This Policy Document encompasses all aspects of service organizational control. It is confidential company information and must be distributed to all company employees using pull method of communication. All company employees must read this document and be aware of the possible responsibilities that derived for it. This document will be reviewed and updated by Leadership on an annual basis or when relevant to include newly developed security standards into the policy and distribute it all employees and contracts as applicable.
This policy is applicable for every customer using SP Services.
3. DESCRIPTION OF DATA POLICY
Service Pro .Net Inc. is a “Software as a service” (SaaS) provider that offers a cloud-based web application for Service Industry businesses. Pest Control, Lawncare, Landscaping, Tree / Arbor care are examples of some of the industries that we serve. Servsuite is the name of the online web-based application. Service Organizations subscribe to Servsuite to handle Scheduling, Routing, Invoicing, and many other functions that are necessary to running a Service Organization. Service Organizations are given unique logins with secure passwords to log into the Servsuite web application. The application is locked down so that only users with valid logins can see their assigned Organization’s data. User Roles are assigned to each Login to limit the scope of accessible data on a per user basis. The Administrator for the Service Organization maintains the user logins, the security roles, and the assignment of the role to the user. Servsuite utilizes 3 distinct sets of personal data: 1.
Employee HR Data
. This data is used only by the Service Organization (SO) and is not sent to any third party organizations. It is the responsibility of the SO to maintain, correct, and remove all SO Employee Data. The data that is stored per employee is intended strictly for HR purposes. Name, Address, Phone Number, Email, and related traditional HR data. Servsuite does not track information related to lifestyle preferences, sexual orientation, religious beliefs, or any other social attribute. For a list of specific data fields stored on the SO Employee, please review the “Servsuite Employee Fields Addendum 1” document. 2.
End Customer Data
. The End Customer (EC) is the entity that contracts with the SO to have services performed at the EC location. It is the responsibility of the SO to maintain, correct, and remove all EC data stored within Servsuite. The purpose of this information is to supply the SO with minimum required data to perform services at the EC’s location. Servsuite does not track information related to lifestyle preferences, sexual orientation, religious beliefs, or any other social attribute. For a list of data stored on the EC, please review the “Servsuite Account Fields Addendum 2” document.
3. End Customer Data sent to Third Parties for Enhanced Services.
a. Address Validation
- - Street Name
- - Street Number
- - City
- - State / Province / Territory
- - Postal Code, Postal Code Extended
- - Country
b. Phone / SMS service prenotification
- - Phone number
- - Service Name
- - Service Date / Time
c. Google Maps
- - Street Name
- - Street Number
- - City
- - State / Province / Territory
- - Postal Code, Postal Code Extended
- - Country
3.1 Statement of Privacy Shield Notice
- - Employee Info: Privacy Shield - Servsuite Employee Fields Addendum 1
- - Homeowner / Business Info: Privacy Shield - Servsuite Account Fields Addendum 2
Service Pro.Net software solution called Servsuite is a pest management software, providing features for management, invoicing , reporting, scheduling and routing. We use HR data mostly from clients to make features such as routing, invoicing and reporting available to all our users and their customers a possibility to exploit SerSuite in full capacity.Personal data is collected only for the use of the Service Organization (SO) that subscribes to ServSuite, and optionally for third party services that the customer agrees to in order to provide enhanced services. Personal data is not collected for any other purpose. Service Pro .Net does not store Personal Data on its own behalf or for any purpose of its own. Service Pro .Net Inc. can be contacted at firstname.lastname@example.org , or by phone: +1 614-874-4300. The personal data is collected so that the users on a different level can be contacted and managed easily by their team leads providing sufficient information about their clients, services purchased as well as routes that needs to be covered during the day. All the data is available only for the clients using ServSuite who has agreed to share their personal data. We do not disclose any information to any third parties that is not previously agreed upon. Usually the third parties such as payment operators needs to be included in the chain so that all payments to all of our customers can be directly placed and managed by the application provided. Such informations can be used for financial reporting within the company which is using Servsuite application. Third parties are used strictly for enhanced functionality of the Servsuite Web App. These enhanced features can be disabled by the Service Organization on a per customer basis. Every user/individual has the right to access their personal data. To do so, an individual should contact the branch manager of the Service Organization that they belong to for access. Every User has the right to the following regarding their Personal Information transferred to Service Pro .Net :
- 1. To know the types of Personal Information Service Pro Inc. collects;
- 2. To know the purposes for which it collects and uses your Personal Information;
- 3. To know type or identity of third parties to which Service Pro .Net discloses your Personal Information, and the purposes for which it does so;
- 4. To access and update your Personal Informaionl; and
- 5. To know the choices and means Service Pro .Net's offers you for limiting the use and disclosure of your Personal Information.
Service Pro .Net Inc discloses personal data to third parties only for the use of enhanced services agreed to by the customer, and does not use personal data for a purpose materially different than the purpose for which it was originally collected. Service Pro .Net Inc does not act as an agent to perform tasks on behalf of the organization in regards to the use of personal data. Service Pro .Net Inc does not collect personal information related to medical conditions, racial or ethnic origin, political opinion, religious, philosophical beliefs, trade union memberships, or specifying the sex life of an individual. All personal information collected in Servsuite will be treated as sensitive.
