Security & Privacy Policy
Security Controls
Laserbeam uses the most advanced Internet security today to ensure the security of customer information. Whenever a user accesses Laserbeam, a secure HTTPS connection is established leveraging Secure Socket Layer (SSL) technology. This technology enables us to ensure that customer information is safe, secure, and only available to registered users.
The Laserbeam hosted environment is secured at a Telco-grade hosting facility that includes both electronic and physical security, from firewalls to guards, to prevent access from intruders.
Laserbeam hosted solutions include physical, logical and access controls to insure a secure environment for customer applications.
Physical Security includes the physical security of the colocation facilities, remote system monitoring and automated system failure alerts to mobile devices.
Logical Security includes the use of best of breed firewall/VPN technology, logical segregation of client application and database instances and SSL 256 key encryption (https) Internet access.
Access Controls includes application-level access control over data controlled by the customer. Access to the tool is managed with userids tied to roles defined within the application (Manager, HR Manager, Admin). Managers have access to their direct reports and Manager-over-Managers have access cascading down through the hierarchy to line managers and their direct reports. Access controls can also be utilized to enable dotted-line relationships and proxy access (such as a assistant to an executive). Sensitive customer data can be fully encrypted at the database level to prevent anyone outside of the client from gaining access to internal information. Laserbeam Software support personnel will only have direct access to employee data with the express purpose of providing support, during clearly defined periods (such as an annual Compensation cycle) and with the express permission of the client. The customer (usually 1 or 2 admnistrators) and responsible officers (not more than 2 company officers) of Laserbeam Software will retain and maintain the administrative login credentials necessary to access employee data. Employees (other than senior officers) of Laserbeam Software that provide support and maintenance in the normal course of business only have access to client data for defined periods of time. All employees are required to leave cell phones, personal computer equipment and any other device for communicating or copying data outside our secured offices. Employee workstations have been rendered inaccessible for any form of copy or save except to local hardrives and servers not externally accessible (effectively making workstations into "dumb terminals"). All new employees sign and must strictly adhere to internal policies for Laserbeam's Privacy Protection policies as part of the induction process and must turn over all materials related to their employment upon termination of employment.
Redundancy and Failure System redundancy, failover and system recovery is an integral part of our hosted environment, insuring rapid recovery in the event of a service interruption.
Privacy Policy
Laserbeam Software does not share any information you provide to us with any third party, except with your express permission. The only circumstances under which we would share any personal information about your company is to provide a reference for potential customers. The information shared will be limited to your name, organization, title, phone number and email. Once you have given your express, written permission to be contacted by potential clients about our services, you are free to say anything you like, positive or negative. If at any time you wish to opt out of being contacted as a customer reference, please send an email to pdurall@laserbeamsoftware.com.
Laserbeam Software uses Trustguard for insuring the privacy of information collected on our website complies with FCC and California standards of compliance, as detailed below:
What information do we collect?
We collect information from you when you register on our site or fill out a form.
Any data we request that is not required will be specified as voluntary or optional.
When ordering or registering on our site, as appropriate, you may be asked to enter your: name, e-mail address, mailing address, phone number or Company name. You may, however, visit our site anonymously.
What do we use your information for?
Any of the information we collect from you may be used in one of the following ways:
• To improve customer service
(your information helps us to more effectively respond to your customer service requests and support needs)
How do we protect your information?
We implement a variety of security measures to maintain the safety of your personal information when you submit a request, place an order or access your personal information.
These security measures include: password protected directories and databases to safeguard your information, SSL (Secure Sockets Layered) technology to ensure that your information is fully encrypted and sent across the Internet securely or PCI Scanning to actively protect our servers from hackers and other vulnerabilities.
We do not request credit card or banking information, nor currently accept on-line payments of any kind. All business transactions with Laserbeam are conducted through contractual agreements and invoicing your company directly. In the event that this should change, your accounting department will be notified that we accept on-line payments and the appropriate security controls will be put in place.
Do we use cookies?
We do not use cookies.
Do we disclose any information to outside parties?
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
California Online Privacy Protection Act Compliance
Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.
Childrens Online Privacy Protection Act Compliance
We are in compliance with the requirements of COPPA (Childrens Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.
CAN-SPAM Compliance
We have taken the necessary steps to ensure that we are compliant with the CAN-SPAM Act of 2003 by never sending out misleading information.
Online Privacy Policy Only
This online privacy policy applies only to information collected through our website and not to information collected offline.
Your Consent
By using our site, you consent to our privacy policy.
Changes to our Privacy Policy
If we decide to change our privacy policy, we will post those changes on this page, and/or update the Privacy Policy modification date below. Policy changes will apply only to information collected after the date of the change.
This policy was last modified on 1/14/2012
Contacting Us
If there are any questions regarding this privacy policy you may contact us using the information below.
www.laserbeamsoftware.com
1647 Willow Pass Road, Suite 404
Concord, California 94520
info@laserbeamsoftware.com
800-218-5067
Privacy Policy Customer Pledge
We pledge to you, our customer, that we have made a dedicated effort to bring our privacy policy in line with the the following important privacy laws and initiatives:
Federal Trade Commision Fair
California Online Privacy Protection Act
Childrens Online Privacy Protection Act
Privacy Alliance
Controlling the Assault of Non-Solicited Pornography and Marketing Act
If at anytime you have a cause that needs to be disputed please fill out the Trust Guard Dispute Resolution form.
Safe Harbor (For European Union Members and Switzerland)
Safe Harbor Certification valid through 1/17/2013. Certification can be viewed at https://safeharbor.export.gov/list.aspx . Search by company for Laserbeam Software.
Laserbeam Software complies with the following Safe Harbor principles:
- Notice - Individuals must be informed that their data is being collected and about how it will be used. As a processor of Human resources dats, this is ulitmately the responsibility of our clients, although we will always discuss internal procedures with our clients as part of our implementation policies.
- Choice - Individuals must have the ability to opt out of the collection and forward transfer of the data to third parties. Since we do not communicate directly with our client's employees, this is a client responsiblity. However, we will provide mechanisms and directions for easing the burden of complying with an Opt-out policy.
- Onward Transfer - Transfers of data to third parties may only occur to other organizations that follow adequate data protection principles.
- Security - Reasonable efforts must be made to prevent loss of collected information. Please read our Security Policy above.
- Data Integrity - Data must be relevant and reliable for the purpose it was collected for. Laserbeam Software only collects employee information necessary to provide the services for which it has been hired by the client
- Access - Individuals must be able to access information held about them, and correct or delete it if it is inaccurate. Laserbeam provides mechanisms and directions for easing the burden of the access policy.
- Enforcement - There must be effective means of enforcing these rules. Read our Security Policy. Internal documentation for employee responsibilities and duties to protect client information is available on request.
