Griot Privacy Policy
GRIOT is a Software as a Service financial management system for small businesses. Each company has their own GRIOT instance –with their own URL, such as http://nameofcompany.griot.us. Each instance has a unique database solely available to your company and its users, and to GRIOT Staff.
Please read the Acceptable Use Policy for more information on expected behavior by all customers who have access to their GRIOT instance.
This document will spell out exactly what privacy expectations you should and should not have for information shared on the GRIOT Instance - whether you provide it directly, or indirectly through "cookies" or web analytics technology.
1. Information Collected by GRIOT Staff
1.1 User Registration Information
Griot instances have a site owner who is the highest point of management of a Griot Instance. This site owner grants access for other staff to the GRIOT Instance. The level of access granted is controlled through unique user names and passwords, and is based on the role(s) assigned to each individual. GRIOT customers manage all points of contact within their organization via the platform, and determine the level of access each individual should have to their GRIOT Instance.
By authorizing GRIOT (either via the GRIOT administration screens or via GRIOT Staff) to give an individual access to their company instance at a particular access level, the GRIOT client states it gives the individual authority to share information on their GRIOT Instance on its behalf. GRIOT staff cannot and will not review content shared by GRIOT users for appropriateness, privacy or security concerns, and cannot guarantee that information will not be shared outside of your GRIOT instance. Please see our Acceptable Use Policy for more guidance on acceptable use of Griot.
Our website's user access system requires us to have your email address and a password, which in combination translate into a unique identifier. Unique identifiers are collected to verify your identity and are used as account numbers in our record system. All passwords are encrypted and site access is protected by a secure connection at all times. However, it is strongly recommended that you not use a password that you use elsewhere.
1.2 Using the Site
All usage of the site is tracked by your unique identifier for security and usability purposes. All information you choose to share on the GRIOT Instance will be tagged with your username and company unless specifically stated otherwise. We also reserve the right to track your usage of the Griot Instance for usability analysis. This information will only be accessed by Griot Staff site administrators and only shared with GRIOT customers as aggregated, non-identifiable information.
2. Access to Your Company Data by GRIOT Staff
2.1 GRIOT System Administrators
Only Griot Systems Administrators have access to the servers hosting the Griot Instances and databases. Griot Systems Administrators will only access your data when required to resolve issues with your Griot instance, and will notify you of any such access when it occurs.
2.2 Technical and Customer Support Staff
Griot Technical and Customer Support Staff have access to your Griot Instance for the exclusive purposes of providing technical and customer support on your behalf at your request. The Griot system will automatically inform the site owner when a Griot technical and customer support staff person logs into their instance.
No Griot Staff member will ever require a customer or user to share their password.
3. Cookies and Other Browser Information
Our site automatically captures IP addresses. We use IP addresses to help diagnose problems with our server, to administer the GRIOT Instance, and to help ensure the security of your interaction with your GRIOT Instance. Your IP address is used to help identify you as a valid user of the site.
Each GRIOT Instance places a non-persistent session cookie on your desktop or mobile phone every time you log in. This cookie is used exclusively for security purposes, and is required to protect the site from unauthorized access. The cookie is destroyed when you log out of the site, close your browser window, or turn off your computer. No personally identifiable information is stored in the cookie. GRIOT does not use persistent session cookies or tracking cookies.
3.1 About Links to Other Sites
Your GRIOT Instance may contain links to other sites. GRIOT does not control the information collection of sites that can be reached through links from your GRIOT Instance. If you have questions about the data collection practices of linked sites, please contact those companies directly.
4. GRIOT Instance Content
4.1 Expectations of Usage of GRIOT Instance Information
All information on your GRIOT Instance is for the use of customers only, based on the access level authorized by your company and given to them by the site owner or designates of the site. Some features such as timecard review, rate books, and invoicing offer limitations to access, to allow for more private management of this data by a subset of employees (such as finance managers, HR staff, and business owners). These permissions are set by your GRIOT Instance site owner or designates and can be reset as needed. Please contact Griot at support@griot.us for more guidance on how to change access settings.
4.2 Expectations of Privacy
Your GRIOT Instance offers your firm information sharing tools such as rate books, timecards, and document libraries. While we strive to protect this content through username and password and our acceptable use policy, please remember that any information that is disclosed in these areas may become public unintentionally or shared beyond its intended audience. Exercise caution when deciding to disclose personal, proprietary, or confidential information.
Please review our acceptable use policy for our expectations for all customers treatment of content made available on the GRIOT Instance. We rely on our customers to follow our Acceptable Use Policy to protect confidentiality and privacy of information shared on the GRIOT Instance, including contact information, but as such GRIOT staff cannot be held responsible the protection for any information freely posted by a company user of their GRIOT Instance.
4.3 Ownership and Appropriateness
Information posted on your GRIOT Instance, unless otherwise stated as being the statements of GRIOT membership, belong solely to their respective authors and do not necessarily reflect the views of GRIOT, its member organizations, or sponsors.
4.4 Contact
If you find any posts in the GRIOT Instance to be offensive or objectionable, or if you have reason to believe the privacy and security of the GRIOT Instance has been compromised, please contact us via email at support@griot.us and/or use our contact us form as soon as possible.
5. Questions and Answers
5.1 How Can I Modify or Update My Information?
You can always update your profile (change your username, email address, or your password) by clicking on My Profile in the top right corner. You can also contact technical support at support@griot.us for help.
5.2 How can I remove information on the GRIOT Instance?
Please contact Technical support at support@griot.us to remove information.
5.3 What do I do if I think information has been shared beyond the GRIOT Instance?
Please contact support@griot.us and/or use our contact us form as soon as possible, with the following information if you have it:
- Date/time of the breach
- The information that was compromised
- Any information on the individuals who may have been involved
- Recommendations (if any) for resolution.