of their data protection practices to ensure they meet our stringent security and compliance standards.