|
|
 |
 |
 |
 |
|
|
|
|
|
Secure Digital PRIVACY POLICY
|
|
Secure Digital Inc. ("Secure Digital") is committed to providing you with excellent service
for all of our products and services. Because we respect your right to privacy, we
have developed this Privacy Statement to inform you about our privacy practices
for all Secure Digital sites (including this site http://www.SecureDigitalSecuritySolutions.com/).
In keeping with our commitment to your privacy, we will inform you of:
- What information our site gathers about you
- How we use and with whom we share the information we gather
- Your ability to opt-out of future notifications
- What security procedures we have in place to protect your information from loss, misuse, or alteration
- How you can correct or update your information
Questions regarding this Privacy Statement should be directed to practices@securedigitalsecuritysolutions.com.
Please specify "Privacy Statement" in the subject line of your e-mail.
Overview
Privacy
is of great concern to users
of the Internet. At
Secure Digital, we are acutely
aware
of
and sensitive to the privacy
concerns of our customers
and other visitors to
our
Web site. Whether you
are a customer of our
various products and
services
or
a visitor to our site, we
assure you that we do not
collect personal information
from
you unless you provide it to
us. If you are
enrolling for a securedigitalTM
digital
certificate
("Digital ID"),
you may be asked to provide
certain personal
information.
Please note, however,
that we are asking for this
information for the
limited
purposes of creating your
Digital ID, providing the
services that may be
part
of your Digital ID, and
authenticating your identity
in order to issue you a
Digital
ID. If you are using
an authenticated digital ID
("Authenticated
ID"),
you
may be asked to provide
certain personal
information, which we
or your authenticating
agent ("RA") will
use for
the
limited purpose of
authenticating your identity
in order to complete your
on-line
transaction. You
should be assured that we do
not
provide
or sell information about
our customers or site
visitors to persons that are
not
involved in the provision of
securedigitalTM
products and services. If you would like to read more about the practices related to
the issuance of
Digital
IDs, see the documents in
our Repository
(http://www.SecureDigitalSecuritySolutions.com/repository/).
Our
Secure Digital division has
introduced Authenticated
Services, which involve
authentication of
individuals and allows certain individuals to obtain a Digital ID and provide
additional personal and professional information in an electronic profile (the
"Subscriber
Profile") for the purpose of permitting that individual to access a Web
site or use a service of a third party that would be relying on the information in
that Digital ID and
Subscriber
Profile (the "Relying
Third Party"). In
Secure Digital's Authenticated
Services, the Digital ID and
the ability to create the
Subscriber
Profile
may be offered by a third
party. If you are
providing information using
Authenticated
Services, the information is
used by Secure Digital to issue
you
a Digital ID, to
authenticate you, and also
to permit the Relying Third
Party
to
access your Subscriber
Profile to authenticate you.
This
Privacy Statement applies to
Secure Digital's site and those
of our affiliates, business
partners, representatives,
resellers and Licensees
("Members").
Our Members may
maintain their own privacy
policies that may be viewed
on their respective Web
sites. Secure Digital may
employ a
"network"
of domestic and
international
"Licensees" that
provide
certification
services on a worldwide
basis. We strive to
provide our
visitors
and customers with the
highest level of privacy
possible, and therefore
require
that our Members offer no
less protection than that
offered in this Privacy
Statement.
In addition, each of
our Members must meet the
data protection
requirements
of their relevant national
laws.
Please
note that our site contains
links to other sites.
Secure Digital is not
responsible
for the privacy practices,
privacy statements, or
content
regarding
these other sites.
Please see Section
titled "Links"
below.
Information We Gather from You
Personal Information
We
do not collect any personal
information from a visitor
to our site unless that
visitor
explicitly and intentionally
provides it. Under no
circumstances do we
collect
any personal data revealing
racial or ethnic origin,
political opinions,
religious
or philosophical beliefs,
trade union membership,
health, or sex life.
If
you
are simply browsing our
site, we do not gather any
personal information
about
you.
