This web site is operated and controlled by Symantec Corporation and its subsidiaries, affiliates and/or related companies ("Symantec"). Symantec is committed to providing you with excellent service for all of our products and services. We respect your right to privacy and have therefore developed this Privacy Statement to inform you about our privacy practices for our VeriSign-branded web site. This Privacy Statement is not applicable to any of our other privacy practices, including, without limitation, data collected from other Symantec sites or offline.
Privacy is of great concern to most users of the Internet and is a critical part of an enjoyable and satisfactory user experience. We at Symantec are acutely aware of and sensitive to the privacy concerns of our subscribers and other visitors to our web site. Whether you are a customer of our various products and services or a visitor to our site, we assure you that we do not collect personal information from you unless you provide it to us. If you are enrolling for a VeriSign-branded digital certificate ("Digital ID"), you may be asked to provide certain personal information. Please note, however, that we ask for this information for the limited purpose of creating your Digital ID, providing the services that may be part of your Digital ID and authenticating your identity in order to issue you a Digital ID. You should be assured that we do not provide or sell personal information about our customers or site visitors to vendors that are not involved in the provision of Symantec’s VeriSign-branded public certification and other services.
Information We Gather from You
There are two ways in which you may explicitly and intentionally provide us with and consent to our collection of certain personal information:
- E-mail Request for Information or Registrations for Guides or Seminars - We use links throughout our site to provide you with the opportunity to contact us via e-mail to ask questions, request information and materials, register or sign up for guides or seminars, or provide comments and suggestions. You may also be offered the opportunity to have one of our representatives contact you personally to provide additional information about our products or services. To do so, we may request additional personal information from you, such as your name and telephone number, to help us satisfy your request.
- Enrolment - If you choose to enrol for one of our products or services, we will request certain information from you. Depending on the type of product or service that you request, you may be asked to provide different personal information. For certain products and services, we may require your name, address, telephone number, e-mail address, credit card number, bank account information, IP address and/or social security number. Other products and services may require different or supplemental information from you in order to apply. For a detailed listing of the type of personal information requested for our various products, please refer to the enrolment page for the particular product or service.
Under no circumstances do we collect any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health or sex life.
Statistical Information about Your Visit
When you visit our site, our computers may automatically collect statistics about your visit. This information does not identify you personally, but rather identifies information about a visit to our site. We may monitor statistics such as how many people visit our site, the user's IP address, which pages people visit, from which domains our visitors come and which browsers people use. We use these statistics about your visit for aggregation purposes only. These statistics are used to help us improve the performance of our web site.
Our uses of "cookies" are limited to the following specific situations. The first situation is with respect to temporary cookies. There are two instances in which we use temporary cookies. First, if you are accessing our services through one of our online applications our web server may automatically send your browser a temporary cookie, which is used to help your browser navigate our site. The only information contained in these temporary cookies is a direction value that lets our software determine which page to show when you hit the back button in your browser. This bit of information is erased when you close your current browser window. If you come to our site from one of our business partners, our web server may also send your browser a temporary cookie that reflects an "origination code" for that business partner. We use this information for statistical and marketing purposes. Second, if you log into an access-controlled section of our site, we set a temporary session cookie to establish that you have been authenticated. The information contained in these cookies consists of random data that is used by the server to authenticate the browser requests to the server for that particular session. It does not include any type of personally identifiable information. This bit of information is erased when you close your current browser window. If you choose not to accept a temporary cookie, you may not be able to navigate these online applications.
Bulletin Boards, Chat Rooms and Forums
If you use a forum, bulletin board, chat room or other chat tool on this web site, you should be aware that any personally identifiable information you submit there can be read, collected or used by other users of these forums, and could be used to send you unsolicited messages. Symantec is not responsible for the personally identifiable information you choose to submit in these forums. You are also responsible for using these forums in a manner consistent with the Rules of Engagement or other terms and conditions set forth on the relevant forum site.
