1. Overview ShowsHappening recognizes the importance of classifying its data based on its sensitivity and the potential risk of loss or exposure. This policy outlines the measures to be taken to classify ShowsHappening's data and ensure that appropriate security measures are in place to protect it.
2. Scope This policy applies to all employees who create, access, store, process, or transmit ShowsHappening's data.
3. Data Classification Procedures 3.1 Data Classification Levels ShowsHappening will classify its data based on its sensitivity and the potential risk of loss or exposure. The following classification levels will be used:

• Public: Data that is intended for public release and has no confidentiality or sensitivity requirements.
• Internal: Data that is intended for use within ShowsHappening and is not intended for public release.
• Confidential: Data that is sensitive and requires protection from unauthorized access, use, disclosure, or modification.

3.2 Data Classification Criteria The following criteria will be used to classify ShowsHappening's data:

• Legal and regulatory requirements: Data that is subject to legal or regulatory requirements will be classified as confidential.
• Business impact: Data that, if lost or exposed, could have a significant impact on ShowsHappening's operations or reputation will be classified as confidential.
• Sensitivity: Data that contains sensitive information, such as personally identifiable information, financial information, or trade secrets, will be classified as confidential.

3.3 Data Handling Procedures All employees who handle ShowsHappening's data must follow the following procedures:

• Public data may be stored or transmitted using any means that are appropriate.
• Internal data may only be stored or transmitted using ShowsHappening's approved internal systems and processes.
• Confidential data may only be stored or transmitted using ShowsHappening's approved confidential systems and processes.

3.4 Data Storage and Retention ShowsHappening will ensure that all data is stored in accordance with its classification level and retention requirements. Confidential data will be stored using encryption and access controls to protect it from unauthorized access.

1. Compliance ShowsHappening is committed to complying with all relevant regulations, laws, and standards. This policy will be reviewed and updated periodically to ensure that it complies with any changes in regulations or industry standards.
2. Policy Enforcement Failure to comply with this policy may result in disciplinary action, up to and including termination of employment. Any suspected violations of this policy should be reported to the employee's manager or the Chief Information Officer (CIO).
3. Policy Review This policy will be reviewed annually to ensure that it is still relevant and effective. Any changes to this policy must be approved by the CIO or their delegate.