There
are two ways in which you
may explicitly and
intentionally provide us
with
and
consent to our collection of
certain personal
information:
E-mail Request for Information
- We use links throughout our
site to provide you with the opportunity to contact us via e-mail to ask questions,
request
information
and materials or provide
comments and suggestions.
You may also be
offered the
opportunity
to have one of our
representatives contact you personally to provide additional
information about our
products or services.
To do so, we may request additional
personal information from you, such as your name, e-mail address and telephone
number, to help us
satisfy
your request.
Enrollment
- If you choose to enroll for one of our products or
services,
we will request certain
information from you.
Depending on
the
type of product or service
that you request, you may be
asked
to
provide different personal
information. For
certain products and
services,
we may require your name,
address, telephone number, e-mail address, credit card number,
bank account information, IP address, and/or social security number. Other products
and services
may
require different or
supplemental information
from you in order to
apply.
For a detailed listing
of the type of personal
information
requested
for our various products,
please refer to the
enrollment
page
for the particular product
or service.
Statistical Information About Your Visit
When
you visit our site, our
computers may automatically
collect statistics about
your
visit. This
information does not
identify you personally, but
rather about a
visit
to our site. We may
monitor statistics such as
how many people visit our
site,
the user's IP address, which
pages people visit, from
which domains our
visitors
come and which browsers
people use. We use
these statistics about your
visit
for aggregation purposes
only. These statistics are
used to help us improve
the
performance of our Web site.
Use of Cookies
We
only use "cookies"
as described in this
Section. A
"cookie" is a
piece of information that a Web site sends to your browser, which then
stores
information
on your system. If a
cookie is used, our Web site
will be able to
"remember"
information about you and
your preferences either
until you exit your
current
browser window (if the
cookie is temporary) or
until you disable or delete
the
cookie. Many users
prefer to use cookies in
order to help them navigate
a
Web
site as seamlessly as
possible. You should
be aware that cookies
contain no
more
information than you
volunteer, and they are not
able to "invade"
your hard
drive
and return to the sender
with personal or other
information from your
computer.
Our
eventual uses of
"cookies" are
limited to the following
specific situations. In
general we do not use
cookies, however, we may use
temporary
cookies. There are two
instances in which we use temporary cookies. First, if you are accessing
our services through one of our on-line
applications, our Web server may automatically
send your browser a
temporary
cookie, which is used to
help your browser navigate
our site. The only
information
contained in these temporary
cookies is a direction value
that lets our
software
determine which page to show
when you hit the back button
in your
browser.
This bit of information is
erased when you close your
current browser
window.
Secondly, if you come to our
site from one of our
business partners, our Web
server
may also send your browser a
temporary cookie that
reflects an
"origination
code" for that business
partner. We use this
information, if any, for
statistical
and
marketing purposes.
Like
most standard Web site
servers we use log files.
This includes internet
protocol (IP) addresses,
browser type, internet
service provider (ISP),
referring/exit pages,
platform type, date/time
stamp, and number of clicks
to analyze trends,
administer the site, track
user’s movement in the
aggregate, and gather broad
demographic information for
aggregate use. IP
addresses, etc. are not
linked to personally
identifiable information.
How We Use and With Whom We Share the Information
We Gather
We
assure you that the
information we gather from
you is used by us only as
explained below.
Sending you responses and updates
We
generally respond to any
e-mail questions, requests
for product or service
information,
and other inquiries that we
receive. We may also
retain this
correspondence
to improve our products,
services, and Web site, and
for other
disclosed
purposes. Frequently
we retain contact
information so that we can
improve our products and
send individuals updates or
other important information
about our services and
products.
Occasionally these updates
or other important
information may be sent
out
by Members or other third
parties on our behalf.
Please be assured that any
such third party who
contacts
you in this capacity has
executed a confidentiality
agreement with us
that
contains a provision
ensuring the privacy and
security of any transferred
information
and limits the third party's
use of the shared
information to sending
updates
or providing services on our
behalf.
Special Offers and Updates
We
may send all new members a
welcoming email to verify
password and username.
Established members will
occasionally receive
information on products,
services or special deals.
