Policy Framework That Helps Set Behavioural & Performance Standards
Everyone's an author of the stuff they generate, if it is original or considered original in the meaning of copyright. Content can take several forms, including literary (text), artistic (pictures), and cinematographic (movies) (videos). Literary content is more common and frequently created among these, owing to the relative simplicity with which it may be written and communicated. It's entirely different when a caricature uses an image to tell a tale.
What rights do the users of a social networking site, or any other online medium have over the content they post? Online and social media mediums bring unique opportunities and problems. It allows the author to convey their points of view, solicit feedback, and then quietly reply to that feedback. Social media posts often devolve into an argument, a counterargument, and a succession of comments from other people. Is it okay for anyone to copy and paste this post/feed in any way they want?
The answer is a resounding 'No.' If the online content or feed is in the form of a text, image, video, or music, it would be protected as a literary work under the Copyright Act, providing it is an original invention. The term "original" refers to how the chain words were presented rather than the underlying concept. Like any other literary work in the offline world, no one has the right to copy or use it without the author's consent. The post would be protected as an artistic work if it was a cartoon caricature or image. The post would be protected as cinematographic art if presented as a video. The Copyright Act states that no one may use a work without the author's authorization.
However, the individual who posts the content should be aware of the conditions of engagement with the media platform on which the content is uploaded and the platform's rights to the content. Suppose the person has agreed to the platform's condition that any content submitted becomes the platform's property. In that case, the author of the content has no basis to object if the platform uses the content.
What rights might arise in the case of a succession of comments on a social media platform? Is it possible to protect each comment, or is it only possible to protect the entire chain of comments? This is especially true when only the entire chain of comments can tell a complete story or provide context for the comments. Every comment would be considered online content.
The comment's author would have complete control over the comments if the social platform were content-neutral and does not claim any rights to the content shared by its members. Not the opinion or idea in the comment, but the literary element of the text or comment will be protected. It's feasible that the chain of comments from many authors can be protected as a collective work, with all contributors listed as co-authors. As the term implies, collective work refers to a collection of works by various authors, such as a magazine or newspaper.
The Copyright Act makes it illegal to copy another person's content without permission. However, the content owner should assert ownership, which could be a result of being the originator of the material or by a transfer of rights from the author of the work. Before pursuing an infringement action, you must first send a takedown notice to the platform's owner and the person who submitted the content.
When the content isn't changed frequently, it's a good idea to register for copyright registration before releasing it online. This would provide an unquestionable source of the work's creation.
Some preventative actions, such as publishing a notice that you assert copyright in work, could be taken to stop possible infringers from duplicating your content. Copying of online information elsewhere on the web could be detected using technology.
Pirated content does not go undiscovered for long when it is available online. As a result, users should be cautious not to steal other users' content, lest they face legal repercussions, content shaming, or plagiarism accusations from other contributors on the platform.
OpenNDC serves as a B2B travel marketplace platform for global travel businesses to solve their travel business operations challenges. Our security is the fundamental key of our strategy reflected in our process, products, and clients.
1. Company Security
We have an advanced security system that considers our security objectives and all interested parties' risks and mitigations. In addition, we employ strict policies and procedures encompassing the security, availability, processing, integrity, and confidentiality of customer data.
2. Employee Background Checks
Each employee is subjected to a background investigation. We use reputable third-party companies to do this check on our behalf. We do this to check their criminal history, previous work records, and educational background if they have any. The employee will not be allocated responsibilities that could endanger users until this check is completed.
3. Security Awareness
After being inducted, each employee signs a confidentiality agreement and an approved usage policy and then receives training in information security, privacy, and compliance. Then, based on their roles, we provide training on specific security issues they may need. We also use tests and quizzes to assess their comprehension and determine which topics require additional instruction. We continuously educate our staff on information security, privacy, and compliance through our internal community. Our employees check in regularly to stay up to speed with the organization's security standards. We also hold internal events to increase awareness and promote security and privacy innovation.
