The Culture MRI™ service utilises enterprise-grade commercial off the shelf (COTS) Software-as-a-Service platforms to deliver all aspects of the The Culture MRI™. The platforms utilized were chosen due to:
  • Platform flexibility
  • Hosting durability and security
  • Platform durability, reliability and security
  • Scalability
  • Cost

Our view is that your data will be better protected and secured by utilising existing SaaS platforms that have extensive data security policies and procedures in place.

Document Purpose
This document outlines the platforms that are utilised by The Culture MRI™ in delivery of its services to the customer with relevant links to platform security and data privacy and protection policies/terms and conditions.

Document Version
Document Version: 1.0. Last Updated: 9th July 2022

Solution SaaS Platforms Utilized

Google Workspace

Use in solution:
Database and Application Logic

Security and Compliance: See Google Workspace Security Whitepaper for detailed information on how data is kept secure within Google Workspace (https://storage.googleapis.com/gfw-touched-accounts-pdfs/google-cloud-security-and-compliance-whitepaper.pdf)

The Culture MRI™ access to Google Workspace: Multi-factor authentication is utilised to ensure users who access the platform are who they say they are. Access to the platforms is only provided to The Culture MRI™ employees (or relevant sub-contractors) on an as needed basis either for the support and maintenance of the service or for the initial implementation. Access is revoked when not needed.

Google Data Studio

Use in Solution:
Business Intelligence Reporting

Security and Compliance:
All the data uploaded via Data Studio is stored in Google Cloud Storage. See Google Infrastructure Security Design Overview for more information: (https://cloud.google.com/docs/security/infrastructure/design/resources/google_infrastructure_whitepaper_fa.pdf)

Google Data Studio: Terms of Service

The Culture MRI™ access to Google Data Studio: Multi-factor authentication is utilised to ensure users who access the platform are who they say they are. Access to the platforms is only provided to The Culture MRI™ employees (or relevant subcontractors) on an as needed basis either for the support and maintenance of the service or for the initial implementation. Access is revoked when not needed.

Make (formerly Integromat)

Use in Solution
: Platform Integration and Workflow Automation

Security and Compliance: See Technical and Organisational measures which describes the requirements and implementation of measures for secure and compliant processing of personal data (https://www.integromat.com/en/help/technical-and-organizational-measures)

The Culture MRI™ access to Make: Multi-factor authentication is utilised to ensure users who access the platform are who they say they are. Access to the platforms is only provided to The Culture MRI™ employees (or relevant subcontractors) on an as needed basis either for the support and maintenance of the service or for the initial implementation. Access is revoked when not needed.

PointerPro (formerly Survey Anyplace)

Use in Solution
: Data collection and analysis
Security and Compliance: See Security Statement (https://pointerpro.com/security-statement/) for more information on how PointerPro uses, stores and secures data.

The Culture MRI™ access to PointerPro: Users authentication is managed by a single The Culture MRI™ administrator and user credentials and password is required to gain access to the platform and ensure users are who they say they are. Access to the platforms is only provided to The Culture MRI™ employees (or relevant subcontractors) on an as needed basis either for the support and maintenance of the service or for the initial implementation. Access is revoked when not needed.

Specific/Enhanced Security Requirements

Should a customer require additional security controls, The Culture MRI™ to meet specific or enhanced technology security requirements, we are happy to review the requirements and seek to accommodate. Note this will be at the cost of the customer and will be in addition to any costs already quoted or incurred.



Technology Security Statement and Overarching Security Principles