/
Protecting Customer Information

Protecting Customer Information

Owned by Rob
Last updated: Jun 14, 2022 by Herve.Woods
2 min read

P

 Information stored by EverBright, be that installer details, customer data, financial transactions, etc. need to be protected. This is to prevent that information from being misused by third parties for illicit activities. The following SOP provides guidance for the appropriate release of customer information.

As a general rule, support should only provide information to people who have an appropriate permission/team assignment for that info. For example - if someone has operations phase manager setting for a job, they are allowed any information available in the operations phase.

 Installer(s)/ Job Information

  • Only organization administrators can access information regarding an organization’s financials, such as milestone payments, reporting, etc.

  •  Job information can be shared with an organization admin or a user that is assigned to the job (and the specific phase). Information cannot be released to salespeople or other users that are not assigned to the job (or to the phase).

  • Personally Identifiable Information (PII) should not be included in any EverBright related documents or transmitted in an insecure way - like email or Jira - per NextEra’s’ policy. Support reps should review all document request before moving them to configuration to ensure that no line items for sensitive information are requested to be included in the document.  An example of this would be a text field for the client's social security # in a HIC document. Other examples of PII information:

    •  Passport number

    •  Driver's license number

    •  Banking information - account numbers

  • Examples of scenarios where information should not be shared:

    • A former employee of an installer seeking job information

    • One salesperson seeking information from us about another salesperson’s leads

    • One downstream org looking for pipeline info of another org

    • A salesperson asking if their employer (installer org) had received payment from EverBright yet on a job they worked on

    • A salesperson asking specifics on why a homeowner didn’t pass credit (only provide them the comments in the history section)

Homeowners

The following items should never be released to anyone seeking details of a homeowner’s account. This list is not exhaustive and should be used as guidance when receiving inquiries:

  •  Social security number

  •  Homeowner name

  •  Banking information (checking/ savings, debit/credit card numbers)

  • Birth date

  •  Mailing address

  •  E-mail address

  •  Phone number