4. Dedicated Security and Privacy Teams
We have dedicated security and privacy teams that implement and manage our security and privacy programs. They engineer and maintain our defense systems, develop review processes for security, and constantly monitor our networks to detect suspicious activity. In addition, they provide domain-specific consulting services and guidance to our engineering teams.
5. Internal Audit and Compliance
Our security and privacy programmes are implemented and managed by teams committed to security and privacy. They design security review processes, engineer and manage our protection systems, and constantly monitor our networks for suspicious activities. In addition, our technical teams benefit from their domain-specific advising and advice.
6. Endpoint Security
All workstations provided to OpenNDC staff are equipped with the most recent operating system and anti-virus software. In addition, they're set up to meet our security standards, which call for all workstations to be correctly installed, patched, tracked, and monitored using OpenNDC's endpoint management software. These workstations are safe by default, as they are set up to encrypt data in transit, use strong passwords, and lock when not in use. To ensure that mobile devices used for business purposes fulfil our security criteria, they are enrolled in the mobile device management system.
Physical Security
7. At Workstation
The Human Resource (HR) staff creates and manages role-specific goals. We use access cards to govern access to our resources (buildings, infrastructure, and facilities), including consumption, entry, and utilization. For example, we issue distinct access cards to employees, contractors, vendors, and guests that only allow entry for their visit to the premises. To detect and address irregularities, we keep access logs.
8. At Data Centers
A colocation provider manages the building, cooling, power, and physical security at our Data Centers while providing the servers and storage. Only a small number of authorized workers have access to the Data Centers. Any other access is logged as a ticket and granted only with the permission of the appropriate managers. To enter the premises, further two-factor authentication and biometric authentication are necessary. Access logs, activity data, and camera footage are all available in an incident.
9. Monitoring
We use CCTV cameras to monitor all access and exit movements throughout our business centers and data centers by local requirements. Backup footage is available for a limited time, depending on the venue's needs.
Infrastructure Security
10. Network Security
Our network security and monitoring methods are built to give numerous layers of defense and protection. Firewalls protect our network from unwelcome traffic and unwanted access. To protect sensitive data, our systems are divided into distinct networks. For example, systems that support testing and development are hosted on a different network than those that support OpenNDC's production infrastructure. We keep a close eye on firewall access frequently. Every day, a network engineer evaluates all firewall updates. These adjustments are also examined every three months to update and alter the rules. In addition, our Network Operations Center team keeps an eye on the infrastructure and apps for any anomalies or suspicious activity. Our proprietary technology continuously monitors all critical parameters, and notifications are sent out in the event of any anomalies.
11. Network Redundancy
Our platform's components are all redundant. We adopt a distributed grid architecture to protect our system and services from the effects of possible server failures. Users can carry on as usual if a server goes down because their data and OpenNDC services will still be available. We deploy numerous switches, routers, and security gateways to achieve device-level redundancy. Single-point failures in the internal network are avoided because of this.
12. Server Hardening
All servers used for development and testing purposes have been hardened (disabling unused ports and accounts, removing default passwords, etc.). Server hardening is embedded into the underlying Operating System (OS) image, installed in the servers to ensure consistency between servers.
Identity and Access Control
13. Single Sign-On (SSO)
Single sign-on (SSO) is a feature offered by OpenNDC that allows users to access different services using the same sign-in page and login credentials. Only our integrated Identity and Access Management (IAM) service are used to sign in to any OpenNDC service. We also support SAML for single sign-on, allowing customers to use their company's identity provider, such as LDAP or ADFS, to log into OpenNDC services. SSO makes it easier to log in, assures compliance, provides effective access management and monitoring, and decreases the risk of password fatigue, which leads to weak passwords.
14. Administrative Access
We deploy technical access controls and organizational policies to prevent staff from accessing user data at will. To reduce the danger of data disclosure, we use the principles of least privilege and role-based permissions.
