Approved by: S. Plants, Quality Manager

Owner: Quality Manager

1. Purpose

This Privacy Policy describes how the Integrity Pest Management QMS/CRUD Application (“the Application”) collects, uses, stores, and protects personal and operational data. The policy ensures compliance with ISO 9001:2015 requirements for documented information, data integrity, access control, and protection of records.

2. Scope

This policy applies to:

• All employees and administrators who access the Application

• All data entered, stored, or processed within the Application

• All QMS‑related documents, records, and operational information

This policy does not apply to customer‑facing websites, marketing systems, or third‑party platforms such as FieldRoutes.

3. Data Collected

The Application collects only the minimum data required to support QMS operations:

User Data

• Name

• Email address

• Role (employee, administrator, quality manager)

• Authentication credentials (hashed; never stored in plain text)

Operational Data

• Controlled documents

• Records (CAPA, audits, training, etc.)

• Document metadata (DOCID, version, effective date, approvals)

• System logs (login attempts, document uploads, record creation)

No consumer data is collected.

No pesticide application data is collected.

No GPS, device, or behavioral tracking is performed.

4. Purpose of Data Use

Data is used exclusively to:

• Authenticate users

• Control access to QMS documents and records

• Maintain versioning, retention, and audit trails

• Support ISO 9001:2015 compliance

• Ensure data integrity and traceability

Data is never used for marketing, profiling, or external analytics.

5. Access Control

Access is role‑based:

• Employees: View policies, procedures, and assigned training

• Administration: Manage documents and records

• Quality Manager: Full access, including archive and system logs

Unauthorized access attempts are logged and reviewed.

6. Data Storage & Security

• All data is stored within the internal QMS/CRUD application database

• Passwords are hashed using industry‑standard algorithms

• Documents are stored in protected directories with restricted access

• Archived documents are stored in a designated archive repository

• Future integration with immutable storage (e.g., IDrive, S3) is supported

No data is stored on user devices.

7. Data Retention

Retention follows the QMS Document Control Procedure:

• Active documents remain accessible in the repository

• Obsolete documents are archived for a minimum of 3 years

• Records follow their defined retention schedule

• All archived data remains retrievable and protected

8. Data Sharing

The Application does not share data with:

• Third‑party vendors

• Marketing platforms

• External analytics services

• Customers or the public

The only exception is when required by law or regulatory authority.

9. User Responsibilities

Users must:

• Protect their login credentials

• Access only the information required for their role

• Report any suspected data breach or unauthorized access

• Use the Application in accordance with QMS procedures

10. Changes to This Policy

Any changes to this policy require:

• Review by the Quality Manager

• Approval by Administration

• Version update and controlled release

• Archiving of the previous version

Silent changes are prohibited.

11. Contact

Questions regarding this policy should be directed to:

Quality Manager

Integrity Pest Management, LLC