Conflicting statements in Zoho Privacy Policy And/Or Missing Substiantation

Conflicting statements in Zoho Privacy Policy And/Or Missing Substiantation

Zoho Team,

I would like to draw your attention to the following statements in Zoho Privacy Policy:

  1. Investigation of Illegal Activity

    We may need to provide access to your Personal Information and the contents of your user account to our employees and service providers for the purpose of investigating any suspected illegal activity or potential violation of the terms and conditions for use of Zoho Services. However, Zoho will ensure that such access is in compliance with this Privacy Policy Statement and subject to appropriate confidentiality and security measures.

  2. How secure is your Information

    We adopt industry appropriate data collection, storage and processing practices and security measures, as well as physical security measures to protect against unauthorized access, alteration, disclosure or destruction of your Personal Information, username, password, transaction information and data stored in your user account. Access to your name and email address is restricted to our employees who need to know such information in connection with providing Zoho Services to you and are bound by confidentiality obligations.

The extent of information share with the employees is not given. Does this mean any Zoho employee can just hop in to the database and peek at the message or creator data by using a simple SQL? I just thought of bringing this doubt to limelight for the mutual benefit of Zoho Corp and employees because I see a few threads in Zoho forums where the employees are able to answer queries too specifically addressed to user account info.
----
Deepak Vasudevan
http://thamizhththendral.blogspot.com/