The VeriSign company on whose website this Privacy Statement is posted ("VeriSign") is committed to providing you with excellent service for all of our products. We respect your right to privacy and have therefore developed this Privacy Statement to inform you about our privacy practices.
Privacy is of great concern to most users of the Internet and is a critical part of an enjoyable and satisfactory user experience. We at VeriSign are acutely aware of and sensitive to the privacy concerns of our subscribers and other visitors to our website. Whether you are a customer of our various products and services or a visitor to our site, we assure you that we do not collect personal information from you unless you give it to us.
If you are enrolling for a VeriSign digital certificate ("Digital ID"), you may be asked to provide certain personal information. In order for us to provide these services, it is also necessary for us to transfer your data to VeriSign, Inc., our parent company, which is located in the United States.
Please note that our sites contain links to other sites. VeriSign is not responsible for the privacy practices, privacy statements or content regarding these other sites or their operation.
We do not collect any personal information from a visitor to our site unless that visitor explicitly and intentionally provides it although please see the section on cookies as explained below. Under no circumstances do we collect any sensitive personal data including revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health or sex life.
If you are simply browsing our site, we do not gather any personal information about you.
There are two ways in which you may explicitly and intentionally provide us with and consent to our collection of certain personal information:
E-mail Request for Information or Registrations for Guides or Seminars - We use links throughout our site to provide you with the opportunity to contact us via e-mail to ask questions, request information and materials, register or sign up for guides or seminars or provide comments and suggestions. You may also be offered the opportunity to have one of our representatives contact you to provide you with additional information about our products or services. Upon registration, you will be asked to indicate your consent to such contact being made. Should you provide your consent, we may request additional personal information from you, such as your name and telephone number, to ensure we are able to satisfy your request.
Enrolment - If you choose to enrol for one of our products or services, we will request certain information from you. Depending on the type of product or service that you request, you may be asked to provide different personal information. For certain products and services, we may require your name, address, telephone number, e-mail address, credit card number, bank account information, IP address. Other products and services may require different or supplemental information from you in order to apply.
You will be informed at each information collection point what information is required and what information is optional. We only collect such information when you choose to supply it to us but see our section on cookies below.
For a detailed listing of the type of personal information requested for our various products, please refer to the enrolment page for the particular product or service.
We will only send you information on products and services if you have chosen to opt in to allow us to do so and you may at any time afterwards change this preference by choosing to unsubscribe via the link contained in our marketing e-mails (usually found at the foot of the e-mail) or by contacting our data protection compliance officer whose contact information is listed at the end of this policy.
WHOIS Server - In order to support security of the Internet, we are required to offer the WHOIS service with respect to the top level domains (such as .com .net .tv .name) for which we are the registry. This service allows you or anyone else to determine the availability of domain names and the contact information for the registrar who registered a domain name on behalf of a registrant. In some instance, we are required to operate a "thick" or extensive WHOIS service that typically contains the registrants' name, contact person's name, address, telephone number, email address and/or IP address as provided to us by the registrar for the domain name. Via the WHOIS service this information may be disclosed to unaffiliated third parties in order to determine the registrant or the registrar in case of (i) technical problems that might occur when accessing its domain; (ii) assisting law enforcement authorities in investigations, crime prevention and matters of national security, (iii) to help counter the infringement of third party legal rights and (iv) prevent fraud. However, VeriSign publishes only that data necessary for the purposes described above or when the registrant has agreed to the publication.
When you enter this website, we collect your browser information (which typically includes browser type, version, host operating system, browser language and IP address).
When you visit our site, our computers may automatically collect statistics about your visit. This information does not identify you personally, but rather identifies information about your visit to our site. We may monitor statistics such as how many people visit our site, the user's IP address, which pages people visit, from which domains our visitors come and which browsers people use. We use these statistics about your visit for aggregation purposes only. These statistics are used to help us improve the performance of our website.
Our uses of "cookies" are limited to the following specific situations. The first situation is with respect to temporary cookies. There are two instances in which we use temporary cookies. First, if you are accessing our services through one of our online applications, our Web server may automatically send your browser a temporary cookie, which is used to help your browser navigate our site. The only information contained in these temporary cookies is a direction value that lets our software determine which page to show when you hit the back button in your browser. This bit of information is erased when you close your current browser window. If you come to our site from one of our business partners, our Web server may also send your browser a temporary cookie that reflects an "origination code" for that business partner. We use this information for statistical and marketing purposes. Secondly, if you are using VeriSign's Personal Trust Agent to log into an access-controlled section of our site, we set a temporary session cookie to establish that you have been authenticated. The information contained in these cookies consists of random data that is used by the server to authenticate the browser requests to the server for that particular session. It does not include any type of personally identifiable information. This bit of information is erased when you close your current browser window. If you choose not to accept a temporary cookie, you will not be able to navigate in these online applications or use the Personal Trust Agent or VeriSign's Personal Trust Services.
