No sensitive personal information (e.g., DOB, social security, credit card, home address, phone number, etc.) is stored in Green Arrow Labs systems. Personally identifiable information (PII) is limited to name, organization, and email address. While the software does not manage health or financial data, the infrastructure on which the data is hosted complies with HIPAA, FISMA, and similarly stringent regulatory requirements. Our data privacy policies were devised around these standards as well; specifically, that the minimum amount of information about a user is necessary to achieve the goal (authentication into the application).
Employees and contractors are required to sign and comply with confidentiality/NDA and data security policies as a condition of hire. We make secure document portals available to our clients for exchanging sensitive documents and data, and client data is maintained in a secured facility at all times.
Your identity will not be revealed or used for marketing purposes without your express written permission. Your written permission is also required for us to aggregate/anonymize data from your suppliers or test results for the purpose of producing industry benchmarks. The benchmarks are used in presenting charts and statistics on your dashboards (depending on the software and service level/edition to which you subscribe). Aggregated/anonymized data cannot be reverse engineered to somehow reveal its source. You will always continue to own your data and it will never be sold or used for any other commercial purpose.