Last Update: September 10, 2020
This privacy notice and user agreement discloses the privacy practices for (onc-rg.com). This privacy notice and user agreement applies solely to information collected by this website. It will notify you of the following:
What personally identifiable information is collected from you through the website, how it is used and with whom it may be shared.
What choices are available to you regarding the use of your data.
The security procedures in place to protect the misuse of your information.
How you can correct any inaccuracies in the information.
Information Collection, Use, and Sharing
We are the sole owners of the information collected on this site. We only have access to/collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone.
We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request.
Unless you ask us not to, we may contact you via email in the future to tell you about products or services, or changes to this privacy policy.
Your Access to and Control Over Information
You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:
See what data we have about you, if any.
Change/correct any data we have about you.
Have us delete any data we have about you.
Express any concern you have about our use of your data.
Security
We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.
Wherever we collect sensitive information, that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the Web page.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.
Registration
In order to use this website, a user must first complete the registration form. During registration a user is required to give certain information (such as name and email address). This information is used to contact you about the products/services on our site in which you have expressed interest.
Cookies
We use “cookies” on this site. A cookie is a piece of data stored on a site visitor’s hard drive to help us improve your access to our site and identify repeat visitors to our site. For instance, when we use a cookie to identify you, you would not have to log in a password more than once, thereby saving time while on our site. Cookies can also enable us to track and target the interests of our users to enhance the experience on our site. Usage of a cookie is in no way linked to any personally identifiable information on our site.
Links
This website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.
For any questions, comments, or suggestions on our privacy policy and user agreement, please contact us via telephone at +1 541-977-1516 or via email: brooke.blackwelder@onc-rg.com.
**********************************************
ONCrg’s Commitment to the General Data Protection Regulation (GDPR)
Last Update: September 10, 2020
Commitment Statement
ONCrg Takes Privacy Seriously
The EU General Data Protection Regulation (GDPR) is the most significant piece of European privacy legislation in two decades. It replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data, and creating a uniform data protection law across Europe.
We didn’t just start to take privacy seriously, our customers’ privacy has always been one of our top priorities.
Ongoing Status
We have addressed GDPR data protection requirements that are applicable to ONCrg and will continue to be vigilant, to ensure we handle any developing requirements.
Data processing
ONCrg will continue to ensure we’re doing the maximum to protect data and improve our processes and procedures where we identify the opportunity.
Controls
We regularly review our Information Security Policy and related work plans to ensure that they take into account all requirements, confirming we’re fulfilling our obligations to GDPR.
Our customers depend on us to manage and protect the data we collect. Only a limited number of roles within ONCrg are authorized to access customer data. We comply with information security best practices including multiple-factor authentication and encryption.
Data Protection
ONCrg commits to conforming to information security best practices. In line with GDPR, appropriate measures are assessed in terms of a variety of factors including the sensitivity of the data, the risks to individuals associated with any security breach, state of the art technologies, and the nature of the processing. These measures include data anonymization, and egular testing of the effectiveness of all security measures is a continuous process.
Customer Guidance for Data Subject Request (SAR) Responsiveness
We have prepared guidance for our customers on how to respond to and act on their customer queries and requests regarding GDPR Data Subject Rights. We will augment this section if any additional information becomes available. It is important however that ONCrg Customers, both Cloud and on On- Premise, prepare their procedures and processes to conform with SARs as they, as Data Controllers, are solely responsible for the handling of and response to SARs.
Requests and Responses
Right: To information
What does it mean?
Transparency – what personal data of mine do you have and what do you do with it.
Action:
You can request a copy of the information that we collect and it will be presented to you in a timely manner.
Right: To access
What does it mean?
Right to receive a copy of the personal data.
Action:
Any of the information we collect can be exported to Excel or PDF format and provided to you by request.
Right: To rectification
What does it mean?
Right to request modification of the data.
Action:
You can request that your information be updated to refify any errors in the data.
Right: Of restriction
What does it mean?
Right to request a block of personal data processing.
Action:
You can request to be deleted from our system. In this scenario, you will stop being able to access any service in our system.
Right: To portability
What does it mean?
Right to receive data back for reuse, in usable electronic form.
Action:
You may request that we export your user data structured data to Excel or PDF format.
Right: To erasure
What does it mean?
Deletion of the subject’s personal data. Commonly referred to as the right to be forgotten.
Action:
You may request that we delete your user data stored in our system.
For any questions, comments, or suggestions on our GDPR compliance, please contact us via telephone at +1 541-977-1516 or via email: brooke.blackwelder@onc-rg.com.