Commitments to Customers / Stakeholders
How Customer Information is collected and used
How customer information is shared
Oxdora I Tech will inform customers of any organizations the company plans to share its customer information with. Typically, these are affiliates or third-party business partners of the company that it feels would be a value-add for the customers.
Opt-in or opt-out choices that customers can make with respect to their information
Oxdora I Tech might give customers an opportunity to opt in (or out) for offers from advertisers or third-party business partners or to decline anonymizing their customer data for the purposes of analytics reporting. The final decision for any situation will be taken by Oxdora Administrative team.
Customer Privacy Rights
Customers will be informed of their privacy rights under law. They have a right to request information concerning whether Oxdora I Tech has disclosed personal information to any third parties, and to which third parties, for marketing purposes or whether Oxdora I Tech has sold any of their personal information without their consent.
Company contacts information for customers with questions about privacy
How customer account activity is tracked
How Customer Information is provided to third parties
Oxdora I Tech might share direct customer information and contact information with business partners. In other cases, such as data analytics information offered for sale, Oxdora I tech may require to anonymize individual customer contacts and information so that data can’t be traced back to individuals.
Data Protection and Security
Security measures, secure storage, and protection of data for the purposes of privacy will be defined as a policy and as procedures that are activated in Oxdora I Tech, which is the custodian of the data. Oxdora I Tech practices guidance and standards that are issued from both legal and compliance sources.
As a part of its network management, Oxdora I Tech maintains server logs that automatically collect and store details of how users used company online services; their telephone and/or IP addresses, time of contact, duration of contact, etc.; the browser type used and the times and dates of their service requests; and information gathered by cookies on the website. From a privacy standpoint, Oxdora I Tech, legal, and compliance should define how this information is to be used internally, how it is to be protected to guarantee the privacy and security of individuals using the company website, and under which circumstances it will be permissible to share this information.
Employee Privacy Practices
Oxdora I Tech considers customers’ information of healthcare, finance, insurance etc industries as highly sensitive. During some official circumstances, Employees, who often are required to interact with customers online, by telephone, or in person can share sensitive information. Guided by Oxdora I tech’s legal and compliance departments, those information are firmly secured. Oxdora I Tech has a set of written policies that govern how employees are to treat customers and their private information, accompanied by training of all employees who are in customer-facing functions and/or come in contact with sensitive information. Similar privacy policies and procedures are enacted for IT personnel who are tasked with managing and accessing private customer information. As part of this process, Oxdora I Tech should maintain extensive logs that track employee, IT, and business partner access to customer information.
Oxdora I Tech has developed policies and procedures that minimally assure audits of information security and privacy of customer and other information critical to the enterprise, with audit cycles addressing and documenting any changes to existing information privacy practices.
Oxdora I tech, together with business user areas, compliances, and legal, do annually review data retention policies, making and documenting revisions as needed. Data retention addresses specifically how long sensitive customer history will be maintained in corporate data stores.
Audit Cycles and Regulatory compliance
Oxdora I tech, along with their counsel, regulators, and auditors has determined what needs to be audited in areas of information privacy. In some cases, Oxdora I tech has internal audit procedures that their own audit and compliance teams perform. As part of the audit and compliance process, Oxdora I tech has taken proper steps to ensure that their privacy policies are kept up to date with the latest regulatory and compliance rules and that policy updates are issued on a timely basis to customers, business partners, and other stakeholders.
Policy Updates and Approvals
Policy Signoffs by Employee
As part of the new employee orientation process, employees being placed into positions that involve privacy issues are required to receive training, reading policies, and sign off that they have read all policies concerning privacy before they begin their assignments. A record of all employee signoffs is maintained.
Violation and Penalties
Violations of privacy policies can result consequences for employees and for the company. For this reason, employees are informed that violation of privacy policies can result in disciplinary action leading up to and including termination of employment and civil and/or criminal prosecution under state laws. Employees assuming responsibilities that involve the protection of private information are required to read and sign off on the corporate statement on violations and penalties before they begin their assignments. Oxdora I tech has maintained a record of these signed employee acknowledgements that the violation/penalties memorandum has been read and understood.