Get A Quote

Web designing in a powerful way of just not an only professions. We have tendency to believe the idea that smart looking .

Gallery

Contacts

160 Cidermill Avenue, Unit #9, Concord, ON L4K 4K5
info@greenbee3.com
+1 (416) 855-3300

Privacy Policy

Green Bee 3 > Privacy Policy

Privacy Policy

Policy Description:
Information Sensitivity, Security and Privacy Policy
Policy Content:

Purpose

The Information Sensitivity, Security and Privacy Policy is intended to help our employees, as well as our contractors, vendors and other individuals or business associates (‘Interested Parties’) with whom we do business and where such business may require access to personal or confidential information determine what information can be disclosed to non-employees, as well as the relative sensitivity of information that should not be disclosed outside of Green Bee 3 Inc. (‘Company’) without proper authorization, and to outline the data security and privacy policies to be adhered to.

The information covered in these guidelines includes, but is not limited to, information that is either stored or shared via any means. This includes electronic information, information on paper, and information shared orally or visually (such as telephone and video conferencing).

All Interested Parties should familiarize themselves with this policy. It should be noted that the sensitivity level definitions were created as guidelines and to emphasize common sense steps that you can take to protect Green Bee 3 Inc.’ Confidential Information and client personal information (e.g., Green Bee 3 Inc. Confidential information should not be left unattended in conference rooms, client policies or claims should not be left in a fax machine in public areas, etc.).

Please Note: The impact of these guidelines on daily activity should be minimal.

Ǫuestions about the proper classification of a specific piece of information should be addressed to your manager. Ǫuestions about these guidelines should be addressed to the PPO.

Scope

All Green Bee 3 Inc. information is categorized into two main classifications: Green Bee 3 Inc. Public

Green Bee 3 Inc. Confidential

Green Bee 3 Inc. Public information is information that has been declared public knowledge by someone with the authority to do so, and can freely be given to anyone without any possible damage to Green Bee 3 Inc.

Green Bee 3 Inc. Confidential contains all other information. It is a continuum, in that it is understood that some information is more sensitive than other information and should be protected in a more secure manner. Included is information that should be protected very closely,

such as individual client records, client account numbers and other personal identification information that, when taken together make known the individuals’ identity by usual, customary and reasonable (‘UCR’) means, Company’s trade secrets, development programs, potential acquisition targets, and other information integral to the success of our company. Also included in Green Bee 3 Inc. Confidential is information that is less critical, such as telephone directories, general corporate information, personnel information, etc., which does not require as stringent a degree of protection.

A subset of Green Bee 3 Inc. Confidential information is “Green Bee 3 Inc. Third Party Confidential” information. This is confidential information belonging or pertaining to another corporation which has been entrusted to Green Bee 3 Inc. by that company under non-disclosure agreements and other contracts. Examples of this type of information include everything from joint development efforts to vendor lists, customer record or orders, and supplier information. Information in this category ranges from extremely sensitive to information about the fact that we’ve connected a supplier / vendor into Green Bee 3 Inc.’s network to support our operations.

Green Bee 3 Inc. personnel are encouraged to use common sense judgment in securing Green Bee 3 Inc. Confidential information to the proper extent. If an employee is uncertain of the sensitivity of a particular piece of information, he/she should contact their manager.

Policy

The Sensitivity Guidelines below provides details on how to protect information at varying sensitivity levels. Use these guidelines as a reference only, as Green Bee 3 Inc. Confidential information in each column may necessitate stringent measures of protection depending upon the circumstances and the nature of the Green Bee 3 Inc. Confidential information in question.

Minimal Sensitivity

General corporate information; some personnel and technical information Marking guidelines for information in hardcopy or electronic form.

Note: any of these markings may be used with the additional annotation of “3rd Party Confidential”.

Marking is at the discretion of the owner or custodian of the information. If marking is desired, the words “Green Bee 3 Inc. Confidential” may be written or designated in a conspicuous place on or in the information in question. Other labels that may be used include “Green Bee 3 Inc. Proprietary” or similar labels at the discretion of your individual business unit or department. Even if no marking is present, Green Bee 3 Inc. information is presumed to be “Green Bee 3 Inc. Confidential” unless expressly determined to be Green Bee 3 Inc. Public information by a Green Bee 3 Inc. employee with authority to do so.

