1. Overview and Scope
This policy and supporting procedures cover the privacy of all data collected by PlusPlus in its interaction with individuals in its business operations.
2. Roles and Responsibilities
The following roles and responsibilities are to be developed and subsequently assigned to authorized personnel within PlusPlus regarding privacy practices:
- Chief Privacy Officer: Responsibilities include providing overall direction, guidance, leadership, and support on methods and tools for the implementation of a security and privacy-related program. The Chief Privacy Officer will conduct resource and investment planning to implement the management, operational, technical, and privacy requirements of the program.
- Privacy Committee:
Responsibilities include approving and monitoring adherence to this policy, analyzing the organization’s environment, and the legal requirements with which it must comply. Additional responsibilities include:
- Execute the privacy operations of the firm, including monitoring the system used to solicit, evaluate, and respond to individual privacy complaints and problems
- Evaluate implemented privacy controls;
- Assessing existing policies and procedures that address privacy areas;
- Working with appropriate departments to ensure compliance with privacy policies and procedures
- Recommending and monitoring, in conjunction with the relevant departments, the development of internal systems and controls to carry out the organization’s privacy objectives;
- Report to the Chief Privacy Officer on the effectiveness of the privacy controls/program in meeting applicable regulatory requirements and standards.
3. Personal Information
“Personal Information,” as used in this policy, is information that specifically identifies an individual, such as an individual’s name, social security number, telephone number, or e-mail address. Personal information also includes information about an individual’s activities, such as information about his or her activity on the Site or credit history, and demographic information, such as date of birth, gender, address, geographic area, and preferences, when any of this information is linked to personal information that identifies that individual.
Personal information does not include “aggregate” or other non-personally identifiable information. Aggregate information is information that we collect about a group or category of products, services, or users that is not personally identifiable or from which individual identities are removed. We may use and disclose aggregate information, and other non-personally identifiable information, for various purposes.
4. Collection of Information
4.1. Passive Information Collection
When you use the Service, some information may be automatically collected, such as your IP address, browser type, system type, the content and pages that you access on the Site, “referring URL” (i.e., the page from which you navigated to the Site), the pages you navigate to on the Site, and from which you leave the Site, as well as the time you spend on the Site.
We collect this information passively using technologies such as standard server logs, cookies, and clear GIFs (also known as “Web beacons”). We use passively-collected information to administer, operate, and improve the Site and our other services and systems, and to provide services and content that are tailored to you. If we link or associate any information gathered through passive means with personal information, we treat the combined information as personal information under this policy. Otherwise, we use information collected by passive means in a non-personally identifiable form only.
Also, please be aware that third parties may set cookies on your hard drive or use other means of passively collecting information about your use of their services or content. We do not have access to, or control over, these third-party means of passive data collection.
4.2. Collection of Voluntarily Provided Information
4.3. Information from Other Sources
5. Use of Personal Information
6. Disclosure of Personal Information
For your convenience, the Site may contain links to other Web sites, products, or services that we do not own or operate. If you choose to visit or use any third-party products or services, please be aware that this policy will not apply to your activities or any information you disclose while using third-party products or services or otherwise interacting with third parties.
10. International Visitors
12. Updates to This Policy
13. Contacting Us
14. Policy Administration
14.1. Ownership and Review
The Policy Owner owns this Policy and is responsible for reviewing the Policy for updates annually, or following major changes to PlusPlus’s compliance environment. The Policy Approver retains approving authority over this Policy.
14.2. Monitoring and Enforcement
14.3. Related Documents
- Information Security Policy
- Data Protection and Handling Policy
Last updated: December 3rd, 2021 at 17:55:36