Privacy Policy General | Stan Clark Companies

General Privacy Policy

Who we are

Stan Clark Companies

Latest Update March, 2019

This Privacy Policy describes how personal information is collected, used, shared, and stored by general business software systems within the following companies:

Eskimo Joe's
Eskimo Joe's Clothes
Mexico Joe's
Stan Clark Companies
Eskimo Joe's Promotional Products Group

These companies will collectively be referred to in this policy as "The Companies".

YOUR INFORMATION: WHAT DATA WE COLLECT AND HOW WE COLLECT IT

The purpose of this policy is to regulate and outline the safeguards in place regarding the collection, storage, and use of personal information within general business software systems at The Companies. This policy applies to all employees and all individuals or organizations acting on our behalf.

Personal data may be collected, stored, and used in:

• Our accounting software systems
• Our network file storage systems
• Our enterprise data backup systems
• Our point of sale systems

The Companies operate general business software systems to:

• Collect payments from customers and business partners
• Process payments (refunds) to customers, payments to business partners, and wages to employees
• Manage and protect both financial processes and financial information
• Provide legally required information to state and federal government agencies
• Provide evidence in legal proceedings

The Companies' general business software systems are operated and maintained by:

• The Companies
• Third-party service providers

Each business software system will be assigned to the responsibility of a designated and documented member of The Companies staff. This individual will have responsibility for ensuring the proper, efficient and orderly day to day operation of the CCTV system. All data will be stored securely and access to the data will be restricted to designated members of staff.

We collect Information using the following technologies:

Business software systems store information provided by customers, employees, and business partners. Information is provided through a variety of channels outlined below:

Customers

• In-store register checkout terminals
• In-restaurant checkout terminals (via wait staff)
• Telephone (orders placed by phone)

Business Partners

• Email
• Telephone
• Fax

Scope of Data Collection

The Companies will, in so far as possible, collect only what is absolutely necessary to fulfill the business process served by the information.

Business partners and customers will be notified when data is being collected and what data is being collected. Notifications will be clearly visible/intelligible to members of the public. Notifications should contain the following information:

• the identity of the person or organization collecting the information
• the purposes of the data collection
• details of who to contact regarding the data collected

Data Storage Standards
The Companies will ensure, where possible, that data collected is effective for the purpose intended. The equipment and storage technology will be maintained on a regular basis to ensure the quality of the data and ensure that no malfunction has occurred.

Retaining Information
Data protection legislation requires that images are not retained for longer than is considered necessary. Unless images are required for law enforcement purposes or legal proceedings, they will not be retained beyond a maximum of 7 years. A seven year data retention duration is required to comply with tax auditing policies in the US. To protect the security of the business software system, a number of technical and organizational measures have been implemented:

• Third-party contractors must enter into an agreement with The Companies that includes non-disclosure and confidentiality clauses
• Third-party contractors and their staff must be properly licensed
• Access rights to users of general business data are granted only where it is strictly necessary

HOW DO WE USE YOUR PERSONAL INFORMATION?

Access to Data
All access to data will be confined to authorized personnel and documented by a designated member of staff.

Access by Data Owners (Owner Access Request)
Under Data Protection legislation an individual has a right to access information held by The Companies, including data submitted for general business purposes. All requests should be made, in writing, to The Companies.

Access Requests from Law Enforcement
Law enforcement officers are entitled to view personal data on individuals, if it is for the following purposes:

• for the prevention and detection of crime
• for the prosecution of offenders
• when required urgently to prevent injury or other damage to welfare of the person or serious loss or damage to property
• when required under an order of the Court or any other enactment

New Systems
Before The Companies install or upgrade any new or existing general business software systems, a documented privacy impact assessment is necessary where deemed appropriate. This will include:

• intended purposes of the general business software system
• justification
• benefits
• proportionality of installation

CHANGES

We may update this privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.

CONTACT US

Data Protection Contact Details
For all inquiries relating to Data Protection you can contact The Companies at: https://stanclarkcompanies.com/privacy-request-form/

WEB SITE OWNED AND OPERATED BY:

Stan Clark Companies · PO BOX 729 · Stillwater, OK 74076 · USA