Broniec Associates is a global services company that provides a comprehensive payables auditing service to companies of varying size across all industries. We take the security of client data, employee and applicant information and personal information collected through our web site, very seriously and have implemented policies and procedures, as well as a combination of hardware and software, to ensure this data and personal information is kept secure and protected while in our possession. We have taken steps to ensure the integrity of our internal computers and network and have confirmed the validity of our processes by submitting to and receiving a certificate for an AICPA SOC 2 Type 1 Report.
Broniec Associates complies with the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from Switzerland, and agrees to cooperate and comply with the Swiss Federal Data Protection and Information Commissioner. Broniec is also certified under the U.S.-EU Safe Harbor Framework, which was recently invalidated in October 2015. Broniec will monitor the status of U.S.-EU personal information transfers and in the meantime, continue to ensure the security of European client data and personal information received through our website as stated in this policy.
In the course of providing a comprehensive payables audit, Broniec Associates collects electronic downloads from our clients. Obtaining this data is important to our ability to deliver the highest level of service to our clients, and we recognize that our clients expect us to treat this information appropriately.
The data we collect from our clients comes primarily from a download of accounts payable and purchasing transactions provided by our clients’ IT Departments. In addition, depending on the services required, Broniec Associates may obtain additional data from third party sources such as freight payment or procurement card providers.
Except as provided in the section “Privacy and the Internet”, clients should not upload, transfer or otherwise provide any private data to Broniec Associates. Private data includes any non-public, personally identifiable information (PII) of or about an individual person, including, without limitation, personal financial information, residence addresses, phone numbers and protected health information (as defined under HIPPA). If we do receive private data from a client, unless otherwise agreed upon by Broniec Associates and the client, we will delete this information upon receipt and will not be responsible for any actions or inactions arising out of our receipt of the private data.
Our Use of Client Data
Broniec Associates may use the data our clients provide to us to:
Disclosures of Client Data within Broniec Associates
In order to provide efficient and reliable services and to improve product and service options available to our clients, authorized Broniec Associates employees in more than one department within Broniec Associates may be given, or given access to, data the client provides.
Disclosures of Client Data to Third Parties
Broniec Associates will not disclose client data to any third party without the consent of the client.
Our clients should know that Broniec Associates will not sell their data.
Information Security: How We Protect Client Privacy
Broniec Associates is committed to protecting the privacy and confidentiality of our clients’ data. We limit access to client data to authorized Broniec Associates. We also maintain physical, electronic and procedural safeguards to protect our clients’ data against loss, misuse, damage or modification and unauthorized access or disclosure.
Other Privacy Policies or Statements
This policy provides a general statement of the ways in which Broniec Associates protects client data. Clients may, however, in connection with specific products or services offered by Broniec Associates, be provided with privacy policies or statements that supplement this policy. In the event of any conflict between this policy and any supplemental privacy policies or statements, the supplemental policy will prevail.
Personal Information Collected through Our Website
Individuals may provide us with PII on our web site, www.Broniec.com, when requesting information on Broniec Associates’ services, or requesting consideration for employment. This information will be used to provide the individual the requested information and for subsequent follow-ups.
Additionally, “Clickstream”, cookies or similar data (e.g. information regarding the frequency of individuals’ access to private Broniec sites) may be automatically collected and shared internally within Broniec Associates in order to assess the usage, value and performance of our online products and services.
Employee and Applicant Information
We may collect PII, including Social Security numbers, from individuals that apply or interview for employment, and from employees. The only Sensitive Personal Information we collect from employees is related to race, and this is collected solely to comply with US EEOC reporting requirements. PII is kept private and secure, and Broniec Associates does not disclose this information to outside parties (other than as required by law, such as EEOC reporting) without the individual’s permission (in writing) unless directed to do so by legal order.
With regards to employees, PII is processed only as required to provide services and benefits as part of the employee’s employment with Broniec Associates. At any time an employee may request that their PII not be processed by submitting their request in writing to our Human Resources Department. However, such a request may mean that certain benefits of employment are not available to the employee.
Employees are welcome to review their own personnel file in Broniec Associates’ offices in the presence of a member of the Human Resources Department or the Branch Manager. Requests for changes to any information contained in the employee’s personnel file should be submitted in writing to the Human Resources Department.
Applicants for employment that were not hired can request that their information be removed from our systems by submitting their request to hr@Broniec.com.
Links to Other Websites
We are not responsible for any practices employed by websites linked from our website, nor their information or content. When an individual uses a link to go from our website to another website, this policy is no longer in effect and the individual’s browsing and interactions are subject to that website’s own rules and policies.
If you have any questions, requests, or concerns about any personal information you have provided to our clients, you should first contact the client directly. If you need assistance with this process, you may contact Broniec Associates at email@example.com.
Changes to this Policy
This policy may be changed from time to time to reflect changes in our practices concerning the collection and use of client data. This version of the Policy is effective January 14, 2016.
If you require further information regarding our privacy policies and practices, please contact:
Scott Levine Chief Information Security Officer, Broniec Associates firstname.lastname@example.org 770.940.5006
Bob Sheppard, CTO, Broniec Associates email@example.com 770.940.5008