A central directory manages access to production environments, and users are authorized using a combination of strong passwords, two-factor authentication, and pass-protected SSH keys. We also make such access easier by creating a separate network with stronger regulations and hardened devices. We also keep track of all operations and audit them regularly.
Operational Security
15. Logging and Monitoring
We track and analyze data gathered from services, internal network traffic, and device and terminal usage. Event logs, audit logs, fault logs, administrator logs, and operator logs are all used to keep track of this information. These logs are automatically watched and examined fairly, allowing us to spot anomalies like strange activity in workers' accounts or efforts to access client data. We store these logs on a secure server segregated from full system access to handle access restrictions and maintain availability.
Customers get access to detailed audit logs for all updates and deleted operations made by the user in any OpenNDC service.
16. Vulnerability Management
We have a dedicated vulnerability management strategy that uses a combination of certified third-party scanning technologies and in-house tools, as well as automated and manual penetration testing activities, to scan for security risks actively. In addition, our security staff actively examines inbound vulnerability reports and monitors public mailing lists, blog postings, and wikis for incidents that could compromise the company's infrastructure. When we find a vulnerability that must be fixed, we log it, prioritize it by severity, and assign it to an owner. We also identify the risks associated with the vulnerability and track it until it is fixed, either by patching the susceptible systems or by implementing appropriate measures.
17. Conclusion
Security of your data is your right and a never-ending mission of OpenNDC. We will continue to work hard to keep your data secure, like we always have. For any further queries on this topic, look at our FAQs or write to us at onboard@openndc.com
1. Terms
The materials contained in this Website are protected by copyright and trademark law. By accessing this Website, accessible from https://www.openndc.com/, you agree to be bound by these Website Terms and Conditions of Use. You agree that you are responsible for the agreement with any applicable local laws. You are prohibited from accessing this site if you disagree with these terms.
2. Use License
Permission is granted to temporarily download one copy of the materials on the OpenNDC website for personal, non-commercial transitory viewing only. This is the grant of a license, not a transfer of title, and under this license you may not: modify or copy the materials; 2. use the materials for any commercial purpose or any public display; 3. attempt to reverse engineer any software contained on OpenNDC's Website; 4. remove any copyright or other proprietary notations from the materials; or 5. transferring the materials to another person or "mirror" the materials on any other server. This will let OpenNDC terminate upon violations of any of these restrictions. Upon termination, your viewing right will also be terminated, and you should destroy any downloaded materials in your possession, whether it is printed or electronic format.
3. Disclaimer
All the OpenNDC website materials are provided "as is". OpenNDC makes no warranties, whether expressed or implied, negating all other warranties. Furthermore, OpenNDC does not make any representations concerning the accuracy or reliability of the use of the materials on its website or otherwise relating to such materials or any sites linked to this Website.
4. Limitations
OpenNDC or its suppliers will not be held accountable for any damages that will arise with the use or inability to use the materials on OpenNDC’s Website, even if OpenNDC or an authorized representative of this Website has been notified, orally or written, of the possibility of such damage. Some jurisdictions do not allow limitations on implied warranties or liability for incidental damages; these limitations may not apply to you.
5. Revisions and Errata
The materials appearing on OpenNDC’s Website may include technical, typographical, or photographic errors. OpenNDC will not promise that any of the materials on this Website are accurate, complete, or current. OpenNDC may change the materials contained on its website at any time without notice. OpenNDC does not make any commitment to update the materials.
6. Links
OpenNDC has not reviewed all the sites linked to its website and is not responsible for the contents of any such linked site. The presence of any link does not imply endorsement by OpenNDC of the site. The use of any linked website is at the user’s own risk.
7. Site Terms of Use Modifications
OpenNDC may revise these Terms of Use for its Website at any time without prior notice. Therefore, by using this Website, you agree to be bound by the current version of these Terms and Conditions of Use.