If you use a forum, bulletin board, chat room or other chat tool on this website, you should be aware that any personally identifiable information you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages by other users. VeriSign is not responsible for the personally identifiable information you choose to submit in these forums. You are also responsible for using these forums in a manner consistent with the Rules of Engagement or other terms and conditions set forth on the relevant forum site.
VeriSign is under no obligation to review any messages, information or content ("Postings") posted on the Site by users and assumes no responsibility or liability relating to any such Postings. Notwithstanding the above, VeriSign may from time to time monitor the Postings on the Site and may decline to accept and/or remove any Postings that contain:
Any unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind, including, but not limited to, any material which encourages conduct that would constitute a criminal offense, give rise to civil liability or otherwise violate any applicable local, state, national or international law.
Advertisements or solicitations of any kind.
Messages posted by users impersonating others.
Personal information such as messages which state phone numbers, social security numbers, account numbers, addresses, or employer references.
Messages by people purporting to speak on behalf of VeriSign or containing confidential information or expressing opinions concerning VeriSign.
Messages that offer unauthorized downloads of any copyrighted or private information.
Multiple messages placed within individual folders by the same user restating the same point.
Chain letters of any kind.
When you supply any personal information to VeriSign (e.g. for the supply of VeriSign services or for more information on such services) we may have legal obligations towards you in the way we deal with that data. We will collect the information fairly, that is, we will explain how we will use it and tell you if we want to pass the information on to anyone else.
The information you provide to VeriSign will be used for the following reasons, amongst others:
to ensure that content from our site is presented to you in the most effective manner and to personalise your visit to our site;
to enable us to continuously enhance our services, and, if requested, to provide to you information, products or services which we feel may be of interest to you;
to occasionally carry out market research including internal analytical research which will enable us to constantly improve your experience on this website;
to carry out actions or provide information or services requested by you;
to carry out our obligations arising from any agreements that may have been entered into between you and us; and
to notify you about changes to our services.
We will ensure that all personal information supplied is held securely and in accordance with the legal obligations placed upon Verisign. In some circumstances it may be necessary to retain your personal information to deal with any disputes.
Your personal data will be stored on our backup and/or contingency system, which is kept in case of loss of data. It may be that where data is lost, the personal data held on you as part of our backup system is used to restore your account to its status before the loss of data. All personal data (including communication data) stored on the backup system shall be held in accordance with the legal obligations placed upon us. Our contingency service is also used in accordance with our obligations under local law in case required for recovery purposes.
VeriSign may contact you for a number of purposes related to the delivery of the service for which you have signed up. For example, we may wish to provide you with password reminders or notify you that a particular service has been improved or suspended
We generally respond to any e-mail questions, requests for product or service information and other inquiries that we receive. We may also retain this correspondence to improve our products, services and website and for other disclosed purposes. Frequently we retain contact information so that we can send individuals updates or other important information about our services and products. Occasionally these updates or other important information may be sent out by another VeriSign company or by third parties on our behalf, provided that such third party has executed a confidentiality agreement with us that contains a provision protecting the privacy and security of any transferred information. In situations where you have supplied your information in connection with a question or request for information about a product or service offered by a VeriSign business partner, we may also send the information you have supplied to the VeriSign business partners, whether within or outside of the European Economic Area, that offer such products or services.
We may use the information you submit to contact you to discuss the support, renewal and purchase of our products and services. We may also provide the information you have submitted to us to a VeriSign affiliate, business partner or representative (either within or outside the European Economic Area) so that the VeriSign affiliate, business partner or representative can contact you and facilitate the support, renewal and purchase of VeriSign products and services provided that such third party has executed a confidentiality agreement with us that contains a provision protecting the privacy and security of any transferred information. You may receive a communication directly from one of our VeriSign affiliates, business partners or representatives for this purpose.
We may provide the information you submit to a trusted VeriSign business partner or vendor (either within or outside the European Economic Area) who we believe offers products or services, which complement VeriSign's products or services, that may be of interest to you. You may receive a communication directly from one of our trusted VeriSign business partners or vendors.
Certain types of Digital IDs come with additional third-party services or products that are included with the Digital ID. If you purchase one of these Digital IDs, we may forward some or all of the information in your application to third party providers (whether within or outside the European Economic Area) so that they can provide you with the service or product and follow up with you directly regarding their service or product or an upgrade. Please be assured that we have agreements with these third-party service or product providers that prevent them from disclosing the information to other parties.
