Effective Date: 03/28/2026
Contact: privacy@hp7.io
Harper Seven LLC (HP7) is committed to upholding the principles of GDPR and maintaining the highest standards of data protection. HP7 has established a comprehensive data protection framework aligned with cybersecurity best practices.
HP7 maintains records of processing activities including categories of personal data, purposes of processing, data sources, and recipients.
Privacy and security are embedded into all systems and services from inception, ensuring minimal data exposure and secure handling.
HP7 implements encryption (in transit and at rest), RBAC, MFA, continuous monitoring, and secure cloud infrastructure leveraging AWS and Microsoft Azure.
Aligned with NIST 800-115, OWASP Top 10, MITRE ATT&CK, and Zero Trust Architecture.
HP7 executes Data Processing Agreements ensuring compliance with GDPR and clearly defining controller and processor roles.
HP7 provides clear notice of data usage and supports all data subject rights including access, correction, deletion, and portability.
Data is retained only as necessary and securely deleted or anonymized when no longer required.
Third-party vendors are assessed, contracted, and continuously monitored for compliance with security and data protection standards.
HP7 maintains a formal incident response program and will notify clients without undue delay in accordance with GDPR requirements.
HP7 uses Standard Contractual Clauses (SCCs) and equivalent safeguards for international data transfers.
HP7 promotes a security-first culture through training, governance, and continuous improvement across people, processes, and technology.