Access: Green Bee 3 Inc. employees, contractors, people with a business need to know.

Distribution within Green Bee 3 Inc.: Standard interoffice mail, approved electronic mail and electronic file transmission methods.

Distribution outside of Green Bee 3 Inc. internal mail: U.S. mail and other public or private carriers approved electronic mail and electronic file transmission methods.

Electronic distribution: No restrictions except that it be sent to only approved recipients.

Storage: Keep from the view of unauthorized people; erase whiteboards, do not leave in view on the tabletop. Machines should be administered with security in mind. Protect from loss; electronic information should have individual access controls where possible and appropriate.

Disposal/Destruction: Deposit outdated paper information in specially marked disposal bins on Green Bee 3 Inc. premises; electronic data should be expunged/cleared. Reliably erase or physically destroy media.

Penalty for deliberate or inadvertent disclosure: Up to and including termination, possible civil and/or criminal prosecution to the full extent of the law.

More Sensitive

Business, financial, technical, and most personnel information

Marking guidelines for information in hardcopy or electronic form.

Note: any of these markings may be used with the additional annotation of “3rd Party Confidential”. As the sensitivity level of the information increases, you may, in addition, or instead of marking the information “Green Bee 3 Inc. Confidential” or “Green Bee 3 Inc. Proprietary”, wish to label the information “Green Bee 3 Inc. Internal Use Only” or other similar labels at the discretion of your individual business unit or department to denote a more sensitive level of information. However, marking is always discretionary.

Access: Green Bee 3 Inc. employees and non-employees with signed non-disclosure agreements who have a business need to know.

Distribution within Green Bee 3 Inc.: Standard interoffice mail, approved electronic mail and electronic file transmission methods.

Distribution outside of Green Bee 3 Inc. internal mail: Sent via U.S. mail or approved private carriers.

Electronic distribution: No restrictions to approved recipients within Green Bee 3 Inc. but should be encrypted or sent via a private link to approved recipients outside of Green Bee 3 Inc. premises.

Storage: Individual access controls are highly recommended for electronic information.

Disposal/Destruction: In specially marked disposal bins on Green Bee 3 Inc. premises; electronic data should be expunged/cleared. Reliably erase or physically destroy media.

Penalty for deliberate or inadvertent disclosure: Up to and including termination, possible civil and/or criminal prosecution to the full extent of the law.

Most Sensitive

Medical records, Social Security numbers, Customer account numbers, Data groupings where identity can be determined through UCR measures, trade secrets & marketing, operational, personnel, financial, source code, & technical information integral to the success of our company

Marking guidelines for information in hardcopy or electronic form.

Note: any of these markings may be used with the additional annotation of “3rd Party Confidential”. To indicate that Green Bee 3 Inc. Confidential information is very sensitive, you should label the information “Green Bee 3 Inc. Internal: Registered and Restricted”, “Green Bee 3 Inc. Eyes Only”, “Green Bee 3 Inc. Confidential” or similar labels at the discretion of your individual business unit or department. Once again, this type of Green Bee 3 Inc. Confidential information need not be marked, but users should be aware that this information is very sensitive and be protected as such.

Access: Only those individuals (Green Bee 3 Inc. employees and non-employees) designated with approved access and signed non-disclosure agreements.

Distribution within Green Bee 3 Inc.: Due to overlapping responsibilities requiring companywide access, internal distribution controls are not applicable.

Distribution outside of Green Bee 3 Inc. internal mail: Delivered directly; signature required; approved private carriers.

Electronic distribution: No restrictions to approved recipients within Green Bee 3 Inc., but it is highly recommended that all information be strongly encrypted.

Storage: Individual access controls are very highly recommended for electronic information. Physical security is generally used, and information should be stored in a physically secured computer.

Disposal/Destruction: Strongly Encouraged: In specially marked disposal bins on Green Bee 3 Inc. premises; electronic data should be expunged/cleared. Reliably erase or physically destroy media.

Penalty for deliberate or inadvertent disclosure: Up to and including termination, possible civil and/or criminal prosecution to the full extent of the law.

Enforcement

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

Training, Review and Preparation

Green Bee 3 Inc. understands that all privacy and security are, ultimately subjected to human error. To maximize privacy and security controls and compliance, Green Bee 3 Inc. will conduct workforce privacy awareness for all employees and Interested Parties. This includes training of all new

workforce members including management, volunteers and Interest Parties in privacy and security procedures and requirements, as well as the enforcement policies that envelope them.

