33 SYSTEMS INC, d/b/a 33HelpME, is a Florida Corporation, hereinafter known as "33 SYSTEMS INC". 33 SYSTEMS INC is committed to protecting the privacy of our customers' data. A customer collectively refers to school districts, individual schools, or students attending schools, or employees, or volunteers, or parent/guardians or vendors or visitors of any district and/or school that use 33 SYSTEMS INC's 33HelpME Software Application.
1. Commitment to Customer Data Privacy
- 33 SYSTEMS INC is committed to safeguarding our customers' data by adhering to relevant data privacy laws and regulations and contractual commitments to our customers.
2. This Policy Applies to 33 SYSTEMS INC Customers
- This policy applies to the services and products offered by 33 SYSTEMS INC and binds all our employees. This policy refers to data from our Customers or the students, employees, volunteers, parent/guardians, visitors and vendors of our Customers and in this policy, we may refer to this group of individuals as "you", or "Customers".
3. What Information Is Collected And How Is It Collected?
- 33 SYSTEMS INC collects customer data about you when you purchase, use or benefit from 33 SYSTEMS INC's services or products.
- "Data" includes information that will allow someone to identify or contact you, including, for example, your full name, address, telephone number or email address.
- Data also includes aggregated data or data that, by itself, does not permit the identification of individual persons, such as statistics on the number of people visiting the 33 SYSTEMS INC website each month.
- You provide certain data to 33 SYSTEMS INC when, for example, you: (a) call our technical support; (b) contact us to receive security consultancy and security services; (c) order services and products from 33 SYSTEMS INC websites; (d) submit forms through our web sites; (e) access services through a downloadable electronic application for mobile devices ("App"); or (f) make inquiries, requests or complaints.
- Subject to your agreement to the applicable terms and conditions, you may access services through the 33 SYSTEMS INC application, including security information and other services which may be added by 33 SYSTEMS INC from time to time.
- The 33 SYSTEMS INC application provides information, including your or your organization's 33 SYSTEMS INC Customer Number as well as the email address of your mobile device. To enable location-specific services, the App also collects and divulges your location. The App also periodically provides information concerning your usage of particular 33 SYSTEMS INC's application features.
- When you choose to pay for 33 SYSTEMS INC services or products by credit card directly from the 33 SYSTEMS INC website, you will be required to provide the name on the credit card, credit card number, expiration date and other security information. When you choose to pay for 33 SYSTEMS INC services or products by other means, we may ask you for your credit card details, contact details and bank account details, if needed.
- You also provide information to us when you choose to email data to us or you participate in marketing and sales initiatives. 33 SYSTEMS INC will only gather data that is relevant for the purposes for which it will be used and will not gather excessive or unnecessary data. 33 SYSTEMS INC shall take reasonable steps to ensure that data is reliable, accurate, complete, and current, bearing in mind its intended use. You have a responsibility to keep the data you provide to us updated, and we will take reasonable steps to facilitate this.
- For a complete list of Data used in 33 SYSTEMS INC's 33HelpME Software Application, please contact 33 SYSTEMS INC contactus@33systems.net
- Data is primarily provided by the district/school in order to use 33 SYSTEMS INC's 33HelpME Software Application. Some data is collected when a) students and/or adults use 33HelpME; b) log into the 33 HelpME web site www.33helpme.net and c) purchase products or supplies from 33 SYSTEMS INC or by contacting 33 SYSTEMS INC by phone or email.
4. Data Access And Maintenance
- 33 SYSTEMS INC provides data access to only active and paid subscription customers. Customers can only access data for their district and/or school. The customer's data is available and active through a SSL secure web login process with secret passwords.
- On servers hosted by 33 SYSTEMS INC and used by the Customer, 33 SYSTEMS INC has responsibility to maintain the Customer's data, including data backups. Full backups are done daily. Data "snapshots" are done throughout the day.