8. Your Privacy
Please read our Privacy Policy
9. Governing Law
The laws of ca shall govern any claim related to OpenNDC's Website without regard to its conflict of law provisions.
At OpenNDC, accessible from https://www.openndc.com/, one of our main priorities is the privacy of our visitors. This Privacy Policy document contains types of information collected and recorded by OpenNDC and how we use it.
If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us.
This Privacy Policy applies only to our online activities and is valid for visitors to our website regarding the information they shared and/or collected in OpenNDC. This policy does not apply to any information collected offline or via channels other than this website.
1. Consent
By using our website, you hereby consent to our Privacy Policy and agree to its terms.
2. Information We Collect
If you contact us directly, we may receive additional information name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide. When you register for an Account, we may ask for your contact information, including name, company name, address, email address, and telephone number.
3. How We Use Your Information
We use the information we collect in various ways, including to:
3.1. Provide, operate, and maintain our website
3.2. Improve, personalize, and expand our website
3.3. Understand and analyze how you use our website
3.4. Develop new products, services, features, and functionality
3.5. Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the website and for marketing and promotional purposes
3.6. Send emails
3.7. Find and prevent fraud
4. Log Files
OpenNDC follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this as part of hosting services' analytics. The information collected by log files includes internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any personally identifiable information. The purpose of the information is to analyze trends, administer the site, track users' movement on the website, and gather demographic information.
5. Cookies and Web Beacons
Like any other website, OpenNDC uses 'cookies'. These cookies are used to store information, including visitors' preferences and the website pages that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.
6. Privacy Policies for Advertising Partners
You may consult this list to find the Privacy Policy for each of the advertising partners of OpenNDC. Third-party ad servers or ad networks use technologies like cookies, JavaScript, or Web Beacons used in their respective advertisements and links that appear on OpenNDC, which are sent directly to users' browsers. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or personalize the advertising content you see on websites you visit. Note that OpenNDC has no access to or control over these cookies that third-party advertisers use.
7. Third-Party Privacy Policies
OpenNDC's Privacy Policy does not apply to other advertisers or websites. Thus, we advise you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about opting out of specific options. You can choose to disable cookies through your browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers' respective websites.
8. CCPA Privacy Rights (Do Not Sell My Personal Information)
Under the CCPA, among other rights, California consumers have the right to: Request that a business that collects a consumer's data disclose the categories and specific pieces of personal data that a business has collected about consumers. Request that a business deletes any personal data about the consumer that a business has collected. Request that a business that sells a consumer's personal data, not sell the consumer's personal data. If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
9. Purposes for Using Information
In addition to the purposes mentioned above, we may use your information for the following purposes:
9.1. To communicate with you (such as through email) about products that you have downloaded and services that you have signed up for, changes to this Privacy Policy, changes to the Terms of Service, or important notices;
9.2. To keep you posted on new products and services, upcoming events, offers, promotions, and other information that we think will be of interest to you;
9.3. To ask you to participate in surveys or to solicit feedback on our products and services;
9.4. To set up and maintain your account, and to do all other things required for providing our services, such as enabling collaboration, providing website and email hosting, and backing up and restoring your data;
9.5. To understand how users use our products and services, to monitor and prevent problems, and to improve our products and services;
9.6. To provide customer support and to analyze and improve our interactions with customers;
9.7. To detect and prevent fraudulent transactions and other illegal activities, to report spam, and to protect the rights and interests of OpenNDC, OpenNDC’ users, third parties and the public;
9.8. To update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you;
9.9. To analyze trends, administer our websites, and track visitor navigations on our websites to understand what visitors are looking for and to better help them;
9.10. To monitor and improve marketing campaigns and make suggestions relevant to the user.
10. Retention of Data
We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
OpenNDC has always honored its users’ data privacy and protection rights. Over the years, we’ve demonstrated our commitment to this by consistently exceeding industry standards. We do not need to collect and process users’ personal information beyond what is required for the functioning of our products, and this will never change. We have a privacy-conscious culture here, and GDPR is an opportunity to strengthen this even further.
