Friends/Finance

From MozillaWiki
Jump to: navigation, search

Guidelines for Finance

Finance handles cash, payments to employees/vendors/contractors and financial reporting. To complete these tasks, Finance has access to employee, contractor and vendor personal data, including some sensitive personal data. Finance strives to handle this user data in accordance with the Mozilla Privacy Principles.

Mozilla Privacy Principles

No Surprises

To avoid surprises, finance strives to make data use clear and to limit use to the purpose at hand. One way finance can operationalize this principle is to openly communicate use of vendors and ensure that vendor contracts clearly restrict data use. This helps ensure that users are not surprised when they receive communications from vendors.

Finance also strives to provide clear explanations within communications and on templates and forms that request user data, so that users understand why data is being requested and how it will be used.

Real Choices

Finance strives to offer choices where possible. For example, in some cases users may be able to choose to receive payment by check rather than disclosing bank account information for direct deposit or wire transfer. These choices should be made clear at the point of data collection, along with the pros and cons of each option.

Sensible Settings

Finance strives to use sensible defaults, such as defaulting to payment by check where possible. Finance also uses standard forms, such as the W-9 and the 1099, and strives to apply sensible controls, such as encryption on all collection templates and forms.

Limited Data

Finance strives to collect only the data needed to perform the task. This principle is operationalized through the use of templates and forms that should be periodically reviewed to ensure that all of the information collected is being used and that none of the uses could come as a surprise to users.

User Control

Finance strives to avoid disclosure of user information without the user's consent by using encryption appropriately and being open about vendor relationships, as well as offering choices where possible. Appropriate access controls are placed on accounting databases and physical security is applied to paper files.

Trusted Third Parties

Finance strives to understand the privacy practices of its 3rd party vendors and to evaluate those against Mozilla's privacy principles. Vendor contracts should contain the data use addendum and clearly outline expectations regarding user data.

External Resources

Business Plan Writer | Business Plan Writers | Business Plan Writing Service | Business Plan Service