Skip to search Skip to main content Skip to navigation

Welcome to our new website, found an issue or bug? Please report it here
We noticed you are from . Visit your local site for regional offers and live support.
Stay here.
Go to the site >

Help Center

Order Status/Tracking Apply for Credit Terms Upload Tax Exemption Pay My Invoice
  1. Home
  2. See Help Center
  3. Security and Privacy
 

Security & Privacy

We want to provide you with a secure online experience. On-line privacy and security is of the greatest importance at DywerOmega. We therefore utilize a high level of security provided by Verisign, the leading authority in data encryption. Submitting your order to DywerOmega's On-Line Store is only allowed in a secure-mode enabling Secure Sockets Layer (SSL) technology. This insures that your private & critical information such as your credit card number, your name, company name, addresses, and telephone numbers are encrypted. In addition, our registration with a site identification authority enables positive identification and verification that you have reached DywerOmega on-line.

If for any reason you are still concerned about the security of your credit card information, or are uncomfortable ordering on-line, please feel free to contact us via telephone or use our Contact Us form

DwyerOmega Information Security Statement

Updated: June 7, 2024

Information Security Program

DwyerOmega and its business units implements an information security program that aligns with the NIST Cybersecurity Framework. This framework, authored by the National Institute of Standards and Technology, provides a functional model for reducing cyber risks. DwyerOmega policy framework is based on NIST 800 series, covering acceptable use, access controls, business continuity, communications, data classification and handling, encryption, incident response, compliance, change management, operations, HR security, risk management, supplier relationships and systems acquisition and development.

Data Center & Device Security

DwyerOmega uses Microsoft Cloud Services as a service provider for infrastructure, security and business applications. As with any hosting provider, MSFT shares responsibility with DwyerOmega for the overall security of cloud operations. MSFT provides “security of the cloud” while DwyerOmega provides “security in the cloud.” MSFT publishes substantial documentation on their security practices. MSFT participates in multiple compliance programs such as ISO 27001 and SOC2.

DwyerOmega operates as a global based company with internal corporate network. All business applications required for business operations and related file storage are cloud-based with appropriate user access controls implemented including multi-factor authentication. All company or personal laptops and desktops used to perform business functions.

Data Protection

Your data is stored and processed in an MSFT datacenter in the United States. Your data will never be disclosed to any commercial or government entity, unless MSFT or DwyerOmega is legally required to do so, to comply with a legally valid and binding order, such as a subpoena or a court order, or as is otherwise required by applicable law.

Your data is treated as confidential incorporating the principle of least privilege and logical segregation, isolating and separating data from other clients. Only security screened individuals or service accounts with absolutely required permissions to maintain the application have access to client data. Data that is not necessary to conduct business will not be retained in any format (e.g., paper or electronic). If such data is shared with any external service provider, DwyerOmega will ensure that:

  • A written agreement is executed and retained which defines the provider's responsibility related to the security of this information;
  • Any new service provider will be thoroughly vetted by management, DwyerOmega IT personnel and others as appropriate before engagement to ensure that the provider can meet information security requirements.

Data Privacy

DwyerOmega considers your personal data and your privacy to be of the utmost importance. Our privacy policy explains what personal data we collect and how we process them. Please reference our online for DwyerOmega privacy policy for more details.

Please note that this privacy statement will be regularly updated to reflect any changes in the way we handle your personal data or if there are any changes in the applicable laws. The privacy policy will also tell you how we protect personal data relating to you that we collect, process and protect in accordance with applicable data protection laws, and the rights available to you in relation to the processing of personal data.

Monitoring & Detection Capabilities

The DwyerOmega systems and related network traffic is monitored via detailed logging and log analysis. DwyerOmega utilizes real-time Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) capabilities and Microsoft Security Cloud to proactively identify threats, risks, and remediation actions. Any abnormal activity is escalated via automated alerting to DwyerOmega for deeper investigation and response.

Disaster Recovery

MSFT data centers are highly available in their design. Network, power and other critical resources are redundant to mitigate the risk of data center wide outages. In the event of a hardware failure, the impacted virtual machine will be migrated to a new machine with minimal downtime. In the event of data corruption or other catastrophe, your data will be restored to the most recent valid backup with minimal data loss. Virtual machine images and data backups are replicated to across MSFT datacenters to different US region daily and are retained for up to 30 days. In the event of a complete data center-wide outage, our services can be restored to an alternate MSFT datacenter. Back-up and restore capabilities are summarized below:

  • Data is backed up across multiple availability zones using automated MSFT backup procedures.
  • DwyerOmega tests restore procedures on a regular basis with all systems monitored continuously for availability.
  • MSFT servers are managed by an MSFT service, deployed virtually and can be recycled within minutes.
  • All backup data is stored in multiple tenant locations with no shared access or credentials.