1. What Is Personal Data?
Any data that relates to an identifiable or identified individual. GDPR covers a broad spectrum of information that could be used on its own or in combination with other pieces of information to identify a person. Personal data extends beyond a person’s name or email address. Some examples include financial information, political opinions, genetic data, biometric data, IP addresses, physical addresses, sexual orientation, and ethnicity.
2. How Prepared Is OpenNDC For GDPR?
We have acted on many fronts to adhere to this new regulation.
2.1. We have raised awareness across the organization through frequent discussions on our internal channels and trained employees to handle data appropriately. They now understand the importance of information security and the high standards set by GDPR.
2.2. We have assessed all OpenNDC products individually against the requirements of the GDPR. We have implemented new features that will give you more control over your data and ease your burden of achieving GDPR compliance.
2.3. Please look at what some of our products have done to be GDPR-ready.
2.4. We have constituted an Information Asset Register (IAR), which includes information on all the roles OpenNDC assumes, such as a data controller and processor. It details various categories of personal data processed by our organization and which department is getting access to which data and for what purpose. It has comprehensive coverage of all our processes and procedures.
2.5. We have assessed our sub-processors (third-party service providers, partners) and streamlined the contract process to ensure that they have addressed the pressing needs of the current security and privacy world.
2.6. We have appointed internal privacy champions for all our teams. We have also appointed a Data Protection Officer (DPO).
2.7. Our application teams have embraced the concept of privacy by design and have provided you with more control over the data you store in our systems. These provisions may vary based on a product’s characteristics and domain. We constantly endeavor to provide you with more enhancements, which shall be rolled out in phases.
2.8. We have amended our Data Processing Addendum (based on Model Contractual Clauses) to be compliant with the data processing requirements of GDPR. If you are the
organization administrator and would like to sign a DPA with us, please drop an email to corp_comm@claritytts.com to request a copy of the Data Processing Addendum mentioning which Data Center you've signed up for your OpenNDC account.
2.9. We conducted Data Protection Impact Assessments (DPIA). Based on the results, we have put appropriate controls on data processing and management in place.
2.10. We conducted internal audits of our products, processes, operations, and management. The findings were communicated to our teams, who have worked out the solutions to the identified problems.
2.11. Based on the DPIAs and internal audits, we have improved our data security methods and processes. This includes encrypting data at rest, based on the level of sensitivity and likelihood of risks. We have developed in-house tools for better governance and discovery of data.
2.12. We have cleaned up our databases to ensure that we have only the latest and most accurate information. This cleanup process includes removing terminated and dormant accounts as per our Terms of Service.
2.13. According to our internal Privacy Incident Response policy, breach notifications will be done when needed. Customers will be notified of a breach within 72 hours (about 3 days) after OpenNDC becomes aware of it. We will notify users through our blogs, forums, and social media for general incidents. For incidents specific to an individual user or an organization, we will notify the concerned party through email (using their primary email address).
2.14. We have revised our Privacy Policy to incorporate the requirements of the applicable privacy laws based on our data inventory, data flows, and data handling practices.
This is the Cookie Policy for OpenNDC, accessible from https://www.openndc.com/
1. How We Use Cookies
We use cookies for a variety of reasons detailed below. Unfortunately, in most cases, there are no industry standard options for disabling cookies without completely disabling the functionality and features they add to this site. It is recommended that you leave them on all cookies if you are not sure whether you need them or not in case, they are used to providing a service that you use.
2. Disabling Cookies
You can prevent the setting of cookies by adjusting the settings on your browser (see your browser Help for how to do this). Be aware that disabling cookies will affect the functionality of this and many other websites that you visit. Disabling cookies will usually result in also disabling certain functionality and features of this site. Therefore, it is recommended that you do not disable cookies.
