PRIVACY POLICY


Protecting privacy is always our utmost priority at AccurateSource.Com Inc. To underscore our fundamental commitment to privacy 
and our vision that good privacy is good business, we have adopted an online privacy policy for our web site www.accuratesource.com.
This policy reflects and implements -in an online setting- our corporate privacy principles and Fair Information Practice, 
Principles of notice, choice, access, security, and accountability.

1.0	 INFORMATION COLLECTION

I. Personally-identifiable information.
This site ONLY collects ?personally identifiable information? from you, if you chose to provide this information to us. Whether
you provide any information is entirely up to you. "Personally identifiable information" is information about you such as name,
address, e-mail address, user ID, credit card number, social security number, and so on.
AccurateSource.Com Inc. does not provide ?personally identifiable? information to unaffiliated third-parties in its normal course
of business. We do not incorporate the information collected while you visit or make a request on our site for resale in our 
services.
However, we will provide such information when required by law or in the good faith belief that such action is necessary in order
to comply with the law or legal process.
II. Cookies.
This site does not use cookies.

2.0	INFORMATION USE AND CONSUMER CHOICE.

If you have voluntarily provided information, you consented to the collection and use of your personally identifiable information 
as described in this Privacy Statement. If in connection with your use of a particular service, we ask to use your data in a way 
not described in this Privacy Statement and you do not wish to permit that use, you can choose not to use the particular service.
If you have voluntarily provided personally identifiable information, we may, from time to time, send you mail or e-mail regarding 
products and services. If you decide that you do not want to receive further emails regarding your inquiry from AccurateSource.Com
Inc.,you can email us at info@accuratesource.com or use the telephone number (800) 978-8950 with a request that we should not 
continue to email you. 

3.0	CORRECTING, ACCESSING, UPDATING YOUR INFORMATION

As a research company, we know the importance of accurate and up to date data. Hence, you may view and edit your personally 
identifiable information at any time by contacting us using the link provided on the web site.
Furthermore, we permit and encourage you to correct inaccuracies in the information you submit to us through our web site.

4.0	SECURITY

We take steps to protect against the loss, misuse, or unauthorized alteration of ?personally identifiable? information collected 
through this web site. We recognize the importance of security for all ?personally identifiable? information collected by our 
website. We exercise care in providing secure transmission of your information from your PC to our servers. This includes, 
among other things, using industry standard techniques such as firewalls, encryption, intrusion detection and site 
monitoring. All sensitive/credit information you supply is transmitted via Secure Socket Layer (SSL) technology.

5.0	CONSENT

By using our Web site, you consent to the collection and use of the information you provide according to this Privacy Policy. We 
reserve the right to change our Privacy Policy from time to time, if this policy is changed, we will post these changes on this 
page so that you are always aware of what information we collect, how we use it, and under what circumstances we disclose it.

6.0	DATA RETENTION AND DESTRUCTION POLICY

6.1	OVERVIEW
The need to retain data varies widely with the type of data. Some data can be immediately deleted and some must be retained until 
reasonable potential for future need no longer exists. Since this can be somewhat subjective, a retention and destruction policy 
is important to ensure that the company's guidelines on retention/destruction of data are consistently applied throughout the 
organization. 

6.2	PURPOSE

The purpose of this policy is to specify the company's guidelines for retaining different types of data. 

6.3	SCOPE

The scope of this policy covers all company data stored on company-owned, company-leased, and otherwise company-provided systems 
and media, regardless of location. Note that the need to retain certain information can be mandated by local, industry regulations 
and will comply with EU General Data Protection Regulation GDPR and the Data Protection Act 1988 and the Data Protection (Amendment)
Act 2003. 

6.4	POLICY

6.4.1  REASONS FOR DATA RETENTION

The company does not wish to simply adopt a "save everything" approach. That is not practical or cost-effective and would place an 
excessive burden on company and IT Staff to manage the constantly-growing amount of data. Some data, however, must be retained in 
order to protect the company's interests, preserve evidence, and generally conform to good business practices. Some reasons for 
data retention include:
>Litigation
>Accident investigation
>Security incident investigation
>Regulatory requirements
>Intellectual property preservation 

6.4.2	 DATA DUPLICATION

As data storage increases in size and decreases in cost, companies often make a mistake on the side of storing data in several
places on the network. A common example of this is where a single file may be stored on a local user's machine, on a central file 
server, and again on a backup system. When identifying and classifying the company's data, it is important to also understand where 
that data may be stored, particularly for duplicate copies, so that this policy may be applied to all duplicates of the information. 

6.4.3	 RETENTION REQUIREMENTS

This section sets guidelines for retaining the different types of company data.
>Personal customer data: Personal data will not be held for more than 90 days.
>Personal employee data: General employee data will be held for the duration of employment and then for five years after the last day 
of contractual employment. Employee contracts will be held for six years after last day of contractual employment.
>Tax payments will be held for six years. 
>Records of leave will be held for three years.
>Recruitment details: Interview notes of unsuccessful applicants will be held for two months after interview. 
This personal data will then be destroyed.
Planning data: Seven years.
>Health and Safety: 7 years for records of major accidents and dangerous occurrences.
>Public data: Public data will be retained for 90 days.
>Operational data: Most company data will fall in this category. Operational data will be retained for 5 years.
>Critical data including Tax and VAT: Critical data must be retained for 6 years.
>Confidential data: Confidential data must be retained for 7 years.

6.4.4	 RETENTION OF ENCRYPTED DATA 

All EU personal data will be retained in an encrypted form. Any information, retained under this policy is stored in an encrypted 
format; considerations must be taken for secure storage of the encryption keys. Encryption keys must be retained as long as the 
data that the keys decrypt is retained. 

6.4.5	 DATA DESTRUCTION 

Data destruction ensures that the company will use data efficiently thereby making data management and data retrieval more cost 
effective. When the retention timeframe expires, the company must actively destroy the data covered by this policy. All EU 
personal data will be auto purged from database after 90 days. If a user feels that certain data should not be destroyed, he or 
she should identify the data to his or her supervisor so that an exception to the policy can be considered. Since this decision 
has long-term legal implications, exceptions will be approved only by a member or members of the company's management team.
The company specifically directs users not to destroy data in violation of this policy. Destroying data that a user may feel 
is harmful to him or herself is particularly forbidden or destroying data in an attempt to cover up a violation of law or company 
policy. 

6.4.6	 APPLICABILITY OF OTHER POLICIES

This document is part of the company's cohesive set of security policies. Other policies may apply to the topics covered in this 
document and as such the applicable policies should be reviewed as needed. 

6.5	ENFORCEMENT

This policy will be enforced by the IT Manager and/or Executive Team. Violations may result in disciplinary action, which may 
include suspension, restriction of access, or more severe penalties up to and including termination of employment. Where illegal 
activities or theft of company property (physical or intellectual) are suspected, the company may report such activities to the 
applicable authorities.