Out of respect for the
privacy of our users we
present the option to not
receive these types of
communications. Please see
the Choice and Opt-out
sections.
Service Announcements
On
rare occasions it is
necessary to send out a
strictly service related
announcement.
For instance, if our service
is temporarily suspended for
maintenance we
might
send users an email.
Generally, users may
not opt-out of these
communications, though they
can deactivate their
account. These
communications
are not promotional in
nature.
Customer Service
We
communicate with users on a
regular basis to provide
requested services and in
regards to issues relating
to their account we reply
via email or phone, in
accordance with the users
wishes.
Facilitating the support, renewal, and purchase of our products and services
We
may use the information you
submit to contact you to
discuss the
support,
renewal, and purchase of our
products and services. We
may also
provide
the information you have
submitted to us to a Member
so that the Member can
contact
you and facilitate the
support, renewal, and
purchase of securedigitalTM
products
and services. We have
agreements in place with the
Member who contacts you for
one of these purposes that
restrict the disclosure of
your personal information
and protect your privacy.
Authenticated ID
If
you are using an
Authenticated ID, we may use
the information you submit
when enrolling for your
Digital ID to contact you to discuss the support and renewal of our
products and services.
Validating your identity
Certain
types of Digital IDs require
that some of the information
in
your
application be
authenticated. We may
authenticate you ourselves,
however, we generally do not
authenticate identities and other attributes. We have agreements in place
with such other third-party
authenticating agencies or
databases which restrict the
disclosure of
your
information and protect your
privacy.
Forming the contents of a Digital ID
The
exact information that
appears in our different
types of Digital IDs is set
forth
in the relevant enrollment
page and this Privacy
Statement. Generally
this
information
is limited to e-mail address
and name, but certain
classes of Digital
IDs
contain additional
information. For
example, SSL Certificates
may contain the
organization's
Dun and Bradstreet number.
Please note that all
information
that
you provide us that forms
the content of a Digital ID
will be
"published."
Publication of Digital
IDs in an accessible
location (a
repository)
is an integral part of
enabling the widespread use
of Digital
IDs.
Your Digital ID will be
published in our repository
so that a third party
may
access, review, and rely
upon your Digital ID. You
should have no
expectation
of privacy regarding the
content of your Digital ID.
If
you are using Authenticated
Services, we may permit
third parties to review the
information you provide.
The use of your
information by such
Non-Secure Digital Digital ID
Providers or authenticators
should be governed by your
agreement with that
Non-Secure Digital Digital ID
Provider or authenticator.
Disclosure by Law and Legal Disclaimer
Although
we make every effort to
preserve user privacy, we
may need to disclose
personal information when
required by law wherein we
have a good-faith belief
that such action is
necessary to comply with a
current judicial proceeding,
a court order or legal
process served on our Web
site. In addition, Secure Digital
may share information in
order to investigate,
prevent, or take action
regarding illegal activities
or suspected fraud, or
enforce or apply Secure Digital's
agreements.
Third Party Intermediaries
We
may use an outside credit
card processing company to
bill users for goods and
services. These companies do
not retain, share, store or
use personally identifiable
information for any
secondary purposes.
Links
This
Web site contains links to
other sites. Please be
aware that we are not
responsible for the privacy
practices of such other
sites. We encourage our
users to be aware when they
leave our site and to read
the privacy statements of
each and every Web site that
collects personally
identifiable information.
This privacy statement
applies solely to
information collected by
this Web site.
Supplementation of Information
In
order for this Web site to
properly fulfill its
obligation to users it is
often necessary for us to
supplement the information
we receive with information
from 3rd party sources.
Choice/Opt-out
Our
users are given the
opportunity to ‘opt-out’
of having their information
used for purposes not
directly related to our site
at the point where we ask
for information. For
example, our order form has
an ‘opt-out’ mechanism
so users who buy a product
from us, but don’t want
any marketing material, can
keep their email address off
of our lists.
Users
who no longer wish to
receive our promotional
communications may opt-out
of receiving these
communications by replying
to unsubscribe in the
subject line in the email or
email us at policies@securedigitalsecuritysolutions.com. Users
may contact us at the
Contact Information set out
below, to opt-out.