3. The Cookies We Set
Account related cookies If you create an account with us, then we will use cookies for the management of the signup process and general administration. These cookies will usually be deleted when you log out; however, in some cases, they may remain afterwards to remember your site preferences when logged out. Login related cookies We use cookies when you are logged in to remember this fact. This prevents you from having to log in every single time you visit a new page. These cookies are typically removed or cleared when you log out to ensure that you can only access restricted features and areas when logged in. Email newsletters related cookies This site offers newsletter or email subscription services and cookies may be used to remember if you are already registered and whether to show certain notifications which might only be valid to subscribed/unsubscribed users. Surveys related cookies From time to time, we offer user surveys and questionnaires to provide you with interesting insights, helpful tools, or to understand our user base more accurately. These surveys may use cookies to remember who has already taken part in a survey or to provide you with accurate results after you change pages. Forms related cookies When you submit data through a form such as those found on contact pages or comment forms, cookies may be set to remember your user details for future correspondence. Site preferences cookies In order to provide you with a great experience on this site, we provide the functionality to set your preferences for how this site runs when you use it. To remember your preferences, we need to set cookies so that this information can be called whenever you interact with a page that is affected by your preferences.
4. Third Party Cookies
In some special cases, we also use cookies provided by trusted third parties. The following section details which third party cookies you might encounter through this site. This site uses Google Analytics which is one of the most widespread and trusted analytics solutions on the web for helping us to understand how you use the site and ways that we can improve your experience. These cookies may track things such as how long you spend on the site and the pages that you visit so we can continue to produce engaging content. For more information on Google Analytics cookies, see the official Google Analytics page. Third party analytics are used to track and measure usage of this site so that we can continue to produce engaging content. These cookies may track things such as how long you spend on the site or pages you visit which helps us to understand how we can improve the site for you. From time to time, we test new features and make subtle changes to the way that the site is delivered. When we are still testing new features, these cookies may be used to ensure that you receive a consistent experience whilst on the site whilst ensuring we understand which optimizations our users appreciate the most. As we sell products it's important for us to understand statistics about how many of the visitors to our site actually make a purchase and as such this is the kind of data that these cookies will track. This is important to you as it means that we can accurately make business predictions that allow us to monitor our advertising and product costs to ensure the best possible price. We use adverts to offset the costs of running this site and provide funding for further development. The behavioral advertising cookies used by this site are designed to ensure that we provide you with the most relevant adverts where possible by anonymously tracking your interests and presenting similar things that may be of interest. Several partners advertise on our behalf and affiliate tracking cookies simply allow us to see if our customers have come to the site through one of our partner sites so that we can credit them appropriately and where applicable allow our affiliate partners to provide any bonus that they may provide you for making a purchase. We also use social media buttons and/or plugins on this site that allow you to connect with your social network in various ways. For these to work the following social media sites including; LinkedIn, Facebook, Twitter, YouTube & Instagram, will set cookies through our site which may be used to enhance your profile on their site or contribute to the data they hold for various purposes outlined in their respective privacy policies.
5. More Information
Hopefully, that has clarified things for you. As was previously mentioned, if there is something that you aren't sure whether you need or not, it's usually safer to leave cookies enabled if it interacts with one of the features you use on our site.
However, if you are still looking for more information, then you can contact us through one of our preferred contact methods:
Email: onboard@openndc.com
Phone: +1 416 223 2800
We appreciate your interest in the services offered by OpenNDC at https://www.openndc.com/
You can cancel /end your subscription at any moment by visiting Your Account and changing your subscription options if you have created your OpenNDC account directly with us. If you decide to end your subscription before the paid time validity, the amount will be reimbursed as per your subscription fee pro rata. Discounts and promotional codes used to purchase the accounts are non-refundable.