- Customers are responsible for a) keeping all passwords secret; b) all data management and data security held on the Customer supplied computers used at the schools to check adults and/or students in and out. This includes all Customer data held in 33 SYSTEMS INC's 33HelpME "client" software application installed on the Customer supplied computers. It is Customer's responsibility for all updates, upgrades, anti-virus security, windows updates/patches and network connections, and Internet access connections. Customer agrees to provide 33 SYSTEMS INC with remote access to the Customer check in/out computers (Client), if needed.
- Customers are responsible for a) keeping all passwords secret; b) all data management and data security held on the Customer supplied computers used at the schools to check adults and/or students in and out. This includes all Customer data held in 33 SYSTEMS INC's 33HelpME "client" software application installed on the Customer supplied computers. It is Customer's responsibility for all updates, upgrades, anti-virus security, windows updates/patches and network connections, and Internet access connections. Customer agrees to provide 33 SYSTEMS INC with remote access to the Customer check in/out computers (Client), if needed.
5. Termination Of Services
- Should 33 SYSTEMS INC terminate Customer services and/or the Customer terminates services with 33 SYSTEMS INC, then the Customer will no longer be able to log in and create and/or run any reports or view data, delete data or edit data. Customer agrees to discontinue using 33 SYSTEMS INC's 33 HelpME "client" software application and to delete and remove 33 SYSTEMS INC's 33 HelpME "client" software application installed on any Customer computers and/or devices (i.e. tablets, smart phones, etc...).
- Data will be held in the 33 SYSTEMS INC active database for 90 to 180 days after termination of services. Once 33 SYSTEMS INC removes the Customer's data from the 33 SYSTEMS INC active database, the Customer's data will be moved to an off-line inactive database and held for two (2) years. After two (2) years, Customer's data will be archived to a zip password protected storage.
- If after termination of services, a Customer has a need to access Customer's data, then Customer can submit a written request for such access. Customer's request must provide specific details regarding the data requested. 33 SYSTEMS INC, if possible, will provide results in a standard 33 SYSTEMS INC 33 HelpME report. Districts and/or Schools will be charged a reasonable expired data access fee. The expired data access fee must be paid prior to release of any data
6. Access / Sale / Share Of Customer Data ---- 33 SYSTEMS INC will not:
- Allow access to Customer data by any third party
- Sell and/or trade Customer data to any third party
- Share Customer data with any third party.
7. Acceptance and Links to other Websites
- This 33 SYSTEMS INC website may contain links to other websites, which are provided solely as a convenience to you and not as an endorsement by 33 SYSTEMS INC to other web sites' content. The other web sites may have their own policies, which 33 SYSTEMS INC does not control, and thus are not addressed or controlled by 33 SYSTEMS INC Data Privacy Policy.
8. Cookies
- A cookie is a piece of data stored on your hard drive containing information about you. 33 SYSTEMS INC uses cookies in order to identify a user session, but usage of a cookie is in no way linked to any personally identifiable information while on 33 SYSTEMS INC's websites. 33 SYSTEMS INC also uses 'analytical cookies'. These allow us to recognize and count the number of visitors logging into our web site and to see how visitors move around the site when they are using it. This helps us make sure sites are meeting users' needs and to find out how we can improve. The analytical cookies do not capture any personally identifiable information. Most browsers are initially set up to accept cookies. Though most cookies expire after a certain period of time, you can choose to delete a cookie file at any time. You can do so by resetting your browser to refuse all cookies or to indicate to you when a cookie is sent. However, some 33 SYSTEMS INC features or services may not function properly without cookies. This privacy statement covers the use of cookies by the 33 SYSTEMS INC site only and does not cover the use of cookies by anyone else.
9. How Data Will Be Used
- 33 SYSTEMS INC uses the Customer's data to primarily track when people use the 33 HelpME Panic Alert Application at a school. This is done to enhance Customer's school security.
