|
|
|
|
| Chapter 11: Personal Data Protection | ||
|
1. Introduction |
3. Standards |
5. Data Quality |
|||
|
9. Openness |
12.Monitoring |
||||
Personal data of employees and customers is collected, transferred, and stored throughout True Value. In order to protect the privacy rights of those individuals and to reduce the risk of misuse of that information, proper care must be taken. This policy provides international guidelines for personal data protection.
Data is considered "personal" if it is unique to an individual or company, such as name, address, telephone number, credit card number, birth date, etc.
All personal data of employees, members, customers, etc. must be obtained, processed, and protected in accordance with the standards outlined in this policy. In addition, employees must comply with any current or future privacy laws found in their resident countries.
All data systems remain the property of True Value Company. There is no personal right of privacy maintained for any electronic equipment assigned to employees or the data stored on or created by that equipment. True Value Company reserves the right to access and review any data retained or transmitted by its systems without prior notice, and disclose any information obtained to appropriate parties.
There should be limits to the collection of personal data and any such data should be obtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.
Personal data should be relevant to the purposes for which they are to be used, and, to the extent necessary for those purposes, should be accurate, complete and kept up-to-date.
The purposes for which personal data is collected should be specified at the time of collection.
Personal data should not be disclosed, made available or otherwise used for purposes other than those specified at the time of collection, except:
Personal data should be protected by reasonable security safeguards against such risks as loss or unauthorized access, destruction, use, modification or disclosure of data.
There should be a general policy of openness about developments, practices, and policies with respect to personal data. Means should be readily available for establishing the existence and nature of personal data, and the main purposes of its use, as well as the identity and location of the person responsible for safeguarding the data.
All employees, members and customers have the right to:
• within a reasonable time
• at a charge, if any, that is not excessive
• in a reasonable manner, and
• in a form that is readily intelligible to him/her
The person(s) responsible for collecting, transferring, and storing personal data should be held accountable for complying with the principles stated in the above standards.
All data systems remain the property of True Value Company. There is no personal right of privacy maintained for any electronic equipment assigned to employees or the data stored on or created by that equipment. True Value reserves the right to access and review any data retained or transmitted by its systems without prior notice, and disclose any information obtained to appropriate parties in compliance with applicable privacy laws and regulations.
Privacy Act 1074
HIPPA Act
Sarbanes-Oxley Act 2001
California SB – 1386
|
|
|
|