SSL Security Policy

Effective Date: January 1, 2025
1. Overview

At Called To Lead Strategies, we prioritize the protection and confidentiality of your data. To maintain a secure digital environment, we utilize Secure Sockets Layer (SSL) encryption technology across all parts of our website. SSL is a standard security protocol that ensures the data transmitted between your browser and our servers remains encrypted, private, and protected from interception.

This SSL Security Policy outlines our commitment to data encryption, how SSL works, and how we meet compliance obligations—including requirements set forth by states with enhanced privacy and data security laws such as California, Virginia, Colorado, Connecticut, and Utah.

2. What Is SSL?

SSL (Secure Sockets Layer) is a cryptographic protocol designed to secure data transmission over the internet. It:

  • Authenticates the identity of our website through digital certificates.
  • Encrypts data sent between a visitor’s browser and our servers.Encrypts data sent between a visitor’s browser and our servers.
  • Prevents unauthorized access, tampering, or data theft during transmission.
  • Ensures visitors see the padlock icon in the browser address bar and the “https://” prefix.

SSL protects sensitive activities such as login credentials, form submissions, payment details, and account interactions

3. SSL Implementation

We use 256-bit SSL encryption, the highest level of security available for commercial websites. All communications between your device and our servers are secured using TLS (Transport Layer Security), the modern version of SSL.

Features of Our SSL Security:
  • All webpages, including login, account dashboards, and contact forms, are served under HTTPS.
  • We use SHA-2 hashing algorithms for certificate signing, protecting against forgery or tampering.
  • Digital certificates are issued by a trusted Certificate Authority (CA) and are updated annually.
  • SSL is always active; no part of our site is served over HTTP.
4. Data Protected by SSL

All of the following types of data are encrypted during transmission:

  • Names, email addresses, phone numbers
  • Login credentials (usernames, passwords)
  • Billing and payment information
  • Communications submitted via contact forms
  • Personal preferences or form responses

We also apply SSL protection to API calls, file uploads, and system-to-system data transfers.

5. User Responsibilities

While SSL helps protect data in transit, users are encouraged to:

  • Keep browser software up to date.
  • Avoid using public or unsecured Wi-Fi for submitting personal data.
  • Never share login credentials with unauthorized persons.

Users who suspect fraudulent activity or unauthorized access should notify us immediately.

6. Compliance with State-Specific Requirements

We recognize that certain U.S. states impose heightened data security standards. Our SSL practices are designed to comply with these laws:

California (CCPA/CPRA)

SSL is mandated to secure consumer information and prevent unauthorized access or disclosure. We encrypt all personal data collected from California residents and adhere to reasonable security measures under Civil Code §1798.150.

Virginia (VCDPA)

We protect sensitive data collected from Virginia residents through SSL to meet security obligations and consumer privacy rights enforcement.

Colorado (CPA)

Colorado law requires reasonable security procedures, including encryption for sensitive data. We enforce full-site HTTPS and secure all personal data in transit.

Connecticut (CTDPA)

We comply with Connecticut’s data security standards by encrypting all personal and sensitive information submitted via our website or services.

Utah (UCPA)

To meet Utah’s requirements for data protection and consumer transparency, SSL is implemented across all access points for data collection and communication.

7. SSL Certificate Management

Our SSL certificates are:

  • Renewed and validated annually.
  • Installed on secure web servers with continuous monitoring.
  • Audited regularly to ensure integrity and compatibility across all devices and browsers.
8. Data Breach Prevention

While SSL significantly reduces the risk of data breaches during transmission, we supplement it with:

  • Regular security scans and penetration testing
  • Secure server configurations and firewall protections
  • Multi-factor authentication for admin accounts

In the unlikely event of a breach, affected users will be notified in accordance with applicable state and federal laws.

9. Changes to This Policy

We may update this SSL Security Policy periodically. Changes will be reflected on this page with an updated effective date. Users are encouraged to review this policy regularly.