Corporate Privacy Policy for Cryoshift Franchise, LLC 8/20/2018 - CRYOSHIFT

Corporate Privacy Policy for Cryoshift Franchise, LLC 8/20/2018

Purpose
To protect the privacy and Personally Identifiable Information (PII) of Cryoshift Franchise, LLC (Cryoshift) customers and employees.

 

Scope
Cryoshift’s privacy policy governs the principles and practices Cryoshift follows with respect to the collection, use, sharing and securing of personal information processed by Cryoshift.

 

Definitions
Customer – a company or individual who has entered into a business relationship to purchase goods and/or services from Cryoshift.
Individual – The person whose data Cryoshift has processed using the Cryoshift website or other tool.
Personally Identifiable Information ‐ (PII) is any data that could potentially identify a specific individual. Any information that can be used to distinguish one person from another and can be used for de‐ anonymizing anonymous data can be considered PII.

 

Accountability
Cryoshift, its employees and contractors take responsibility for PII in accordance with Cryoshift policies and standards. Cryoshift Privacy Officer is responsible for defining the requirements of this policy.
Cryoshift’s Information Security Officer is responsible for implementing and maintaining appropriate controls and measures to enable compliance.
Cryoshift trains its employees with respect to its privacy policy and practices.

 

Notice, Choice and Consent
Cryoshift provides notice as to the purposes for which PII is collected, used, retained and disclosed. Unless required by law, Cryoshift shall not use or disclose personal information for any purpose other than the purpose for which it was originally collected without first identifying and documenting the new purpose and obtaining the appropriate consent.

 

Collection and Use
Cryoshift does not collect data indiscriminately. Cryoshift collects PII only for the purposes of providing and promoting services we offer and limits use to those purposes, including initiating, maintaining, enhancing and terminating the employee‐employer relationship. PII shall be collected by fair and lawful means, and not misleading or deceiving individuals about the purpose for which information is collected. Cryoshift may also collect PII from other sources either with the consent of the individual or where permitted or required by law. Examples of indirect sources of PII include background checks, employers or personal references.

 

Retention and Disposal
Cryoshift retains PII only as long as necessary to fulfill the stated purposes or al legally required and thereafter appropriately disposes of such information. Cryoshift will specify the minimum and maximum Corporate Privacy Policy for Cryoshift Franchise, LLC 8/20/2018 pg. 2 Proprietary and Confidential ©2018; Doc #6.11 retention periods for the various records containing PII. When PII is no longer necessary or relevant for the identified purpose or to fulfill a legal or business requirement, it shall be securely destroyed. Cryoshift will either physically or electronically erase the PII or make it anonymous in a non‐recoverable manner.

 

Access
Unless Cryoshift is permitted or required by law to prohibit access, Cryoshift makes PII available for review and updating, either directly through self‐service features or through a direct request of access.

 

Sharing
Cryoshift does not use or disclose PII for purposes other than those for which it is collected, unless required by law. Cryoshift does not sell any PII to third parties for marketing or any other commercial purposes.

 

Safeguards
Cryoshift has implemented policies, procedures and practices to protect PII. Cryoshift protects PII using recognized industry standard security safeguards appropriate to the sensitivity of the information. Cryoshift reviews its security policies and procedures on a regular basis and updates them as needed to maintain their relevance. Cryoshift makes reasonable security arrangements to protect PII in its custody or under its control from and against risks, such as loss or theft, unauthorized access, collection, use, disclosure, copying modification, disposal and destruction. The methods of protection include physical measures, organizational measures and technological measures.

 

Quality
Cryoshift relies on customers and employees to supply Cryoshift with accurate, complete and up‐to‐date information that is relevant to Cryoshift’s services. Individuals are asked to review their records on a regular basis and make the appropriate updates or notify Cryoshift of errors promptly. Cryoshift makes reasonable efforts to maintain the integrity of the data necessary to fulfill the purposes for which the information is to be used.

 

Changes to this Policy
Cryoshift may update this corporate privacy policy to reflect changes to our practices and reserves the right to change its policies at its own discretion without notice.

 

Corporate Privacy Policy for Cryoshift Franchise, LLC 8/20/2018

Revision Date Document Record# Description of Change Approver
6.11.2018.08.28.1.0‐F 8/28/2018 6.11 First Version Vice President