Security Maintenance

DwyerOmega will ensure that all system security is proactively maintained including but not limited to:

  • Detection software will be updated and run at regular intervals to ensure that all confidential data is secured.
  • Data encryption software will be implemented and updated.
  • Vendor patches will be installed on a timely basis.
  • Access will be granted to systems only on a “business-need-to-know” basis with accessreviewed continuously.

If external vendors need remote access to service our third-party software, access will be granted only for the time needed to do the necessary task(s) and then immediately disabled.

Human Resources Security

Newly hired personnel and contractors undergo pre-employment background checks. Security and privacy communications are distributed to DwyerOmega employees quarterly. Processes are in place to review user IDs to verify inactive or terminated individuals are removed from DwyerOmega systems.

Corporate Security and Awareness

DwyerOmega ensures the monitoring of all system resources and sensitive data for employees using company resources to educate and protect. DwyerOmega will use educational tools to promote security training and awareness. Security training will focus on core elements such as handling phishing, marking, protection of assets at minimum. Security will monitor the effectiveness of the program and change the program as risk appetite. Any harm to the business assets or data will be discussed with HR and Legal department for further review and action.

DwyerOmega - Password Rules

The minimum length of passwords is 12 characters. Minimum password complexity requirements include:

  • At least one number
  • At least one uppercase letter
  • At least one special case letter
  • Does not contain any part of the username
  • Remembers password history for last 10 passwords
  • Password expires in 90 days
  • Prompt user 5 days before password expires
  • Lock out user after 5 unsuccessful attempts
  • Account is automatically unlocked after 20 minutes

DwyerOmega - Encryption-in-Transit

Data communications between the end user and the MSFT cloud services are made via secure web service calls (https) using the Simple Open Access Protocol (SOAP) and Representational State Transfer (REST). The transmission of the messages is made using Transport Layer Security (TLS) encryption. TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor to Secure Socket Layer (SSL).

DwyerOmega - Encryption-at-Rest

The MSFT cloud services use encrypted databases and file storage. MSFT uses the industry standard AES-256 encryption algorithm to encrypt data. This provides an additional layer of data protection by securing data within its source location.

Single Sign-On (SSO)

SSO is available for ADFS via the SAML 2.0 protocol. All corporate application were applicable will be configured with SSO. An additional layer of security will be required for all DwyerOmega accounts access system resources with strong multi-factor authentication.

DwyerOmega - Information Security Best Practices

Best-practices are followed to ensure the confidentiality, integrity and accuracy of data.

Error Handling & Logging

  • Error pages capture and control application and framework errors
  • Stack traces and unhandled exceptions are prevented
  • Privileges changes and authentication failures are logged with MSFT Security Compliance Center
  • Relational database principles followed, such as the use of strong types and foreign key constraints

Data Protection

  • Transport Layer Security (TLS) used for web application and web service transmissions
  • SSL certificates are issued from a reputable certificate authority (CA)
  • Storage of sensitive data is limited and encrypted at rest

Configuration & Operations

  • Rigorous change management process for software development life cycle and IT infrastructure
  • Design patterns are utilized
  • Design and code reviews are performed
  • Security checks are integrated into the QA testing process
  • An incident management plan is in place
  • Monthly communications with product and design teams on cyber threats and best practices

Authentication

  • Credentials are not stored directly within application and changed on a periodic basis
  • Shared passwords and accounts are prohibited as standard practice
  • All credentials are securely stored and protected
  • Generic responses are provided for authentication failures

Session Management

  • A best-practice framework for session management is employed
  • Transactions and distributed transactions help manage data
  • Industry standard object-to-relational mapping (ORM) frameworks are used
  • Queues provide for guaranteed delivery of information Input and Output Handling
  • Parameterized SQL queries are used to prevent SQL injection
  • Defenses are in place to prevent cross-site scripting

User Access control

  • Access control checks consistent across infrastructure
  • Least-privileged model for applications and data folders
  • Accounts segregated by role
  • Single Sign-On (SSO) is available
  • Multifactor authentication will be used for accounts