Certain types of Digital IDs require that we compare some of the information in your application to information contained in a third-party database or with some other third party source, where such third party has executed a confidentiality agreement with us that contains a provision restricting the disclosure of transferred information. In certain limited situations, we have contracts in place permitting the third-party database to disclose the information to its subcontractors of affiliates, but only for authenticating your identity and only in accordance with confidentiality agreements. We do this in order to authenticate your identity and other attributes and also to prevent identity theft.
The exact information that appears in our different types of Digital IDs is set forth in the relevant enrolment page and this Privacy Statement. Generally this information is limited to e-mail address and name, but certain classes of Digital IDs contain additional information. For example, Server IDs may contain the organisation's Dun and Bradstreet or other identifying number. Please note that all information that you provide to us that forms the content of a Digital ID will be "published." Publication of Digital IDs in an accessible location (a repository) is an integral part of enabling the widespread use of Digital IDs. Your Digital ID will be published in our repository so that a third party may access, review and rely upon your Digital ID. You should have no expectation of privacy regarding the content of your Digital ID.
We may pass on your personal information to other VeriSign group companies (see below), and if we are required by law to disclose certain information to local, state, federal, national or international government or law enforcement authorities we will do so (for example, we may disclose the identity of purchasers of certain software products to the U.S. Department of Commerce, Bureau of Export Administration, as required under the terms of our export licences). We may also disclose information to third parties as necessary in order to comply with applicable laws and regulations or to share information in order to investigate, prevent, or take action regarding illegal activities or suspected fraud, or enforce or apply VeriSign's agreements. In addition VeriSign may also disclose information (suitably secured and protected by contractual arrangements) to service providers which assist it to operate its business.
Further, VeriSign may pass your personal information to third parties where there is a proposed sale or restructuring of VeriSign or another member of the VeriSign group.
When we transfer your personal data outside the EEA to VeriSign Inc in the US, we will use suitable means to ensure the adequate safeguard of your personal data is transferred outside the EEA in accordance with the local and European law.
From time to time, we may request information from customers via surveys.
Participation in these surveys is completely voluntary and the user therefore has a choice whether or not to disclose this information. Survey information will be used for purposes of monitoring or improving the use of and satisfaction with this website, and improving our customer service and product offerings.
From time to time, we, or our trusted partners and vendors, notify our subscribers of new products, announcements, upgrades and updates. If you would like to opt out of being notified, please contact us at the address given at the end of this Privacy Statement. Please be aware that you may not opt out of receiving information from us or on our behalf regarding the security, initial use, expiry, product enhancement or migration of our Digital IDs or other products or services. In cases where you have received a notification from one of our trusted partners or vendors or where we have previously shared your information with our trusted partners or vendors, you may need to notify them directly that you would like to opt out of being notified by them in the future.
We consider the protection of all personal information we receive from our website visitors and subscribers as critical to our corporate mission. Please be assured that we have security measures in place to protect against the loss, misuse and alteration of any personal information we receive from you. As with any transmission over the Internet, however, there is always some element of risk involved in sending personal information. In order to try to minimise this risk, we encrypt all information that you submit in ordering one of our products or services using the Secure Sockets Layer (SSL) protocol.
We cannot update or correct information contained in a Digital ID without destroying the integrity of the Digital ID because we digitally sign each subscriber's Digital ID as a part of the Digital ID issue process. If we were to subsequently modify or remove any information listed in a Digital ID, our digital signature would not verify the Digital ID's new content. Furthermore, if a subscriber (sender) then digitally signed a message with his or her private key, a third party would not be able to properly verify the sender's signature (created using the sender's private key) because the sender's Digital ID would have been altered after the key pair's creation. If you would like to update or correct any personal information in our records that is not contained in your Digital ID, please contact us at the address given at the end of this Privacy Statement.
If you simply wish to access the personal data we store about you, please contact us at the address given at the end of this Privacy Statement.
You have the right to review your personal information and have inaccurate information about you corrected. If you wish to do so, or to notify a change in your details, please contact Daniel Blättler, Vice President Legal, VeriSign Switzerland SA, chemin de Blandonnet 8, 1214 Vernier, Genève, Switzerland or contact support@veriSign.co.uk
When a third party wants to rely on a Digital ID, it is important for the third party to know its status (for example, whether it is valid, suspended (where available) or revoked). The third party may do this by accessing our repository and querying the status of the Digital ID. We do not generally delete Digital IDs (and their content) from our on-line repository because a third party might not then be able to check its status
You may, however, revoke (deactivate) your Digital ID. A revoked Digital ID will still appear in our repository with an indication that it has been revoked. If you are a Digital ID subscriber and would like to have your Digital ID revoked (deactivated) from our database, please contact us at the address given at the end of this Privacy Statement.
If you use this feature, your email address will appear as the sender of the email. Neither your email address nor the recipient's email address will be used for any other purpose.
If a material change is made to this Privacy Statement, we will post this change on our website.