Any amendments or changes to the policies and procedures herein will be distributed to all employees and Interested Parties as appropriate and training provided where needed. Such distribution will be acknowledged by the receiving party.

Semi-annually, Green Bee 3 Inc. will distribute some or all these policies as a reminder of our commitment to privacy and security. The receiving parties will acknowledge receipt and acceptance of such distribution as a demonstration of their similar commitment.

Annually, Green Bee 3 Inc. will perform a Vulnerability Assessment to identify any privacy or security risks and vulnerabilities and take appropriate action to mitigate. When mitigation demands policy or procedural amendments, such will be made and disseminated.

At least every 3 years, Green Bee 3 Inc. will perform a Risk Assessment to identify any vulnerabilities and take appropriate action to mitigate. When mitigation demands policy or procedural amendments, such will be made and disseminated.

Any changes to the company structure or infrastructure will also initiate Risk and Vulnerability Assessments.

Green Bee 3 Inc. believes that transparency ultimately is the greatest measure of adherence to privacy and security policies and procedures. Therefore, all actions pertaining to hereto will be documented and made available to appropriate, authorized parties.

Definitions

Terms and Definitions

Appropriate measures

To minimize risk to Green Bee 3 Inc. from an outside business connection. Green Bee 3 Inc. computer use by competitors and unauthorized personnel must be restricted so that, in the event of an attempt to access Green Bee 3 Inc. corporate information, the amount of information at risk is minimized.

Configuration of Green Bee 3 Inc.-to-other business connections

Connections shall be set up to allow other businesses to see only what they need to see. This involves setting up both applications and network configurations to allow access to only what is necessary.

Delivered Direct; Signature Required

Do not leave in the interoffice mail slot, call the mailroom for special pick-up of mail.

Approved Electronic File Transmission Methods

Includes supported FTP clients and Web browsers.

Approved Electronic Mail

Includes all mail systems supported by the IT Support Team. These include, but are not necessarily limited to, Outlook, iPhone, iPad, Blackberry, and Touchdown for Android, if you have a business need to use other mailers contact the appropriate support organization.

Approved Encrypted email and files

Techniques include the use of DES and PGP. DES encryption is available via many different public domain packages on all platforms. PGP use within Green Bee 3 Inc. is done via a license. Please contact the appropriate support organization if you require a license.

Company Information System Resources

Company Information System Resources include, but are not limited to, all computers, their data and programs, as well as all paper information and any information at the Internal Use Only level and above.

Expunge

To reliably erase or expunge data on a PC or Mac you must use a separate program to overwrite data, supplied as a part of myriad utilities and will be selected based on timing and type data to be expunged. Otherwise, the PC or Mac’s normal erasure routine keeps the data intact until overwritten. The same thing happens on UNIX machines, but data is much more difficult to retrieve on UNIX systems.

Individual Access Controls

Individual Access Controls are methods of electronically protecting files from being accessed by people other than those specifically designated by the owner.

Insecure Internet Links

Insecure Internet Links are all network links that originate from a locale or travel over lines that are not totally under the control of Green Bee 3 Inc.

Encryption

Secure Green Bee 3 Inc. Sensitive information in accordance with the Acceptable Encryption Policy. International issues regarding encryption are complex. Follow corporate guidelines on export controls on cryptography and consult your manager and/or corporate legal services for further guidance.

Multi- or Two- Factor (MFA) Password Authentication

Multi- or Two- Factor Password Authentication on Internet connections are accomplished by using a one-time password token to connect to Green Bee 3 Inc.’s an internal network over the Internet. Contact your support organization for more information on how to set this up.

Private Information (PI)

Private Information and may include personal, confidential, health-related and other information that, when taken individually or together represent information that is not to be shared by anyone without express, written permission, except where required by law or demanded by a duly authorized governing body or court of proper jurisdiction.

Private Link

A Private Link is an electronic communications path that Green Bee 3 Inc. has control over its entire distance. For example, all Green Bee 3 Inc. networks are connected via a private link. A computer with a network connection to the internet to another computer has established a private link. Green Bee 3 Inc. also has established private links to other companies, so that all email correspondence can be sent in a more secure manner. Companies which Green Bee 3 Inc. has established private links include all announced acquisitions and some short-term temporary links.