3.3 Accountability for onward transfer
Service Pro.Net will comply with the Notice and Choice Principles. Service Pro .NET will enter into a contract with the third-party controller that provides that such data may only be processed for limited and specified purposes consistent with the consent provided by the individual and that the recipient will provide the same level of protection as the Principles and will notify Service Pro.Net if it makes a determination that it can no longer meet this obligation. The contract shall provide that when such a determination is made the third party controller ceases processing or takes other reasonable and appropriate steps to remediate. Service Pro .Net Inc. will:
- - transfer such data only for limited and specified purposes;
- - ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Principles;
- - take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with the organization’s obligations under the Principles;
- - require the agent to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles;
- - take reasonable and appropriate steps to stop and remediate unauthorized processing; and
- - provide a summary or a representative copy of the relevant privacy provisions of its contract with that agent to the Department upon request.
3. 4. Security
Service Pro .Net Inc. will take reasonable and appropriate measures to protect personal information from loss, misuse and unauthorized access, disclosure, alteration and destruction, taking into due account the risks involved in the processing and the nature of the personal data.
3.5 Data Integrity and Purpose Limitation
Consistent with the Principles, personal information will be limited to the information that is relevant for the purposes of processing. Service Pro .Net Inc. will not process personal information in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual. To the extent necessary for those purposes, Service Pro .Net Inc will take reasonable steps to ensure that personal data is reliable for its intended use, accurate, complete, and current. An organization must adhere to the Principles for as long as it retains such information. Information will be retained in a form identifying or making identifiable the individual only for as long as it serves a purpose of processing within the meaning of 5a. This obligation does not prevent Service Pro .Net Inc. from processing personal information for longer periods for the time and to the extent such processing reasonably serves the purposes of archiving in the public interest, journalism, literature and art, scientific or historical research, and statistical analysis. In these cases, such processing shall be subject to the other Principles and provisions of the Framework. Service Pro .Net Inc. will take reasonable and appropriate measures in complying with this provision.
Individuals will have access to personal information about them that Service Pro .Net Inc. holds, and will be able to correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual’s privacy in the case in question, or where the rights of persons other than the individual would be violated. It is the responsibility of the Service Organization to make the requested corrections and deletions.
3.7 Recourse, Enforcement, and Liability
Effective privacy protection must include robust mechanisms for assuring compliance with the Principles, recourse for individuals who are affected by non-compliance with the Principles, and consequences for the organization when the Principles are not followed. At a minimum such mechanisms must include:
- - readily available independent recourse mechanism by which each individual’s complaints and disputes are investigated and expeditiously resolved at no cost to the individual and by reference to the Principles, and damages awarded where the applicable law or private-sector initiatives so provide;
- - follow-up procedures for verifying that the attestations and assertions organizations make about their privacy practices are true and that privacy practices have been implemented as presented and, in particular, with regard to cases of non-compliance; and
- - presented and, in particular, with regard to cases of non-compliance; and
- - obligations to remedy problems arising out of failure to comply with the Principles by organizations announcing their adherence to them and consequences for such organizations. Sanctions must be sufficiently rigorous to ensure compliance by organizations.
In compliance with the Privacy Shield Principles, Service Pro .Net Inc commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Service Pro .Net Inc at: e-mail: privacyteam@ servsuite.net phone: +1 614-874-4300. Service Pro .Net Inc has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship.
3.9 Privacy Shield Complaints
In compliance with the Privacy Shield Principles, Service Pro .Net Inc commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Service Pro .Net Inc at: e-mail: privacyteam @servsuite.net phone: +1 614-874-4300. Service Pro .Net Inc has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship.
4.1 ServicePro .Net communications
As a subscriber to ServicePro .Net, you will receive emails from us including, but not limited to, our regular informational bulletins and the occasional service update. Recipients may ‘unsubscribe’ at the bottom of said emails to stop receiving them. Commercial partners, and anyone who once attended a ServicePro .Net event may choose to opt-in or out of such communication by contacting us via email or telephone at any time. ServicePro .Net occasionally receives non-member data through networking events and adds this information, if relevant, into our prospective customer database. ServicePro .Net will never sell, share, or lease the personal data we collect with any third parties unless we have explicit permission, or are required to do so by law. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard all information collected. Where ServicePro .Net or any of its members enable password protected access - you, the customer, are solely responsible for keeping this password confidential. We ask you not to share your password with anyone at any time. You have a right to complain to email@example.com if you feel there is a problem with the way ServicePro .Net is handling or communicating your privacy data.
4.3 Links to other websites
Our website may contain links to other websites. However, once you leave our site, we do not have any control over your activity or data. Therefore, we cannot be responsible for the protection and privacy of any information you provide. You should exercise caution and look at the privacy statement applicable to the website in question as this policy will no longer apply.
4.4 ServicePro .Net terms and conditions