Privacy and System Use Notice for DDH Ops and Its Customer Portal

Last updated: June 4, 2026.

This Privacy and System Use Notice explains how DDH Enterprise, Inc. (“DDH,” “Company,” “we,” “us,” or “our”) collects, uses, retains, and protects information in connection with the DDH cloud-based DDH Ops system and customer portal.

The DDH Ops system is used by authorized DDH employees to perform job responsibilities. The customer portal is used by authorized representatives of DDH customers to enter, review, and track orders and related business activity.

This system is for authorized business use only.

  1. Who This Notice Applies To

    This notice applies to:

    • DDH employees who access or use the DDH Ops system;
    • authorized customer representatives who access or use the customer portal;
    • vendor and customer business contacts whose information is maintained in the DDH Ops system; and
    • other authorized users of the system.

    Employees should also review DDH's Employee Privacy Notice, Employee Handbook, Electronic Systems Policy, and any applicable employee monitoring or acceptable-use policies.

  2. Information We Collect and Process

    Depending on your role and your use of the system, we may collect or process the following categories of information.

    • Account, Login, and Session Information

      We process information necessary to authenticate users, maintain secure sessions, and protect the system, including:

      • user ID or account identifier;
      • session ID or equivalent session token;
      • login and logout timestamps;
      • session-start time;
      • authentication and access-control information;
      • security events; and
      • related technical information needed to maintain system security.

      This information is used for login security, session persistence, access control, fraud prevention, system integrity, and troubleshooting.

    • Application Activity and Change Logs

      The system may log application activity generated by authorized users, including create, update, and delete activity. These records may include:

      • user or account identifier;
      • date and time of activity;
      • affected module, table, record, order, customer, vendor, or transaction;
      • INSERT, UPDATE, or DELETE queries or related change records;
      • error messages or debugging information; and
      • other technical details needed to understand system behavior.

      We use these records for debugging, error correction, data integrity, security, audit, troubleshooting, and improvement of the DDH Ops system.

      Where practical, DDH seeks to limit logs to information reasonably necessary for these purposes. DDH may review and improve its logging practices to reduce unnecessary personal or confidential information in logs.

    • Employee HR Information

      Because the DDH Ops system includes an HR module, DDH may process employee information necessary for employment administration and workforce management, including:

      • employee name and work contact information;
      • employee ID or internal account identifier;
      • job-related information;
      • time-off requests and related HR events;
      • attendance or schedule-related information, where applicable;
      • employment status and department information;
      • records needed to administer HR processes, policies, benefits, payroll, compliance, or workplace operations; and
      • other basic employment-related information maintained in the HR module.

      DDH uses this information for employment administration, HR operations, payroll or payroll support, benefits or leave administration, compliance with company policies, legal compliance, workforce management, and related business purposes.

    • Customer, Vendor, and Business Contact Information

      The DDH Ops system may contain business contact information provided by customers, vendors, or their representatives in order to conduct business with DDH, including:

      • name;
      • job title or role;
      • company name;
      • work email address;
      • work telephone number;
      • business mailing or billing address;
      • shipping or service address;
      • order, transaction, and account-related information; and
      • communications or notes related to business transactions.

      DDH uses this information to manage business relationships, process and track orders, communicate with customers and vendors, perform contractual obligations, maintain business records, provide support, and resolve questions or disputes.

  3. Purposes of Processing

    DDH processes information in DDH Ops and customer portal for the following purposes:

    • authenticating users and maintaining secure sessions;
    • providing access to DDH Ops and customer portal functions;
    • processing customer orders and related transactions;
    • maintaining customer, vendor, and employee records;
    • supporting HR administration and employment-related processes;
    • debugging, troubleshooting, and correcting system errors;
    • maintaining data integrity and audit trails;
    • detecting, preventing, and investigating unauthorized access, misuse, fraud, or security incidents;
    • training employees and improving business processes;
    • evaluating employee use of the DDH Ops system where appropriate and consistent with company policy;
    • complying with legal, tax, accounting, employment, contractual, and audit obligations;
    • resolving disputes and enforcing agreements or company policies; and
    • establishing, exercising, or defending legal claims.

