We restrict access to nonpublic personal information about you to those employees or service providers who need to know the information to provide products or services to you. The policies and procedures used by COMPANY NAME are designed to (i) ensure the security and confidentiality of customer information, (ii) protect against any anticipated threats and or hazards to the security and integrity of customer records and information; and (iii) protect against unauthorized access to, and use of customer records or information that could result in substantial harm or inconvenience to any customer.
In addition to the specific categories listed above, COMPANY NAME has implemented physical, electronic, and procedural safeguards to protect non-public personal information about customers. These safety mechanisms are regularly tested to assure continued efficacy. The condition and status, as well as any breaches or violations, of this Privacy Policy, are reported to the COMPANY NAME Board, through the Internal Audit Committee, on an annual basis. The goal of COMPANY NAME Privacy Policy is to protect non-public personal information about customers in a manner that enables customers to continue to receive the highest level of service while at the same time feeling confident that non-public personal information about them is treated with the care and security it deserves.
- Physical Records
- Physical safeguards are in place that comply with federal regulations to guard non-public personal information about you that is maintained in hard copy.
- Information Systems
- Electronic files operate under a “lockout” system whereby three failed attempts to log-on result in shutdown; the system will only be re-enabled after verification of the user by security personnel;
- Logon identifications are issued only with specific access authorizations;
- Passwords must be changed every ninety days;
- Internal systems are regulated to ensure that only authorized COMPANY NAME associates can access the information contained in the system;
- Website servers used to gather and transmit personal data are stored in a secure and environmentally controlled location;
- The COMPANY NAME website (domain and additional content-related websites), and certain other electronic files are encrypted;
- Monitoring systems and procedures are in place to provide warnings of possible attacks or intrusions into information systems; and
- Systems are equipped with response mechanisms that take appropriate action when unauthorized access to protected information is suspected or detected.
- Employees
- Control procedures are in place together with the segregation of duties for employees with access to, or responsibility for, non-public personal information;
- Employees receive training, as part of the orientation process, with respect to COMPANY NAME Privacy Policy and the issuance of the privacy notice; and
- Employees are required to execute an acknowledgment form following a review of COMPANY NAME Privacy Policy.
- Agents
- Individuals, companies, and other entities that access products and services from COMPANY NAME must agree to safeguard nonpublic personal information about customers pursuant to COMPANY NAME Privacy Policy.
- Third-Party Service Providers
- Third-party service providers must agree to safeguard nonpublic personal information about customers pursuant to COMPANY NAME Privacy Policy.
In addition to the specific categories listed above, COMPANY NAME has implemented physical, electronic, and procedural safeguards to protect non-public personal information about customers. These safety mechanisms are regularly tested to assure continued efficacy. The condition and status, as well as any breaches or violations, of this Privacy Policy, are reported to the COMPANY NAME Board, through the Internal Audit Committee, on an annual basis. The goal of COMPANY NAME Privacy Policy is to protect non-public personal information about customers in a manner that enables customers to continue to receive the highest level of service while at the same time feeling confident that non-public personal information about them is treated with the care and security it deserves.