1. Sales and Marketing:

- Customers' personal data like names, addresses, and contact information are collected through the registration process and stored securely in encrypted databases.

- The designated data protection officer is responsible for managing this data. Security measures could include encryption, access controls, and regular audits.

- This data could be used to personalize marketing campaigns, understand user behavior, and drive product development.

- Credit card information and payment handling is offloaded to third-party providers for compliance (Stripe).

2. Human Resources:

- Employee information is collected during the hiring process and stored in secure, access-controlled databases.

- HR managers maintain this data and ensure compliance with labor laws.

- Sensitive information is encrypted and stored with restricted access.

3. Finance and Accounting:

- Measures to secure financial data include secure, encrypted databases, restricted access, and regular security audits.

- Financial records are maintained by 3rd party accountants and/ or financial controllers.

- Billing addresses and credit histories, if collected, would be securely stored and managed with stringent access controls.

4. IT Department:

- The IT Department uses a range of data security measures including firewalls, access controls, encryption, and regular security audits.

- IT managers or cybersecurity teams all oversee these measures.

- System requirements and data infrastructure is managed by system administrators and database administrators.

5. Research and Development:

- R&D data, when applicable, is collected from various sources such as market research, customer feedback, and product testing, and stored securely.

- The designated data protection officer is responsible for managing this data, with security measures including access controls and encryption.

- Potentially sensitive data is handled and protected with strict access controls, encryption, and anonymization techniques where necessary.