Outstanding Investment Lending  卓越房地產貸款公司.

​

In an effort to protect consumers' private information and to comply with the Federal Trade Commission’s Safeguard Rule, the following policy and procedures are implemented and adopted. The company has access to consumers' personal information that must be protected. The Company considers identity theft as the main risk to consumers when they supply confidential information to us via our website. The following plan shall ensure that the information obtained is secure, properly utilized and properly disposed of.

為了保護消費者的私人信息並遵守聯邦貿易委員會的保障規則，我們實施並採用了以下政策和程序。公司有權訪問必須受到保護的消費者個人信息。當消費者通過我們的網站向我們提供機密信息時，公司將身份盜用視為消費者面臨的主要風險。以下計劃應確保所獲得的信息是安全的、正確使用和正確處理的。

​

Violations of this or any other company policy will result in disciplinary action up to and including termination of employment.

違反本政策或任何其他公司政策將導致紀律處分，直至並包括終止僱傭關係

​

Steven Leung CEO is the designated officer/employee of the company that will be responsible for the implementation and ongoing monitoring of the plan. He will be monitoring the websites of our software vendors and read relevant industry publications for news about emerging threats and available defenses and will promptly pass along information and instructions to employees regarding any new security risks or possible breaches.

梁廣陽 CEO 是公司的指定官員/員工，負責計劃的實施和持續監控。他將監控我們軟件供應商的網站並閱讀相關行業出版物以獲取有關新興威脅和可用防禦的新聞，並將及時向員工傳遞有關任何新安全風險或可能的違規行為的信息和說明。

​

This plan will be reviewed annually to evaluate and adjust the program in light of relevant circumstances, including changes in the company’s business or operations, or the results of security testing and monitoring identify and assess additional risks to consumer data and information systems. Documentation of each annual review will be maintained by the company for a period of at least 3 years.

該計劃將每年審查一次，以根據相關情況評估和調整計劃，包括公司業務或運營的變化，或安全測試和監控的結果，識別和評估消費者數據和信息系統的額外風險。每次年度審查的文件將由公司保存至少 3 年。

​

The Company’s website www.oilending will be controlled and serviced from 2450 Washington Ave #100, San Leandro, CA 94577 and hosted by Steven Leung. Consumer information is obtained directly from the consumer at the company’s website. This information will include the full name, phone number, email address, social security number, banking information, credit information, all the necessary items to complete a mortgage application and the property address that the consumer is interested in receiving information about. Employee access to this information will be limited to those who need this information to perform their duties.

公司網站 www.oilending 將由 2450 Washington Ave #100, San Leandro, CA 94577 控制和提供服務，由 Steven Leung 主持。消費者信息是直接從公司網站上的消費者那裡獲得的。該信息將包括全名、電話號碼、電子郵件地址、社會安全號碼、銀行信息、信用信息、完成抵押貸款申請的所有必要項目以及消費者有興趣接收信息的房產地址。員工訪問此信息將僅限於需要此信息來履行其職責的人員。

​

Because of the nature of information collected from the consumer through the website we recognize that there is a risk of the consumer’s information being stolen. In order to protect against identity theft all of the data that customers provide will be transmitted securely to our server where we implement industry standard best practices in securing consumer data; All of our customer facing web servers are locked down with firewalls as well as automated banning of malicious IPs (for instance too many failed login attempts). All of our platform services use SSL to communicate and are SOC2 compliant.

由於通過網站從消費者那裡收集的信息的性質，我們認識到消費者的信息存在被盜的風險。為了防止身份盜用，客戶提供的所有數據都將安全傳輸到我們的服務器，我們在該服務器上實施行業標準最佳實踐來保護消費者數據；我們所有面向​​客戶的 Web 服務器都被防火牆鎖定，並自動禁止惡意 IP（例如，登錄嘗試失敗次數過多）。我們所有的平台服務都使用 SSL 進行通信並且符合 SOC2。

​

The Company will exercise appropriate due diligence in selecting service providers and ensure service providers have implemented adequate security controls to safeguard customer information.

本公司將在選擇服務供應商時進行適當的盡職調查，並確保服務供應商已實施足夠的安全控制措施來保護客戶信息。

​

Protection of Information  信息保護

Prior to engaging any vendor and at least annually Steven Leung CEO, will review the security measures each vendor has in place to prevent unwarranted intrusion by outside parties, and verify that their Safeguard Policy complies with the Federal Trade Commission’s Safeguards Rule and, if they don't have a compliant Safeguards policy then he will insist that they establish one before we do business with them.

在聘請任何供應商之前，至少每年由 梁廣陽 CEO 審查每個供應商為防止外部各方無端入侵而採取的安全措施，並驗證其安全保護政策是否符合聯邦貿易委員會的安全保護規則，如果他們不這樣做沒有合規的保障政策，那麼他會堅持讓他們在我們與他們做生意之前建立一個。

​

Ensure the security and confidentiality of business and consumer information, protect against any anticipated threats or hazards to the security or integrity of business and consumer information, and Protect against unauthorized access to or use of business and consumer information that could result in substantial harm or inconvenience to any client or consumer.

確保商業和消費者信息的安全性和機密性，防止對商業和消費者信息的安全性或完整性的任何預期威脅或危害，並防止可能導致重大損害或不便的未經授權的商業和消費者信息訪問或使用給任何客戶或消費者。

​

Such measures include access controls on computer systems which require users to log in with a unique user identification and strong passwords, "firewall" technology, access restrictions at physical locations where business or consumer information is maintained, encryption of information transmitted and stored electronically, employee screening, and monitoring of security measures, both internally and in connection with information shared with third parties. At all times the company shall maintain antivirus software on any company computers that are used to access or store consumer information.

此類措施包括對計算機系統的訪問控制（要求用戶使用唯一的用戶標識和強密碼登錄）、“防火牆”技術、對維護業務或消費者信息的物理位置的訪問限制、以電子方式傳輸和存儲的信息加密、員工內部和與與第三方共享的信息相關的安全措施的篩选和監控。公司應始終在用於訪問或存儲消費者信息的任何公司計算機上維護防病毒軟件。

​

If, at any time, an employee or affiliate suspects that there has been a breach concerning any consumers' private information, the employee shall immediately report same to the CEO of the company support@oicompany.com who will determine the appropriate measures and reporting requirements of any breach.

如果員工或關聯方在任何時候懷疑任何消費者的私人信息遭到洩露，員工應立即向公司 CEO support@oicompany.com 報告，他將確定適當的措施和報告要求任何違反。

​

Upon hire, each new employee shall meet with the CEO of the company to review this policy. In addition, each new hire shall be given a copy of FTC Facts for Business: Complying with the Safeguards Rule. https://www.ftc.gov/tips-advice/business-center/guidance/financial-institutions-customer-information-complying In addition, all new hires are subject to background checks. References will be checked. All employees must affirm to subscribe to the company's confidentiality standards.

一經錄用，每位新員工都應與公司 CEO 會面以審查本政策。此外，每位新員工都應獲得 FTC Facts for Business：遵守保障規則的副本。 https://www.ftc.gov/tips-advice/business-center/guidance/financial-institutions-customer-information-complying 此外，所有新員工都要接受背景調查。參考文獻將被檢查。所有員工必須確認訂閱公司的保密標準。

​

At least annually, the CEO shall require a mandatory training session for all employees to review the safeguards policy and discuss the appropriate procedures.

CEO 應至少每年要求所有員工參加一次強制性培訓課程，以審查保障政策並討論適當的程序。