How We Use and with Whom We Share the Personal Information We Gather
We assure you that the personal information we gather from you is used by us only as explained below.
Sending you responses and updates
We generally respond to any e-mail questions, requests for product or service information and other enquiries that we receive. We may also retain this correspondence to improve our products, services and web site and for other disclosed purposes. Frequently we retain contact information so that we can send individuals updates or other important information about our services and products. Occasionally these updates or other important information may be sent out by third parties on our behalf. Please be assured that any third party who contacts you in this capacity has executed a confidentiality agreement with us that contains a provision ensuring the privacy and security of any transferred information and limits the third party's use of the shared information to sending updates or providing services on our behalf. Our subsidiary companies may also send you information about their services and products. In situations where you have supplied your information in connection with a question or request for information about a product or service offered by a Symantec business partner, we may also send the information you have supplied to the Symantec business partners that offer such products or services. Please be assured that these Symantec business partners have agreed to ensure the privacy and security of any transferred information and may only use the shared information to send you information on products or services about which you asked.
Facilitating the support, renewal and purchase of our products and services
We may use the information you submit to contact you to discuss the support, renewal and purchase of our products and services. We may provide our subsidiary companies with your information so that they may send you information about their services and products. We may also provide the information you have submitted to us to a Symantec subsidiary, business partner or independent reseller (either within or outside the United States) so that the subsidiary, business partner or independent reseller can contact you and facilitate the support, renewal and purchase of Symantec products and services. You may receive a communication directly from one of our subsidiaries, business partners or independent resellers. Please be assured that any subsidiary, business partner or independent reseller who contacts you for one of these purposes has agreed to use the information we supply only in accordance with a confidentiality agreement. To find out the names and locations of the subsidiaries, business partners and/or independent resellers to whom we have provided your information, please contact us at the address given at the end of this Privacy Statement.
Facilitating the provision of certain included products and services
if you are applying for certain types of Digital IDs)
Certain types of Digital IDs come with additional third-party services or products that are included with the Digital ID. If you purchase one of these Digital IDs, we may forward some or all of the information in your application to third party providers so that they can provide you with the service or product and follow up with you directly regarding their service or product or an upgrade. Please be assured that we have agreements with these third-party service or product providers that prevent them from disclosing the information to other parties.
Validating your identity
if you are applying for certain types of Digital IDs)
Certain types of Digital IDs require that we compare some of the information in your application to information contained in a third-party database or with some other third party source. We do this in order to authenticate your identity and other attributes and also to prevent identity theft. We have confidentiality agreements in place with these third-party databases restricting the disclosure of your information. In certain limited situations, we have contracts in place permitting the third-party database to disclose the information to its subcontractors or affiliates, but only for authenticating your identity and only in accordance with confidentiality agreements.
Forming the contents of a Digital ID
The exact information that appears in our different types of Digital IDs is set forth in the relevant enrolment page. Generally this information is limited to e-mail address and name, but certain classes of Digital IDs contain additional information. For example, SSL Certificates may contain the organisation's Dun and Bradstreet number. Please note that all information that you provide us that forms the content of a Digital ID will be "published". Publication of Digital IDs in an accessible location (a repository) is an integral part of enabling the widespread use of Digital IDs. Your Digital ID will be published in our repository so that a third party may access, review and rely upon your Digital ID. You should have no expectation of privacy regarding the content of your Digital ID.
Disclosure by Law and Protection of Symantec and Others
If we are required by law to disclose certain information to local, state, federal, national or international government or law enforcement authorities, we will do so (for example, we may disclose the identity of purchasers of certain software products to the U.S. Department of Commerce, Bureau of Industry and Security, as required under the terms of our export licences). We will also disclose information to third parties as necessary in order to comply with applicable laws and regulations. In addition, Symantec may share information in order to investigate, prevent or take action regarding illegal activities or suspected fraud, or enforce or apply Symantec's agreements.
