• 24401 Muirlands Blvd Suite C Lake Forest CA 92630
Schedule your free consultation

Privacy Policy

Masra Tech > Privacy Policy

Terms of Service for SMS Communications and Consent for SMS Communication

By providing my phone number to Masra Tech, Inc, you agree and acknowledge that Masra Tech, Inc, may send customer care text messages to your wireless phone number for updates related to computer science, network administration products and services, computer repair and customer care.  No mobile opt-in or text message consent will be shared with third parties or affiliates for marketing purposes. Information obtained as part of the SMS consent process will not be shared with third parties or affiliates for marketing purposes.  

If you have consented to receive customer care text messages from Masra Tech, Inc, you may receive text messages related to computer science and network administration products and services. Below is an example:

  1. Good morning Sarah, This Masra Tech, Inc, we wanted to give you a courtesy reminder of your scheduled call with a Masra Tech representative tomorrow at 9 PST, please give us a call back at 1-949-278-1968 or reply to this message to reschedule.  Reply STOP to opt-out of SMS messaging.

Standard Messaging Disclosures
Message and data rates may apply
Message Frequency: SMS frequency will be between 5-1000 messages daily company wide. Message frequency may vary depending on the type of communication.
You can opt-out at any time by texting “STOP”.  Reply “START” to opt in to receive text messages again.
For assistance text “HELP” or visit our Privacy Policy and SMS terms and conditions. For more info please visit our Privacy Policy Page.

Personal Identity Information (PII) Security, Notification and Confidentiality Policy

Purpose

Masra Tech recognizes its need to maintain the confidentiality of Personal Identity Information (PII) and understands that such information is unique to each individual. The PII covered by this policy may come from various types of individuals performing tasks on behalf of the company and includes employees, applicants, independent contractors and any PII maintained on its customer base. The scope of this policy is intended to be comprehensive and will include company requirements for the security and protection of such information throughout the company and its approved vendors both on and off work premises.

Departments named in this policy have delegated authority for developing and implementing procedural guidance for ensuring that their departmental responsibilities under this policy are communicated and enforced.

Key Elements

Personal Identity Information (PII): Unique personal identification numbers or data,
including:

  • Social Security Numbers (or their equivalent issued by governmental entities outside the United States).
  • Taxpayer Identification Numbers (or their equivalent issued by governmental revenue entities outside the United States).
  • Employer Identification Numbers (or their equivalent issued by government entities outside the United States).
  • State or foreign drivers license numbers.
  • Date(s) of birth.
  • Corporate or individually held credit or debit transaction card numbers (including PIN or access numbers) maintained in organizational or approved vendor records.

PII may reside in hard copy or electronic records; both forms of PII fall within the scope of this policy.

Vendors: Individual(s) or companies that have been approved by the Contracts Department as a recipient of organizational PII and from which the Contracts Department has received certification of their data protection practices conformance with the requirements of this policy. Vendors include all external providers of services to the company and include proposed vendors. No PII information can be transmitted to any vendor in any method unless the vendor has been pre-certified for the receipt of such information.

PII Retention: Masra Tech understands the importance of minimizing the amount of PII data it maintains and retains such PII only as long as necessary. A joint task force comprising members of the Legal, Finance, IT, Contracts and Human Resources departments maintains organizational record retention procedures, which dictate the length of data retention and data destruction methods for both hard copy and electronic records.

PII Training: All new hires entering the company who may have access to PII are provided with introductory training regarding the provisions of this policy, a copy of this policy and implementing procedures for the department to which they are assigned is readily available. Employees in positions with regular ongoing access to PII or those transferred into such positions are provided with additional instruction reinforcing this policy and procedures for the maintenance of PII data.

PII Audit(s): Masra Tech conducts audits of PII information at least bi-annually in conjunct to ensure that this policy remains strictly enforced and to ascertain the necessity for the continued retention of PII information. Where the need no longer exists, PII information will be destroyed in accordance with protocols for destruction of such records and logs maintained for the dates of destruction. The audits are conducted by Finance, IT, Contracts and Human Resources departments as required.

Data Breaches/Notification: Databases or data sets that include PII may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, the company will notify all affected individuals whose PII data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible.

Masra Tech will handle breach notifications(s) to all governmental agencies to whom such notice must be provided in accordance with time frames specified under these laws. Notices to affected individuals will be communicated by Human Resources within the time frame specified under the appropriate law(s).

Data Access: Masra Tech maintains multiple IT systems where PII data may reside; thus, user access to such IT systems is the responsibility of the IT department. The IT department has created internal controls for such systems to establish legitimate access for users of data, and access shall be limited to those approved by IT. Any change in vendor status or the termination of an employee or independent contractor with access will immediately result in the termination of the user’s access to all systems where the PII may reside.

Data Transmission and Transportation

  1. Company Premises Access to PII: The Finance, Human Resources and IT departments have defined responsibilities for on-site access of data that may include access to PII; IT has the oversight responsibility for all electronic records and data access capabilities. Finance and Human Resources have the operational responsibility for designating initial access and termination of access for individual users within their organizations and providing timely notice to IT.
  2. Vendors: Masra Tech may share data with vendors who have a business need to have PII data. Where such inter-company sharing of data is required, the IT department is responsible for creating and maintaining data encryption and protection standards to safeguard all PII data that resides in the databases provided to vendors. Approved vendor lists will be maintained by the Contracts department, and Contracts has responsibility to notify IT of any changes to vendor status with the company.
  3. Portable Storage Devices: Masra Tech reserves the right to restrict PII data it maintains in the workplace. In the course of doing business, PII data may also be downloaded to laptops or other computing storage devices to facilitate company business. To protect such data, the company will also require that any such devices use IT department-approved security protection while such devices are in use on or off company premises. The IT department has responsibility for maintaining data protection standards to safeguard PII data that resides on these portable storage devices.
  4. Off-Site Access to PII: Masra Tech understands that employees may need to access PII while off site or on business travel, and access to such data shall not be prohibited, subject to the provision that the data to be accessed is minimized to the degree possible to meet business needs and that such data shall reside only on assigned laptops/approved storage devices that have been secured in advance by the IT department.

Regulatory Requirements: It is the policy of the company to comply with any international, federal or state statute and reporting regulations. Masra Tech has delegated the responsibility for maintaining PII security provisions to the departments noted in this policy. Masra Tech shall be the sole entity named to oversee all regulatory reporting compliance issues. If any provision of this policy conflicts with a statutory requirement of international, federal or state law governing PII, the policy provision(s) that conflict shall be superseded.

Confirmation of Confidentiality: All company employees must maintain the confidentiality of PII as well as company proprietary data to which they may have access and understand that that such PII is to be restricted to only those with a business need to know. Employees with ongoing access to such data will sign acknowledgement reminders annually attesting to their understanding of this company requirement.

Violations of PII Policies and Procedures: Masra Tech views the protection of PII data to be of the utmost importance. Infractions of this policy or its procedures will result in disciplinary actions under the company’s discipline policy and may include suspension or termination in the case of severe or repeat violations. PII violations and disciplinary actions are incorporated in the company’s PII onboarding and refresher training to reinforce the company’s continuing commitment to ensuring that this data is protected by the highest standards.