Panenco provides managed (software) delivery services to its clients when building digital products. Therefore we need access to the required information to carry out our duties. Every product we build consists of similar building blocks. This document presents a summary of our default operational and security principles.
Panenco offers professional services to its clients and partners in the field of digital product development. The services cover the whole spectrum from initial strategy and ideation, product definition and design, software and data engineering onto go-to-market and beyond. We choose to be a partner for the long haul and assist clients and partners in the best way possible throughout the whole journey.
Data owners are employees or subcontractors who have primary responsibility for maintaining information that they own, such as a product owner, product manager, chapter lead or occasionally a product team member.
Users include everyone who has access to information resources, such as employees, trustees, contractors, consultants, trials, temporary employees and volunteers.
Our whole organisation is built up around agile principles. We have a limited set of distinct roles, but a variety of specialty domains. All roles are oriented towards maximum product value delivery.
Product owner: represents in-depth knowledge of an industry and can map that into a product strategy and roadmap. The role of product owner will typically be positioned on the side of our clients/partners.
Product manager: the day to day management of a development squad is led by a product manager. He or she executes on the defined product roadmap and assigns the day-to-day responsibilities. In order to be able to complete their job successfully, product managers need extensive access to tooling (to grant the correct access rights to the correct teammates) and sometimes databases (for customer success or other purposes).
Chapter lead: domain expert who carries the responsibility over a specific specialty field in which he/she builds up knowledge and passes this knowledge along to fellow teammates. A chapter lead will traditionally have access to source code repositories for quality and review purposes. Our current chapters:
• Product strategy
• Product design
• Software engineering
• Data engineering
Product team: a dedicated team within Panenco that will work on specific product objectives. The team will consist of members from the various chapters within Panenco according to the delivery needs. Members of a product team will be limited in their access only to fulfil their specific duties.
We rely on various tools to fulfil our duties. Below we give an overview of the most commonly used tools per chapter:
• Communication: Slack, Gmail
• Task management: Trello, Gitlab issues, JIRA, and others
• Documentation: Github, Google Docs
• Product design: Figma (or alternatives)
• Marketing design: Adobe Creative Cloud suite, Wix
• IDE: Visual Studio Code, PHPStorm and others
• Transactional email traffic: Sendgrid, ActiveCampaign, Mailgun
• Business Intelligence: PowerBI, Google Data Studio, Tableau
• Data science: R Studio and others
• Marketing: specific tooling for social media campaigns and performance monitoring
• Analytics: Google Analytics, Google Tag Manager, Google Data Studio
• Billing & payments: Stripe and Stripe Billing
• Customer success: Intercom, ActiveCampaign
• Sales: Hubspot CRM
Individual responsibilities for all employees or contractors at Panenco:
• All employees and contractors must lock their screens whenever they leave their desks to reduce the risk of unauthorised access
• All employees and contractors must keep their workplace clear of any sensitive or confidential information when they leave
• All employees and contractors must keep their passwords confidential and not share them
Application and Information Access
• All employees and contractors shall be granted access to the data and applications required for their job roles
• All employees and contractors shall access sensitive data and systems only if there is a business need to do so and they have approval from management
Any user found in violation of this policy is subject to disciplinary action, up to and including termination of employment. Any third-party partner or contractor found in violation may have their contract terminated.
Panenco bv preserves the right to make changes to this Security Policy, and will reflect the data of the last changes at the top of the document.
In order to take action on the basis of your feedback or to clarify changes made in our default Security Policy, this policy may be amended from time to time. The top of the page will always indicate the date of the last change.
We are ISO27001 certified.
In case of questions, please don't hesitate to reach out to firstname.lastname@example.org. Great partnerships or supplier relationships need to be backed by a security setup.