  4. Employee System Monitoring

    Employees should understand that use of the DDH Ops system is not private. DDH may review employee activity in the system for legitimate business purposes, including system security, debugging, training, quality assurance, operational management, policy compliance, investigation of errors or misuse, and, where appropriate, performance evaluation.

    Employee activity review will be limited to legitimate business purposes and handled in accordance with applicable law and DDH policies.

  5. Customer Portal Audit Records

    Authorized customer representatives should understand that activity in the customer portal may be associated with their user account and business organization. DDH may use customer portal activity records to confirm who submitted, modified, approved, reviewed, or tracked orders or related business transactions. These records are used for order processing, customer support, audit, dispute resolution, fraud prevention, security, and legal or contractual compliance.

  6. Cookies and Session Technologies

    DDH Ops and customer portal use only technologies necessary to provide secure login, session persistence, and system security.

    These technologies are used to:

    • authenticate authorized users;
    • maintain secure logged-in sessions;
    • prevent unauthorized access;
    • protect the system from misuse; and
    • allow users to perform requested DDH Ops or portal functions.

    These necessary session technologies are not used for advertising, cross-site behavioral tracking, or unrelated marketing analytics.

  7. Retention

    DDH retains information only for as long as reasonably necessary and proportionate for the purposes described in this notice, unless a longer period is required or permitted by law, contract, audit requirements, tax or accounting requirements, security investigations, litigation holds, dispute resolution, or the establishment, exercise, or defense of legal claims.

    DDH uses the following retention principles:

    Category Retention approach
    Active session information Retained for the duration of the session and expired after logout or inactivity according to system settings
    Login and authentication security records Retained for a limited security and audit period, unless needed for investigation, compliance, or legal purposes
    Raw debugging logs and SQL-related activity logs Retained only as long as reasonably necessary for debugging, error correction, audit, security, or system integrity purposes
    Employee HR records Retained according to DDH's employee records retention schedule and applicable employment, payroll, tax, benefits, and legal requirements
    Employee DDH Ops activity records Retained as reasonably necessary for security, audit, training, operational management, performance-related purposes, investigations, or legal compliance
    Customer and vendor business contact records Retained while the business relationship is active and for a reasonable period afterward as needed for business records, accounting, audit, contractual, legal, or dispute-resolution purposes
    Customer portal order and transaction records Retained as part of DDH's business, accounting, audit, contractual, and legal records
    Aggregated or de-identified information May be retained for longer periods where it no longer reasonably identifies an individual

    DDH may delete, de-identify, aggregate, or archive information when it is no longer needed for the purposes described above.

  8. Access and Disclosure

    Access to information in DDH Ops and customer portal is limited to authorized personnel and service providers who need access for legitimate business purposes.

    DDH may disclose information to:

    • internal departments such as operations, HR, accounting, IT, management, customer service, and legal;
    • service providers that host, maintain, secure, or support the system;
    • auditors, legal advisors, insurers, or professional advisors;
    • customers, vendors, or business partners where necessary to conduct business;
    • government authorities or regulators where required by law; and
    • other parties where necessary to protect rights, safety, security, or legal interests.

    DDH does not sell personal information collected through DDH Ops or its customer portal. DDH does not use DDH Ops or its customer portal activity for cross-context behavioral advertising.

  9. Security

    DDH uses administrative, technical, and organizational safeguards designed to protect information in DDH Ops and customer portal from unauthorized access, loss, misuse, alteration, or disclosure.

    Users are responsible for protecting their login credentials, using the system only for authorized business purposes, and promptly reporting suspected unauthorized access or security incidents.

  10. Privacy Rights

    Depending on applicable law and your relationship with DDH, you may have rights regarding personal information processed in DDH Ops or its customer portal. These rights may include the right to request access, correction, deletion, restriction, portability, information about processing practices, or objection to certain processing, subject to applicable exceptions.

    Employees should direct employment-related privacy questions to DDH Human Resources' department.

    Customer and vendor representatives may contact DDH through their DDH sales representatives regarding privacy questions or requests.

  11. Contact

    For questions about this notice or DDH's privacy practices for DDH Ops and customer portal, contact:

    Privacy Practices Inquiry w/ Dir. of Information Technology DDH Enterprise 2220 Oak Ridge Way Vista, CA 92081 (760) 566-8888