DWYEROMEGA WEBSITE AND MOBILE APP

PRIVACY POLICY

Last Updated: June 07, 2024

DwyerOmega and its business units; Dwyer Instruments, LLC (“Dwyer”), Omega Engineering, Inc. (“Omega”), Automation Components Inc. (“ACI”), Miljoco-Weiss, LLC (“Miljoco”) strives to offer users of its online services the many advantages of Internet technology and to provide an interactive and personalized experience. In order to do so, we may obtain certain personal information from you. The purpose of this website privacy policy (“Privacy Policy”) is to inform you about the types of information we gather about you when you access or use our website, available at https://www.dwyeromega.com/ , any mobile applications we may provide, and via other online submissions by you to DwyerOmega, (together, the “Site”), how we may use that information, and the choices you have regarding our use of that information. This Privacy Policy supplements and is incorporated as a part of DwyerOmega's Website Terms of Use. Throughout this Privacy Policy, “we” or “our “refers to DwyerOmega and business units (affiliates), and “you” or “your” refers to the person or entity that accesses or uses the Site or its content (the “User”). This Privacy Policy applies solely to information collected online through the Site.

Right To Change Policy

DwyerOmega reserves the right, at its sole discretion, to alter this Privacy Policy at any time without prior notice to any User, including to comply with privacy laws, regulations and/or our own or industry standards or otherwise. We encourage you to review this Privacy Policy each time you access or use our Site. Your use of our Site at any time, including after any change to this Privacy Policy, indicates your acceptance of this Privacy Policy and the Terms of Use, and any change made to this Privacy Policy or the Terms of Use.

MOBILE APPLICATION PRIVACY POLICY

Requesting Locational Data

DwyerOmega mobile applications, including but not limited to, the Smart Air Hood ® app, may require location permission access in the application. The permission is required to collect location data which enables the Smart Air Hood ® app, or similar Dwyer app, to search for Dwyer and other business unit products on the wi-fi network, and to allow those products to be selected and connected to the app. This process is done in the background of the application when a search for products is executed. The location data is only used in the search for products and is not stored or shared in any form.

COLLECTION AND USE OF INFORMATION FROM USERS

We may collect information on our Users in various ways, including by your voluntary submissions, through surveys, contests, sweepstakes and other promotions and through “cookie” (as explained below) and other tracking technology. The information we collect is used in a variety of ways including, but not limited to: fulfilling and providing services requested by you; improving the Site and our services; notifying you about updates to the Site and our services; and/or informing about products, services and promotions in which you may have interest. With your authorization or as otherwise permitted under this Privacy Policy, we may also share the information you provide with third parties.

Personally Identifiable Information

Personally Identifiable Information refers to information that tells us specifically who you are, such as your name, phone number, e-mail, postal address or credit card information, and possibly information relating to certain support or customer service issues (“Personally Identifiable Information”). You generally, do not need to provide us with Personally Identifiable Information to use the Site or to obtain information from most of the features on the Site.

In some cases, however, you may be asked to provide Personally Identifiable Information in order to access or use certain pages and services of the Site, or to allow us to provide you with certain personalized or enhanced services that you have requested. How we collect and store information depends on the page you are visiting, the activities in which you elect to participate and the services provided. As noted, you can access or use many pages and services on our Site without providing any Personally Identifiable Information. Other pages may prompt you to provide Personally Identifiable Information.

Aggregate Information

From time to time, we may collect general, non-personal, statistical information about the use of the Site, such as how many visitors visit a specific page on the Site, how long they stay on that page, and which hyperlinks, if any, they click on. This information represents a generic overview of our Users' collective viewing habits and allows us and other third parties to modify information, promotions, offers and/or discounts on products and services based on user traffic and behavior. We collect this information through the use of technologies such as “cookies”, which are discussed in greater detail in this Privacy Policy. We collect this information in order to determine, for example, which areas of the Site are most popular and to enhance the Site for visitors. We may also group this information into aggregate visitor data in order to describe the use of the Site to our existing or potential business partners or other third parties, or in response to a government request. From time to time, we may use this information to optimize third-party offers of products and/or services. We also may share aggregated demographic and preference data with third parties to enable the provision of targeted information, promotions, offers and/or discounts on products and services. However, please be assured that this aggregate data will in no way personally identify you or any other users of the Site.

Cookies and Other Tracking Technologies

Like most websites and related digital properties, the Site also may collect information automatically and through the use of electronic tools that may be transparent to Users. For example, DwyerOmega may automatically collect non-personally identifiable information and data through the use of “cookies”. Cookies are small text files a website uses to recognize repeat Users, facilitate the User's ongoing access to the website and facilitate the use of the website. Cookies also allow a website to track usage behavior and compile site usage information that will allow for the improvement of content and target advertising. Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set your browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser. However, please be aware that some features of our Site may not function or may be slower if you refuse cookies. You may occasionally get cookies from our advertisers or other third parties with links on the Site as described below. We do not control these cookies. The use of advertising cookies sent by third party ad servers is standard in the Internet industry.

