SSB BART Group (SSB) makes every effort to keep the information you provide to us in the strictest confidence. As a general rule, SSB’s services do not store sensitive information and drastically limit the amount of Personally Identifiable Information (PII) stored in the system. The entirety of PII we store for system users is an e-mail address and full name of the user to allow for login access. These fields are encrypted in the database.
SSB does not sell information we gather from customer relationships to third parties. When working on a project that requires resources beyond what SSB can provide, partnering firms are required to maintain all information received from SSB in the strictest of confidence and sign a nondisclosure agreement.
If you, as our customer, will be sharing information that is sensitive and not public knowledge, SSB will request that a non-disclosure be created to ensure that this knowledge is treated as proprietary. The non-disclosure should define the information involved and the length of time that it must remain confidential.
Personally Identifiable Information
The sole amount of PII stored by the Accessibility Management Platform (AMP) is the user’s e-mail address (primary login credential) and, optionally, the user’s first name, last name, phone number, and title. This data is stored in encrypted format in the database. No other PII is stored in the system.
SSB generally assumes all data related to a person – even the limited set collected by AMP – should be treated with the highest degree of sensitivity.
PII is protected and is only made available to others in the system with a need to know in accordance with US and EU legislation. This data is only visible to system administrators who manage accounts. System users’ names may be visible to other users within the organization if those users have created reports that are visible to others. None of this data is visible to others who are not working within the system, and users with access to the data must authenticate in order to gain access.
End Customer Information
SSB’s customers tend to be enterprise class organizations with large customer and user bases. “End Customers” refers to these customers and users – the somewhat unwieldly customers of our customers or users of our customers. As a general rule, SSB does not collect, store, or process End Customer user-specific data or PII. The only PII SSB stores, as noted in the PII section of this policy, is that of our customer’s employees, contractors, or other directly authorized users.
Third Party Access
SSB makes every effort to keep the information clients provide to us in the strictest confidence. We do not sell information we gather from customer relationships to third parties.
PII Out of Country Transfer
As noted above, AMP collects and transmits limited PII. This PII is only transmitted outside the United States is if the user accessing AMP from a location outside the United States.
Confidential Information and Non-Disclosure
SSB’s Master Subscription Agreement or the applicable customer-specific similar contract provides extensive controls for confidential information.