No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All OPT-IN requests include text messaging originator opt-in data and consent; this information will not be shared with third parties.

DATA PRIVACY POLICY

1. INTRODUCTION

1.1 Purpose

This Data Privacy Policy ("Policy") establishes how YOUR EMPLOYER ("we," "us," or "our") collects, uses, discloses, transfers, stores, retains, and protects personal information.

1.2 Scope

This Policy applies to all personal information processed by us, regardless of the medium on which that information is stored or whether it relates to past or present employees, workers, customers, clients, suppliers, website users, or any other data subject.

1.3 Policy Statement

We are committed to protecting the rights and freedoms of data subjects and safely processing their data in accordance with all of our legal obligations.

2. DEFINITIONS

Personal Data: Any information relating to an identified or identifiable natural person ('data subject').

Data Controller: The entity that determines the purposes and means of the processing of personal data.

Data Processor: The entity that processes data on behalf of the Data Controller.

Processing: Any operation performed on personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination, restriction, erasure, or destruction.

Data Subject: The identified or identifiable individual to whom personal data relates.

3. DATA COLLECTION

3.1 Types of Information We Collect

We may collect the following categories of personal information:

• Identity      Information: Name, username, employee ID, title, date of birth, and      other identifiers.

• Contact      Information: Email address, telephone numbers, postal address, and      other contact details.

• Technical      Data: IP address, login data, browser type and version, time zone      setting, browser plug-in types and versions, operating system and      platform, and other technology on the devices used to access our systems.

• Usage      Data: Information about how users use our website, products, and      services.

• Marketing      and Communications Data: Preferences in receiving marketing and      communications.

• Financial      Data: Payment information, purchase history, credit information.

• Special      Categories of Personal Data: Information about health, biometric data,      racial or ethnic origin, political opinions, religious beliefs, or      criminal records (collected only when necessary and with explicit consent      or as required by law).

3.2 Methods of Collection

We collect personal information through:

• Direct      interactions with data subjects

• Automated      technologies or interactions

• Third      parties or publicly available sources

• Cookies      and similar tracking technologies

3.3 Lawful Basis for Processing

We will only process personal data where we have a lawful basis to do so:

• Consent      of the data subject

• Performance      of a contract

• Compliance      with a legal obligation

• Protection      of vital interests

• Performance      of a task carried out in the public interest

• Legitimate      interests pursued by the controller or a third party

4. USE OF PERSONAL INFORMATION

4.1 Purposes for Processing

We may use personal information for:

• Providing      and managing services or products

• Processing      and fulfilling orders

• Managing      customer relationships

• Personalizing      user experience

• Marketing      and promotional activities

• Improving      our products, services, and website

• Detecting      fraud and ensuring security

• Compliance      with legal obligations

• Employee      administration and management

• Business      analytics and research

4.2 Marketing Communications

We may send marketing communications to customers and prospects where:

• They      have provided explicit consent

• They      are existing customers and the marketing relates to similar products or      services

• The      marketing is conducted in a business-to-business context where appropriate

All marketing communications will include an option to opt-out of future communications.

5. DATA SHARING AND DISCLOSURE

5.1 Categories of Recipients

We may share personal information with:

• Service      providers and processors acting on our behalf

• Professional      advisors (lawyers, bankers, auditors, insurers)

• Regulatory      authorities, government agencies, law enforcement

• Business      partners for joint offerings

• Purchasers      or potential purchasers of our business

• Other      third parties with the data subject's consent

5.2 International Transfers

When we transfer personal data outside the country of collection, we ensure adequate safeguards are in place through:

• Data      transfer agreements incorporating standard contractual clauses

• Adherence      to recognized frameworks (e.g., EU-US Privacy Shield, where applicable)

• Binding      corporate rules for intra-group transfers

• Explicit      consent from the data subject

• Necessity      for contract performance or conclusion

6. DATA SECURITY

6.1 Security Measures

We implement appropriate technical and organizational measures to protect personal data, including:

• Encryption      of personal data where appropriate

• Ability      to ensure ongoing confidentiality, integrity, availability, and resilience      of processing systems

• Regular      testing and evaluation of security measures

• Regular      backups and protocols for restoring access to personal data

• Access      controls and authorization procedures

6.2 Data Breach Response

In the event of a data breach that poses a risk to the rights and freedoms of individuals, we will:

• Notify      the relevant supervisory authority without undue delay and within 72      hours, if feasible

• Notify      affected data subjects when the breach is likely to result in a high risk      to their rights and freedoms

• Document      all breaches including facts, effects, and remedial action taken

7. DATA RETENTION

7.1 Retention Periods

We retain personal data only for as long as necessary for the purposes for which it was collected, including:

• Satisfaction      of legal, accounting, or reporting requirements

• Enforcement      of our agreements

• Resolution      of disputes

• Protection      against legal claims

Specific retention periods are defined in our internal data retention schedule.

7.2 Destruction of Data

After the retention period expires, personal data will be securely deleted or anonymized unless further retention is required by law.

8. DATA SUBJECT RIGHTS

8.1 Rights of Data Subjects

Data subjects have the following rights regarding their personal data:

• Right      to be informed about the collection and use of their personal data

• Right      of access to their personal data

• Right      to rectification of inaccurate personal data

• Right      to erasure (the "right to be forgotten")

• Right      to restrict processing of their personal data

• Right      to data portability to obtain and reuse their personal data

• Right      to object to processing based on legitimate interests or direct      marketing

• Rights      related to automated decision making and profiling

8.2 Exercising Rights

To exercise any of these rights, data subjects may contact our Data Protection Officer or Privacy Team at YOUR COMPANY HR EMAIL. We will respond to requests within [30] days unless complexity requires an extension.

9. COOKIES AND TRACKING TECHNOLOGIES

9.1 Use of Cookies

Our website uses cookies and similar tracking technologies to distinguish users and improve our website. Types of cookies we use include:

• Strictly      necessary cookies

• Performance      cookies

• Functionality      cookies

• Targeting      cookies

9.2 Cookie Control

Users can control cookies through their browser settings and our cookie consent tool. Blocking certain cookies may impact website functionality.

10. CHILDREN'S PRIVACY

We do not knowingly collect personal information from children under the age of [13/16/18, depending on jurisdiction]. If we discover we have collected personal information from a child, we will promptly delete that information.

11. THIRD-PARTY WEBSITES

Our website may contain links to third-party websites. This Privacy Policy does not apply to third-party websites, and we are not responsible for the privacy practices of such sites.

12. GOVERNANCE

12.1 Data Protection Officer

We have appointed a Data Protection Officer (DPO) responsible for overseeing questions regarding this Policy. Contact details for the DPO: YOUR COMPANY HR EMAIL

12.2 Employee Training

All employees who access personal data receive regular training on data protection principles and requirements.

12.3 Privacy by Design

We integrate data protection considerations into our business operations through Privacy by Design and Privacy Impact Assessments.

13. CHANGES TO THIS POLICY

We may update this Policy from time to time. Material changes will be notified to data subjects by email or through a notice on our website.

14. CONTACT INFORMATION

Questions, comments, and requests regarding this Data Privacy Policy should be addressed to:

YOUR EMPLOYER Attn: YOUR COMPANY HR EMAIL

15. EFFECTIVE DATE

This Policy is effective as of your employment date.