top of page

Privacy Policy

PURPOSE


HVACPartsInAHurry.com implements this policy to protect employees, customers, contractors, and the company from risks related to the loss or misuse of sensitive information. This policy aims to:

​

  • Define sensitive information.

  • Outline physical security measures for printed data.

  • Describe electronic security measures for data when stored or distributed.

 

SCOPE

 

This policy applies to employees, contractors, consultants, temporary workers, and any other individuals working with the company, including all personnel affiliated with third parties.

 

POLICY

 

Definition of Sensitive Information
Sensitive information includes the following, whether stored in electronic or printed format:

Personal Information
Sensitive personal information includes, but is not limited to:

​

  • Credit Card Information, including:

    • Credit Card Number (whole or partial)

    • Credit Card Expiration Date

    • Cardholder’s Name

    • Cardholder’s Address
       

  • Tax Identification Numbers, including:

    • Social Security Number

    • Social Insurance Number

    • Business Identification Number

    • Employer Identification Number
       

  • Payroll Information, such as:

    • Paychecks

    • Pay Stubs

    • Pay Rates

    • Cafeteria Plan Check Requests and associated documents
       

  • Medical Information for Employees or Customers, including:

    • Doctor Names and Claims

    • Insurance Claims

    • Prescriptions

    • Other personal medical details
       

  • Other Personal Information of Customers, Employees, and Contractors, such as:

    • Date of Birth

    • Address

    • Phone Numbers

    • Maiden Name

    • Full Name

    • Customer Number

 

Corporate Information

 

Sensitive corporate information includes, but is not limited to:
 

  • Confidential or proprietary information related to the company, employees, customers, vendors, or suppliers.

  • Proprietary and/or confidential information includes, but is not limited to:​​

  • Business methods

  • Documents labeled as “Confidential,” “Sensitive,” “Proprietary,” or similar.

  • Employees are encouraged to use common sense when handling confidential company information. If unsure about the sensitivity of certain information, employees should consult their supervisor/manager.


Hard Copy Distribution

Employees and contractors must adhere to the following guidelines for physical documents containing sensitive information:
 

  • File cabinets, desk drawers, overhead cabinets, and other storage units containing sensitive documents must be locked when not in use.

  • Storage rooms and record retention areas must be locked after business hours.

  • Desks, workstations, printers, fax machines, and shared work areas must be cleared of sensitive documents when not in use.

  • Whiteboards, dry-erase boards, and writing surfaces in shared spaces must be erased or destroyed when not in use.

  • Sensitive documents should be placed in locked shred bins or shredded immediately using a cross-cut or DOD-approved shredding device. Shred bins are labeled “Confidential Paper Shredding and Recycling.” If assistance is needed to locate a shred bin, please contact a supervisor/manager.


Electronic Distribution

Employees and contractors must follow these guidelines for handling sensitive information electronically:
 

  • Sensitive information may be transmitted internally using approved company email systems, provided the data is encrypted when stored electronically.

  • Any external transmission of sensitive information must be encrypted and password-protected, sent only to approved recipients. The following statement must be included in such emails:
    "This message may contain confidential and/or proprietary information and is intended solely for the recipient to whom it was addressed. Any unauthorized use is strictly prohibited."
     

ROLES AND RESPONSIBILITIES

Management is responsible for enforcing this policy and ensuring that employees and contractors comply with it.


DEFINITIONS
 

  • Encryption: The process of converting data into a secret code to secure its confidentiality. To access encrypted data, a key or password is required. Unencrypted data is referred to as plain text.

  • Hard Copy: A physical printout of data stored in a computer. Unlike a soft copy, which exists only electronically, a hard copy is a tangible, paper-based document.
     

ENFORCEMENT

Any employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

bottom of page