Privacy Policy
Business Policy Charter
Our Business has many more assets that the physical world you see by looking around you. These assets are information, which is critical to doing business, keeping the trust of our customers, and keeping our future strong. This policy outlines our commitments to our employees, customers, and to our future regarding how we will handle this information.
Information can be sensitive by its nature, and can also be sensitive due to regulations and industry standards. The types of sensitive information can include:
Customer information (both for customer companies and for people as individuals)
Customer belongings
Financial information, including credit cards, salaries, banking, transactions and more
Medical information of all types
Business patents, business plans, and other intellectual property
Business records and planning materials, including our customer list, marketing and sales efforts, product line plans, and more.
Copyrighted materials, both which our company creates and those which we obtain under license from others
This information may reside on our computing systems or backup devices, may traverse the networks, be on paper, or be in people’s minds. All locations must be properly controlled.
The rules by which information is handled are determined by the regulations, business requirements, and company commitments relating to that type of information. Put together, these are called the significance of the information.
Every employee, vendor, contractor, supplier or vendor, agent or representative of our company must be aware of the significance of the information being handled, and ensure that proper controls are applied to prevent copying, disclosure, or other misuse of the information.
This Information Protection policy is a part of the overall security and privacy effort of our business. Other policies and controls may also apply, as issued by the Human Resources and Security teams. These are available in the employee handbook, or on the Business’s intranet site.
Penalties for violating these policies may include disciplinary actions up to termination of employment, or termination of the business relationship with our company.
Our company relies upon employees and business partners to properly develop, maintain, and operate our systems, networks, and processes which keep our sensitive information safe and properly used. This means that every person and organization handling our information has the responsibility to keep the information safe, no matter where the information is located. This includes computing systems, networks, paper copies, business processes, and verbal transmission of information.
Our Business’s policy
We will meet all applicable requirements in properly protecting the information, including:
- Laws
- Regulations
- Industry standards
- Contractual commitments
- Customer belongings
The protections we apply to information assets will be in proportion to the value and sensitivity of the information, and will balance the sensitivity of the information against:
- The cost of controls
- The impact of the controls on the effectiveness of business operations
- The risks of disclosure, modification, destruction, or unauthorized use of the information
We will protect all types of sensitive information, including but not limited to:
- Medical
- Financial
- Credit
- Business transaction and planning
- Personal information, both of our employees and of our customers
- Personal belongings of customers
We will ensure that these controls are accepted by all employees, vendors, service providers, representatives and associates of our company who may have access to our information. This includes ensuring that all personnel at all levels are aware of, and are held accountable for safeguarding information assets.
We will ensure that access to information is controlled, and based upon, job function and need-to-know criteria.
We will maintain proper business continuity and security procedures, including information systems, networks, resources, and business processes.
We will report any suspected or actual breach of these policies, and will cooperate with investigative agencies.
We will comply with other, related policies, including the Business’s privacy policies.
Privacy Policy for Employees
Our Business values each employee, and so has a commitment to protect the personal information which we handle on behalf of the employee.
It is our policy that:
- Our Business will collect only that information about employees which is needed and relevant.
- Our Business will strive to make certain that personal information about employees is kept accurate and up-to-date.
- Our Business will use appropriate controls to ensure that this information is kept secure, and is only viewed or used by the proper personnel.
- Information about employees will not be disclosed to any external parties unless appropriate.
- Employees will be told how they can review information about them, make updates, and report problems.
- Our Business will comply with applicable laws, regulations, and industry standards when protecting employee information.
- We hold our employees, vendors, contractors, suppliers, and trading partners to meet this same set of policies.
Privacy Policy for Customers
It is a part of our Business’s core values that we will properly value and protect any information entrusted to us about our customers. This policy describes how we will safeguard personal and company information, to ensure peace of mind when dealing with our Business.
It is our policy that:
- Our Business will collect only that information about customers which is needed and relevant.
- Our Business will not disclose information to other parties unless customers have been properly notified of such a disclosure.
- Our Business will strive to make certain that information about customers is kept accurate and up-to-date.
- Our Business will use appropriate controls to ensure that this information is kept secure, and is only viewed or used by the proper personnel.
- Our Business will comply with applicable laws, regulations, and industry standards when protecting employee information.
- We hold our employees, vendors, contractors, suppliers, and trading partners to meet this same set of policies.