Sydian Group - Privacy Policy

Information Privacy Policy

Overview

As a provider of Telecommunication Expense Management services to business and consumer clientele, Sydian Group International Inc. (“Sydian”) practices involve the acquisition, use, archival and protection of client information. This document provides an understanding of the practices Sydian employs to maintain a secure environment to ensure the protection of third party data.

Information Sources & Protection

In conducting its daily business practices Sydian receives data streams from Telecom vendors that contain the following Client data fields: Employee Id, Name, Title, Location, Corporate E-Mail Address, Department/Cost Center, Phone Numbers, and Corporate Address. In addition, we receive General Ledger Codes directly from Clients. The sole purpose of this data is to validate expenditures, reconcile vendor invoices, identify non-conformance expenditures, enable expense allocation, optimize telecom expenditures and provide management report metrics.

Clients may authorize Sydian to represent the Client to its Vendor(s) thereby enabling Sydian to initiate service & plan changes on behalf of the Client. In this way Sydian maintains an “always optimized” environment on behalf of the Client.

In addition, any visitors to Sydian’s website will leave behind a Domain Name & IP Address trail which can be used by Sydian to track and analyze traffic to the site.

All data and information sources referenced above, are essential elements of Sydian’s telecom management services. The confidentiality of such data & information is maintained with great rigor and is not sold, licensed or otherwise distributed to any third party without the prior consent of the related Client with the exception of Sydian employees and authorized Vendors. As a commercial requirement, Sydian also enters into a Non Disclosure Agreement with all Clients which explicitly details the protection of personal and private information.

Sydian has adopted industry accepted measures to protect customer information from loss, misuse, unauthorized access, disclosure, alteration and destruction of information which includes compliance with confidentiality and non-disclosure provisions in agreements between Sydian and its customers, partners, suppliers, and employees. All client information held by Sydian is maintained on secure servers, which are located in secure data centers. All personal information is stored in secure databases with access restricted to authorized users who require unique login credential. Access is only permitted in adherence with this policy. Login ID's and passwords are provided to customers to enable them to access their specific information. Further, customer sensitive data is stored encrypted using 128-bit strong encryption keys. All access to customer data is controlled and monitored by Sydian.

Sydian maintains all of its servers within their secure networks, which are protected by security measures including firewalls, restricting access the authorized individuals. Sydian ensures data, application and network integrity is maintained using system monitoring and security tools.

In order to ensure compliance with this Information Privacy Policy and consistency with the principles of the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), Sydian conducts periodic audits. Any employee, vendor, or supplier found to have violated this Policy will be disciplined, including termination of employment or termination of service contract. Any deficiencies identified by internal and external audits will be reviewed, documented & implemented at Sydian’s discretion in order to ensure continued compliance with this Policy.