Tracking technologies may record information such as Internet domain and host names; Internet protocol (IP) addresses; browser software and operating system types; clickstream patterns; and dates and times that our Site is accessed. An IP address is a number that is automatically assigned to your computer whenever you are surfing the web. Web servers, the computers that “serve up” web pages, automatically identify your computer by its IP address.

The Site may also use technology called “tracer tags”. These may also be referred to as “Clear GIFs” or “Web Beacons”. This technology allows us to understand which pages you visit on the Site. These tracer tags are used to help us optimize and tailor our Site for you and other Users of our Site. We may link the information we record using tracking technologies to Personally Identifiable Information we collect at the Site for our own and our marketing partners' marketing and advertising purposes. In addition, we reserve the right to use IP addresses and other tracking technologies to identify a visitor when we feel it is necessary to enforce compliance with our Terms of Use, to protect our Site, our customers or others, or when we believe in good faith that the law requires it.

We also use third-party advertising companies to serve ads when you visit our Site. These companies may use information (not including your name, address, email address or telephone number) about your visits to this and other websites in order to provide advertisements about goods and services of interest to you.

DISCLOSURES AND TRANSFERS OF INFORMATION

We do not disclose Personally Identifiable Information to third parties, except when one or more of the following conditions is true:

  1. You have authorized us to provide such information;
  2. The disclosure is to financial service providers in order to fulfill and carry out the purchaseand provision of goods and services requested by you;
  3. The disclosure is required by relevant law;
  4. The disclosure is reasonably related to the sale or other disposition of all or part of our business or assets;
  5. The Personally Identifiable Information to be disclosed is publicly available;
  6. The party to whom the disclosure is made controls, is controlled by, or is under common control with DwyerOmega or its business units ;
  7. The disclosure is reasonably necessary for the establishment or maintenance of legal claims;
  8. The disclosure is in our sole discretion about users who we believe are engaged in illegal activities or are otherwise in violation of our policies, even without a subpoena, warrant or court order;
  9. The disclosure is to outside businesses to perform certain services for us, such as maintaining our Site, mailing lists, processing orders and delivering products and services, sending postal mail, processing, providing marketing assistance, data analysis, etc.; or
  10. The disclosure is to persons or entities for whom we are providing services, provided the disclosure is consistent with the purpose for which the Personally Identifiable Information was obtained.

As a Service to Others

We may provide your Personally Identifiable Information to third parties for their marketing and/or advertising purposes, but only if you have authorized us to do so. Users of our Site are given the

opportunity to consent to the disclosure of Personally Identifiable Information to a third party or to the use of such information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the User. We do this to ensure that our Users can make an informed choice as to whether or not they want to share their information with such outside parties. We will provide individuals with a reasonable mechanism to exercise their choices.

If you have at some point authorized us to share such information about you with others and later properly notify us that you no longer want us to share your information (as discussed below), we will cease sharing your Personally Identifiable Information. However, except as otherwise stated in this Privacy Policy, we do not control the third parties with whom we share such information and you will need to further notify such third parties if you would like them to cease use of your information.

Notwithstanding the foregoing, we reserve the right to send you certain non-promotional communications to fulfill pending or ongoing services requested by you, relating to the Site (such as service announcements), email and other communications related to purchases you have made or information you have submitted, or similar administrative or transactional messages.

Our Service Providers

We may sometimes use other businesses to perform certain services for us, such as hosting or maintaining our Site, storing your information, processing orders or subscriptions, or providing marketing assistance and data analysis. We may provide Personally Identifiable Information to service providers when that information is necessary for them to complete a requested transaction or otherwise perform their duties. DwyerOmega will take reasonable steps to ensure that these service providers are notified of their obligations to reasonably protect Personally Identifiable Information on DwyerOmega's behalf.

Business Transfers

As we continue to develop our business, we may buy other businesses or their assets or sell some or all of our business assets. Personally Identifiable Information and other customer information is generally one of the business assets involved in such transactions. Thus, in the event that DwyerOmega or all of its assets are acquired, such information may be one of the transferred assets.

Protection of DwyerOmega and Others

DwyerOmega fully cooperates with law enforcement agencies in identifying those who use our services for illegal activities, and may in its sole discretion disclose Personally Identifiable Information or other information to satisfy any law, regulation, subpoena, or government request or in connection with litigation. DwyerOmega reserves the right to release Personally Identifiable Information or other information about Users who we believe are engaged in illegal activities or are otherwise in violation of our Terms of Use, even without a subpoena, warrant or court order, if we believe in our sole discretion that such disclosure is necessary or appropriate to comply with any laws, to operate the Site, or to protect the rights or property of DwyerOmega, its affiliates, or any of their officers, directors, or employees, agents, third party content providers, suppliers, sponsors, or licensors. DwyerOmega also reserves the right to report to law enforcement agencies any activities we reasonably believe in our sole discretion to be unlawful.