Circumstances may arise where, whether for strategic or other business reasons, Symantec decides to sell, buy, merge or otherwise reorganise businesses or business units in some countries. Such a transaction may involve the disclosure of personal information to prospective or actual purchasers, or the receipt of it from sellers. It is Symantec's practice to seek appropriate protection for information in these types of transactions.
From time to time we may request information from customers via surveys. Participation in these surveys is completely voluntary and the user therefore has a choice whether or not to disclose this information. Survey information will be used for purposes of monitoring or improving the use of and satisfaction with this web site and improving our customer service and product offerings.
Your Ability to Opt Out of Further Notifications
From time to time, we notify our subscribers of new products, announcements, upgrades and updates. If you would like to opt out of being notified, please contact us at the address given at the end of this Privacy Statement.
If you would like to change your preferences online, please visit http://www.verisign.com/compref/. If you receive a marketing communication from our subsidiaries, business partners or independent resellers, you should opt out with that entity directly. Please be aware that you may not opt out of receiving information regarding the security, initial use, expiration, product enhancement or migration of our Digital IDs or other products or services.
Our Security Procedures
We consider the protection of all personal information we receive from our web site visitors and subscribers as critical to our corporate mission. Please be assured that we have security measures in place to protect against the loss, misuse and alteration of any personal information we receive from you. As with any transmission over the Internet, however, there is always some element of risk involved in sending personal information. In order to try to minimise this risk, we encrypt all information that you submit in ordering one of our products or services using the Secure Sockets Layer (SSL) protocol. Our security procedures are also subject to at least an annual SAS-70 Type II audit by an internationally recognised accounting firm.
How You Can Update or Correct Your Personal Information
If you need to update or correct information contained in a Digital ID you will need to revoke your Digital ID and obtain a new one because we digitally sign each subscriber's Digital ID as a part of the Digital ID issuance process. If we were to subsequently modify or remove any information listed in a Digital ID, our digital signature would not verify the Digital ID's new content. Furthermore, if a subscriber (sender) then digitally signed a message with his or her private key, a third party would not be able to properly verify the sender's signature (created using the sender's private key) because the sender's Digital ID would have been altered after the key pair's creation. For more information and tutorials on digital signatures, Digital IDs, keys and related subjects, click here http://www.verisign.co.uk/repository. If you would like to update or correct any personal information in our records that is not contained in your Digital ID, please contact us at the address given at the end of this Privacy Statement.
How You Can Revoke (Deactivate) Your Digital ID
When a third party wants to rely on a Digital ID, it is important for the third party to know the status of the Digital ID (for example, whether it is valid, suspended (where available) or revoked). The third party may do this by accessing our repository and querying the status of the Digital ID. We do not generally delete Digital IDs (and their content) from our on-line repository because a third party might not then be able to check its status. You may, however, revoke (deactivate) your Digital ID. A revoked Digital ID will still appear in our repository with an indication that it has been revoked. If you are a Digital ID subscriber and would like to have your Digital ID revoked (deactivated) from our database, please visit our site at http://www.verisign.co.uk/ssl/current-ssl-customers/revoke-replace-ssl/index.html and follow the listed instructions or contact us via e-mail at email@example.com (for Class 1 and Class 2 Digital IDs) or at firstname.lastname@example.org (for Class 3 Digital IDs) or at the address given at the end of this Privacy Statement.
E-mail this Page
If you use our "E-mail this page" feature to send a copy of that page to someone else, your e-mail address will appear as the sender of the e-mail. Both your e-mail address and the recipient's e-mail address will not be used for any other purpose.
Changes to this Privacy Statement
If a material change is made to this Privacy Statement and/or the way we use our customers' personally identifiable information then, we will post prominent notice of the nature of such change on the first page of this Privacy Statement and also on our home page.
Our postal address is:
Attention: Authentication Support
350 Ellis Street
Mountain View, California 94043