SECURITY AND PRIVACY POLICY OF FACILITY VITALS
Users trust is utmost important to Facility Vitals; and this is our highest priority to ensure user privacy and security with their contact, data and developed products, and we take our users’ security and privacy concerns seriously. We input our best effort to ensure that user data is kept securely, and that we collect only as much personal and business data as is required to provide our services to users in an efficient and effective manner.
Facility Vitals uses some of the most advanced technology for Internet security that is commercially available today. This Security Statement is aimed at being transparent about our security infrastructure and practices, to help reassure you that your data is appropriately protected.
Data Security (Electronic and Physical)
We employ physical, electronic, and managerial measures, including training of our personnel, designed to provide the Personal Data in our possession with reasonable protection from accidental loss or destruction, improper use, alteration, or disclosure.
Software Security:
Facility Vitals takes reasonable steps to protect the Personal Data provided via the Site from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or e-mail transmission is ever fully secure or error free. In particular, e-mail sent to or from this Site may not be secure. Therefore, you should take special care in deciding what information you send to us via e-mail. Please keep this in mind when disclosing any Personal Data to Software Secure via the Internet.
Application and User Security
SSL/TLS Encryption: All communications with the Facility Vitals website are sent over SSL/TLS connections. Secure Sockets Layer (SSL) and Transport Layer Security (TLS) technology (the successor technology to SSL) protect communications by using both server authentication and data encryption. This ensures that user data in transit is safe, secure, and available only to intended recipients.
User Authentication: User data on our database is logically segregated by account-based access rules. User accounts have unique usernames and passwords that must be entered each time a user logs on.
User Passwords: User application passwords have minimum complexity requirements. Passwords are individually salted and hashed.
Privacy: We have a comprehensive privacy policy that provides a very transparent view of how we handle your data, including how we use your data, who we share it with, and how long we retain it.
Infrastructure protection
Facility Vitals is hosted in Amazon AWS which addresses security risks across its infrastructure, such as:
Disclosure of customer content: We do not disclose customer content unless we’re required to do so to comply with the law or a valid and binding order of a governmental or regulatory body. Unless prohibited from doing so or there is clear indication of illegal conduct in connection with the use of Amazon products or services, Amazon notifies customers before disclosing customer content so they can seek protection from disclosure.
Security Assurance: We use Amazon AWS security assurance program using global privacy and data protection best practices in order to helping customers establish, operate and leverage our security control environment. These security protections and control processes are independently validated by multiple third-party independent assessments.
Organizational & Administrative Security
Training: We provide security and technology use training for employees.
Service Providers: We screen our service providers and bind them under contract to appropriate confidentiality obligations if they deal with any user data.
Access: Access controls to sensitive data in our databases, systems and environments are set on a need-to-know / least privilege necessary basis.
Software Development Practices
Coding Practices: Our engineers use best practices and industry-standard secure coding guidelines to ensure secure coding.
Handling of Security Breaches
Despite best efforts, no method of transmission over the Internet and no method of electronic storage is perfectly secure. We cannot guarantee absolute security. However, if Facility Vitals learns of a security breach, we will notify affected users so that they can take appropriate protective steps. Our breach notification procedures are consistent with our obligations under various state and federal laws and regulation, as well as any industry rules or standards that we adhere to. Notification procedures include providing email notices or posting a notice on our website if a breach occurs.
Your Responsibilities
Keeping your data secure also depends on you ensuring that you maintain the security of your account by using sufficiently complicated passwords and storing them safely. You should also ensure that you have sufficient security on your own systems, to keep any data you download to your own computer away from prying eyes.
Changes to Facility Vitals Technologies’s Privacy Policy:
The Site and our business may change from time to time. As a result, at times it may be necessary for Facility Vitals to make changes to this Privacy Policy. Facility Vitals reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was last updated on the date indicated above. Your continued use of the Site after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.
Access to Information, Audit and Contacting Facility Vitals;
You may request access to your Personal Data in order to review, correct or delete any Personal Data by contacting us as specified below. We will take reasonable steps to update or correct Personal Data in our possession that you have previously submitted.
Contact:
Email: Sales@facilityvitals.com
Phone: 1-866-335-8270
Please also feel free to contact us if you have any questions about Facility Vitals Privacy Policy or the information practices