1. 10DLC & Mobile Data Security (Carrier Mandated)

As part of our commitment to A2P 10DLC compliance, we provide specialized protection for your mobile information. We recognize that phone numbers and SMS consent are highly sensitive data points.

SMS Data Isolation: We employ strict data silos to ensure that SMS opt-in data and consent are never shared with third parties, affiliates, or lead aggregators for marketing purposes.

Encrypted Opt-In Storage: When you provide consent via our 10DLC-compliant web forms, your opt-in record (including timestamp and IP address) is stored in an encrypted database to provide a verifiable audit trail for carriers.

Authorized Access Only: Access to lead lists and phone numbers within our CRM (MapleConnect) is restricted via Multi-Factor Authentication (MFA) and the Principle of Least Privilege.

2. Secure Foundation: HTTPS and TLS 1.3 Encryption

Every interaction with www.maple54.com is secured using Hypertext Transfer Protocol Secure (HTTPS).

Encryption in Transit: We utilize TLS 1.3, the most advanced version of Transport Layer Security, to encrypt data between your browser and our servers.

Protocol Integrity: We employ HSTS (HTTP Strict Transport Security) to prevent protocol downgrade attacks and ensure your connection is always encrypted.

Certified Trust: Our digital certificates are issued by trusted Certificate Authorities (CA) and are monitored 24/7 for validity and performance.

3. Secure Payment Processing (PCI DSS Level 1)

We leverage Stripe to handle all payment transactions. Stripe is certified as a PCI Service Provider Level 1, the most stringent security level in the payments industry.

Zero Storage Policy: Maple54 does not store your raw credit card data on our servers. All sensitive financial information is tokenized and processed through Stripe's secure vault.

Advanced Fraud Detection: Our integration utilizes Stripe's AI-driven fraud prevention to protect against unauthorized transactions.

4. Multi-Layered Data Protection

Beyond financial data, we implement robust measures to protect all client information:

Access Controls: We use Role-Based Access Control (RBAC) and Multi-Factor Authentication (MFA) to ensure that only authorized Maple54 personnel can access internal systems.

Encryption at Rest: All data stored on our servers is protected using AES-256 bit encryption, ensuring that even if physical hardware were compromised, the data remains unreadable.

Regular Security Assessments: We conduct routine vulnerability scans and penetration testing to identify and mitigate emerging threats like XSS, SQL Injection, and CSRF.

5. Legal and Regulatory Compliance

Our data practices are built to comply with the most rigorous regulatory frameworks, ensuring your privacy is respected worldwide:

10DLC / TCPA: Strict adherence to the Telephone Consumer Protection Act and carrier-specific 10DLC requirements.

CCPA: Compliance with the California Consumer Privacy Act regarding the collection and rights of California residents.

Transparency: We provide clear notice, obtain explicit consent for communication, and facilitate your right to data deletion or portability upon request.