Users
of our site are always
notified when their
information is being
collected by any outside
parties. We do this so
our users can make an
informed choice as to
whether or not they should
proceed with services that
require an outside party.
What Security procedures do we have in Place to Protect your Information
We
consider the protection of
all personally identifiable
information we receive from
our Web site visitors and
subscribers as critical to
our corporate mission.
Please be assured that we
have security measures in
place to protect against the
loss, misuse, and alteration
of any information we
receive from you. On this
Web site and the products
and services we provide, we
take every precaution to
protect our users’
information. When
users submit sensitive
information via the Web
site, their information is
protected both on-line and
off-line.
When
our registration/order form
asks users to enter
sensitive information such
as credit card number and/or
social security number, that
information is encrypted and
is protected with the best
encryption software in the
industry - SSL.
While on a secure
page, such as our order
form, the lock icon on the
bottom of Web browsers such
as Netscape Navigator and
Microsoft Internet Explorer
becomes locked, as opposed
to unlocked, or open, when
users are otherwise
browsing.
While
we use SSL encryption to
protect sensitive
information on-line, we also
do everything in our power
to protect user-information
off-line. All of our
users’ information, not
just the sensitive
information mentioned above,
is restricted in our
offices. Only employees who
need the information to
perform a specific job are
granted access to personally
identifiable information.
Any time new policies are
added, our employees are
notified and/or reminded
about the importance we
place on privacy, and what
they can do to ensure our
users’ information is
protected. Finally, the
servers that store
personally identifiable
information are in a secure
environment.
If
users have any questions
about the security at our
Web site, users can send an
email to
policies@securedigitalsecuritysolutions.com.
How can you Correct or Update Information
Correcting/Updating/Deleting/Deactivating Personal Information
If
a user’s personally
identifiable information
changes (such as zip code
(postal codes), phone, email
or postal address), or if a
user no longer desires our
service, we provide a way to
correct, update or
delete/deactivate users’
personally identifiable
information. This can
usually be done by emailing
our Customer Support at support@securedigitalsecuritysolutions.com.
Digital IDs
We
cannot update or correct
information contained in a
Digital ID without
destroying the integrity of
the Digital ID because we
digitally sign each
subscriber's
Digital ID as a part of the
Digital ID issuance process.
If we were to subsequently
modify or remove any
information listed in a
Digital ID, our digital
signature
would not verify the Digital
ID's new content.
Furthermore, if a subscriber
(sender) then digitally
signed a message with his or
her private key, a
third
party would not be able to
properly verify the sender's
signature (created using the
sender's private key)
because the sender's Digital
ID would have been
altered
after the key pair's
creation.
If
you are using an
Authenticated ID and you
would like to update or
correct any information in
your Profile, you would need
to contact your RA.
How You Can Revoke (Deactivate) Your Digital ID
When
a third party wants to rely
on a Digital ID, it is
important for the third
party to know its status
(for example, whether it is
valid, suspended (where
available) or revoked). The
third party may do this by
accessing our repository and
querying for the status of
the Digital ID. We do not
generally delete Digital IDs
(and their content) from our
on-line repository because a
third party might not then
be able to check its status.
You may, however, revoke
(deactivate) your Digital
ID. A revoked Digital ID
will still appear in our
repository with an
indication that it has been
revoked. If you are a
Digital ID subscriber and
would like to have your
Digital ID revoked
(deactivated) from our
database, please contact us
via e-mail at
support@securedigitalsecuritysolutions.com.
Notification of Changes
This
Privacy Statement is
identified as version 1.4
and was last updated July 3,
2011.
If
we decide to change our
privacy policy, we will post
those changes to this
privacy statement, the
homepage, and other places
we deem appropriate so our
users are always aware of
what information we collect,
how we use it, and under
what circumstances, if any,
we disclose it.
If,
however, we are going to use
users’ personally
identifiable information in
a manner different from that
stated at the time of
collection we will notify
users via email and by
posting a notice on our Web
site for 30 days.
|
|
|
|
|
|
|