- 33 SYSTEMS INC will use the Customer's data to provide you with services and products that: (a) you purchase; (b) are purchased by your employer; (c) are purchased by an association or institution (including an educational institution) of which you are an employee or a member.
The data collected from the 33 SYSTEMS INC's 33 HelpME software application enables 33 SYSTEMS INC to provide better and more relevant Customer services. Location information collected is used to provide security alerts and other security information. The information is used to help 33 SYSTEMS INC better understand how you make use of 33 SYSTEMS INC's 33 HelpME software application in order to make improvements to it.
10. How Customers Can Correct Inaccuracies in The Data?
- You can review Customer data by logging into www.33helpme.net with your user name and password to access your data. Customers can add, edit and/or delete their data.
11. 33 SYSTEMS INC's Security Procedures Used To Protect Customer's Data
- 33 SYSTEMS INC takes precautions to protect its Customer's information. 33 SYSTEMS INC has implemented policies that forbid its employees from using or disclosing Customer data in an inappropriate or unlawful manner. 33 SYSTEMS INC maintains security measures to safeguard Customer data from unauthorized access, misuse, alteration, loss or destruction.
12. Information Collected By Electronic Means
- When Customer provides 33 SYSTEMS INC with data through online forms and other electronic methods, the data is protected using industry-standard encryption. All 33 SYSTEMS INC employees are required to follow this Data Privacy Policy. Our Data Privacy Policy is periodically reviewed and updated because the information security landscape is in a constant state of flux. All employees are required to sign an employee confidentiality agreement. Employees also have confidentiality obligations in their terms of employment with 33 SYSTEMS INC.
13. Security of Premises and Other Physical Security Measures
- Physical access to all 33 SYSTEMS INC offices and server hosting offices are security controlled, which include locks that are opened by keys and/or by using security cards and/or security card readers that record the identity of employees and visitors entering or leaving the facilities.
- Information systems containing sensitive information and communications equipment are placed in secure areas and protected by additional physical security measures that permit access only to the employees who need access, operational processes, environmental controls and fire detection and suppression systems to safeguard against accidental loss, theft or unauthorized removal, misuse, damage or unauthorized access.
14. Security Against Unauthorized Electronic Access and Viruses
- All gateways to the Internet are firewall protected, and access to both internal and external networks are restricted and controlled.
- All servers are hardened based on security hardening standards to protect against network threats.
- Endpoint security is constantly being review to protect the network against unauthorized access, data loss or destruction.
- Access to computer services and information is on a "roles and responsibility" basis and is restricted and controlled based on business requirements to reduce the risks associated with misuse, such as alteration, destruction and unauthorized dissemination of data.
- Access to information services is through a secure login process with a unique identifier.
- User access to our management system and essential network services are controlled using a user rights management system that utilizes employees' roles in assigning user access rights, especially to the case management system.
- Access to information services is through a secure login process with a unique identifier.
- All remote access is given on a needs basis and is via a two-factor authentication mechanism.
- Mobile devices have password policy controls, and remote device hardware reset features enabled to protect against lost or stolen devices.
- Before being approved, changes to production systems and network follow a change management process flow to ensure that changes are assessed for risk and operational impacts.
- Critical servers are scanned using network and system vulnerability scanners.
- Web applications are also scanned by automated penetration tools for application level security vulnerabilities that may be susceptible to hacking.
- External vulnerability scanning on our Internet facing sites are performed to ensure that these sites are secure. This is done using in-house vulnerability scanning tools and third party services.
- Penetration tests are also performed on our key Internet applications prior to production or major upgrades.
- 33 SYSTEMS INC engages external consultants to conduct security review of our environment. These reviews help us to understand the security gaps and ensure that our infrastructure and applications are able to meet and mitigate new network and Internet security threats and risks.
15. Changes to this Statement
- 33 SYSTEMS INC reserves the right to change this policy at any time by notifying users through its website of the existence of a new or amended Data Privacy Policy. These policies are not intended to and do not create any contractual or other legal rights.