DATA SECURITY AND INTEGRITY

We take reasonable precautions to protect the privacy, accuracy and reliability of any information you provide and to protect such information from loss, misuse, unauthorized access, disclosure, alteration and destruction. The Personally Identifiable Information you provide and we collect is stored within databases that are controlled by us or by our service providers. As we deem appropriate, we use security measures consistent with industry standards, such as firewalls and encryption technology, to protect your information. However, since no security system is impenetrable, we cannot guarantee the security of our databases, nor can we guarantee that information you supply will not be intercepted while being transmitted to us over the Internet. As a result, you transmit any information to or from the Site at your own risk.

If you create an account on the Site, you may be asked to choose a password for your account, in which your online account information case shall be protected by your password. You may not disclose your password to any other person. You are responsible for maintaining the confidentiality of your password and Site account and are fully responsible for all activities that occur under your password or Site account. You can access and update information in your account profile at any time by logging in to the website with your login name and password. Once you have logged in, you can update certain information such as your name, email, password, and/or change your address.

ACCESSING AND DELETING PERSONALLY IDENTIFIABLE INFORMATION; OPT-OUT

If you have submitted Personally Identifiable Information through the Site, you may be able to review, edit, and control how we use much of this information, by visiting the “My Accounts” webpage. Otherwise, you may be able to access such information by contacting the Sales Department at 800-872-9141. We may require proof of your identity before we provide you with the requested information. We will use reasonable efforts to supply you with this information and to correct any factual inaccuracies that you identify. Please also contact our Sales Department at 800-872-9141 if you do not want us to disclose your Personally Identifiable Information to third parties or you want us to delete your Personally Identifiable Information from our databases. Keep in mind, however, that there may be residual information within our databases, access logs and other records, which may or may not contain such information. The residual information will not be used for commercial purposes; however, we reserve the right, from time to time, to re-contact former Users of the Site. We allow you to challenge the data that we hold about you and, where appropriate, you may have the data erased, rectified, amended, or completed. Approved requests will be processed within ten (10) days of the date on which we receive the request.

AFFILIATED SITES, LINKED SITES AND ADVERTISEMENTS

DwyerOmega expects its partners, advertisers and third-party affiliates to respect the privacy of our Users. However, third parties, including our partners, advertisers, affiliates and other content providers accessible through the Site, may have their own privacy and data collection policies and practices. For example, during your visit to Site you may link to, or view as part of a DwyerOmega page, certain content that is actually created or hosted by a third party. Also, you may be introduced to, or be able to access, information, websites or advertisement features offered by other parties through the Site. DwyerOmega is not responsible for the actions or policies of such third parties. You should check the applicable privacy policies of those third parties when providing information on a feature or page operated by a third party. While we support the protection of our customer's privacy on the Internet, DwyerOmega expressly disclaims any and all liability for the actions of third parties, including but without limitation to actions relating to the use and/or disclosure of Personally Identifiable Information by third parties.

CHILDREN

We understand and share your concerns regarding your children's access to the Internet and the Internet's access to your children. Consistent with the Children's Online Privacy Protection Act of 1998 (COPPA), we do not knowingly request or accept Personally Identifiable Information submitted to the Site by any visitor under 13 years of age. If we become aware that an individual under age 13 has provided information to DwyerOmega through the Site, we will make commercially reasonable efforts to delete such information from our databases.

APPLICABLE LAW

This Privacy Policy shall be governed by the laws of the State of Indiana, United States of America, without regard to conflicts of law principles. Any action relating to this Privacy Policy must be filed and maintained in a state or federal court located in the State of Indiana, United States of America, and each User consents to exclusive jurisdiction and venue in such courts for such purpose. Dwyer makes no representation that this Privacy Policy and such practices comply with the laws of any country outside the United States.

How To Contact us

All requests, questions or concerns about your Personal identifiable Information or this Privacy Policy, please contact us by mail or email at the following:

Attn: Privacy Concerns

DwyerOmega

Address: 102 Indiana Highway 212

Michigan City, IN 46360

E-mail: compliance@dwyeromega.com

We welcome your questions and comments.

Policy: 'Dwyer Website and Mobile App Privacy Policy 2022-06-07'

 
Need further assistance? Contact Us
en-US
en
Save Configuration