Customer Privacy and Security Statement
AggreCost, LLC (AggreCost) has reviewed the privacy and security requirements related to the protection and processing of individual personal data (collectively, the “Protected Data”) as implemented by various international (the United States and elsewhere in the world) acts, legislation, laws and directives and has developed policies and procedures to ensure that AggreCost is compliant to the extent AggreCost is exposed to customer Protected Data during the provision of services by AggreCost related to the AggreCost Software or Application products. These policies and procedures are in place to ensure the protection of the integrity and confidentiality of any Protected Data, beyond that which AggreCost would normally have in place to meets its obligation of confidentiality with respect to safeguarding customer confidential information.
During the normal course of operations, AggreCost does not maintain, process or utilize active customer Protected Data during the provision of services related to the AggreCost Software and only accesses such customer Protected Data while on customer premises via the customers own networks and systems during the provision of consulting services and or by request of client in a cloud terminal.
Maintenance Services: AggreCost may take possession of customer Protected Data in the course of providing maintenance services to its customers, where a problem report related to the AggreCost Software is submitted by the customer as part of a service request to the AggreCost Technical Assistance Center. In such cases the Protected Data is either immediately de-identified, or is stored in a secured and safe location. AggreCost has acceptable levels of encryption and passwords to protect email and its own internal systems.
Consulting Services: In cases where AggreCost is exposed to customer Protected Data while on-site or in customer cloud admin area performing consulting services related to the AggreCost, such AggreCost personnel are not authorized to retain Protected Data in whole or part, or in any form (printed paper, an electronic file on a AggreCost laptop, for example), to disclose Protected Data to third parties or allow Protected Data to leave the customer premises, systems, cloud or networks either physically or electronically.
Remote access by AggreCost personnel to networks or systems of customers who maintain, process or utilize active Protected Data in connection with their implementation of AggreCost Software is strictly prohibited unless the customer can guarantee such access will not include inadvertent exposure or the introduction of customer Protected Data into AggreCost’s networks or systems.
All AggreCost personnel are required to sign a confidentiality agreement, assuring that customer confidential information will not be disclosed and is otherwise treated in as protective or restrictive a manner as AggreCost’s own most sensitive and trade secret information and data. AggreCost ensures that its contractors or other third party vendors and suppliers who may be exposed or have access to customer Protected Data during the provisions of services to AggreCost agree to terms and conditions as protective of customer Protected Data as those set forth in this Customer Privacy and Security Statement