To protect the privacy and Personally Identifiable Information (PII) of Cryoshift Franchise, LLC (Cryoshift) customers and employees.
Customer – a company or individual who has entered into a business relationship to purchase goods and/or services from Cryoshift.
Individual – The person whose data Cryoshift has processed using the Cryoshift website or other tool.
Personally Identifiable Information ‐ (PII) is any data that could potentially identify a specific individual. Any information that can be used to distinguish one person from another and can be used for de‐ anonymizing anonymous data can be considered PII.
Cryoshift, its employees and contractors take responsibility for PII in accordance with Cryoshift policies and standards. Cryoshift Privacy Officer is responsible for defining the requirements of this policy.
Cryoshift’s Information Security Officer is responsible for implementing and maintaining appropriate controls and measures to enable compliance.
Notice, Choice and Consent
Cryoshift provides notice as to the purposes for which PII is collected, used, retained and disclosed. Unless required by law, Cryoshift shall not use or disclose personal information for any purpose other than the purpose for which it was originally collected without first identifying and documenting the new purpose and obtaining the appropriate consent.
Collection and Use
Cryoshift does not collect data indiscriminately. Cryoshift collects PII only for the purposes of providing and promoting services we offer and limits use to those purposes, including initiating, maintaining, enhancing and terminating the employee‐employer relationship. PII shall be collected by fair and lawful means, and not misleading or deceiving individuals about the purpose for which information is collected. Cryoshift may also collect PII from other sources either with the consent of the individual or where permitted or required by law. Examples of indirect sources of PII include background checks, employers or personal references.
Retention and Disposal
Unless Cryoshift is permitted or required by law to prohibit access, Cryoshift makes PII available for review and updating, either directly through self‐service features or through a direct request of access.
Cryoshift does not use or disclose PII for purposes other than those for which it is collected, unless required by law. Cryoshift does not sell any PII to third parties for marketing or any other commercial purposes.
Cryoshift has implemented policies, procedures and practices to protect PII. Cryoshift protects PII using recognized industry standard security safeguards appropriate to the sensitivity of the information. Cryoshift reviews its security policies and procedures on a regular basis and updates them as needed to maintain their relevance. Cryoshift makes reasonable security arrangements to protect PII in its custody or under its control from and against risks, such as loss or theft, unauthorized access, collection, use, disclosure, copying modification, disposal and destruction. The methods of protection include physical measures, organizational measures and technological measures.
Cryoshift relies on customers and employees to supply Cryoshift with accurate, complete and up‐to‐date information that is relevant to Cryoshift’s services. Individuals are asked to review their records on a regular basis and make the appropriate updates or notify Cryoshift of errors promptly. Cryoshift makes reasonable efforts to maintain the integrity of the data necessary to fulfill the purposes for which the information is to be used.
Changes to this Policy
|Revision||Date||Document Record#||Description of Change||Approver|
|6.11.2018.08.28.1.0‐F||8/28/2018||6.11||First Version||Vice President|