IdenTrust Inc. Logo
Home | My Account | Contact Us  

 
PRIVACY POLICY


IdenTrust, Inc. ("IdenTrust") is committed to protecting your privacy. This Privacy Policy describes how IdenTrust protects the privacy and security of the:
  1. personal information collected on behalf of or processed on behalf of our customers; and
  2. individual users of our digital identity authentication services; that are gathered or received through any IdenTrust website (our "Websites"), through other web-based or digital services or by third parties contracted with IdenTrust.
IdenTrust complies with the U.S. - E.U. Safe Harbor framework and the U.S. - Swiss Safe Harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from European Union member countries and Switzerland. With respect to such data, IdenTrust has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view the related certification by IdenTrust, please visit www.export.gov/safeharbor.

By using our Website or any service offered by or through IdenTrust or such contracted third parties (collectively, "Services"), you signify your acceptance of this Privacy Policy. If you do not agree to the terms of this Privacy Policy, please do not use our Websites or the Services. Your continued use of our Websites or the Services following the posting of any change to this Privacy Policy will mean that you accept those changes.

I. THE TYPE AND NATURE OF YOUR INFORMATION, OR YOUR COMPANY'S,THAT WE COLLECT

What Personal Information is Collected
IdenTrust collects personal information, or processes such information received from third parties, in connection with digital identity services. Such information may be obtained directly from an individual, from an employer or may be obtained from third parties (i.e., through a Registrar in the IdenTrust™ Trust Network, a registration agent, or a Registration Authority (collectively "Registration Authorities" or descriptively "Registration Authority") for the purpose of providing such services.

You may be asked to provide certain personal information necessary to the use of our products or services. The type of personal information depends on the type of product and/or service that you select, and is governed under the applicable Certificate Policy, Certification Practices Statement or other documentation governing that product and/or service (collectively, "Governing Documents"). For example, you may be asked to provide your name, address, email-address, telephone number, social security number, credit card number, and name of employer. Your social security number, if required, may be used for internal purposes of identification and your credit card number may be used to obtain payment, but neither will be otherwise disclosed. You should consult the terms of the applicable Governing Documents applicable to the products and/or services you subscribe to for a detailed listing of the information that we require. Whether you subscribe to our products and/or services directly via our Websites or through a Registration Authority, we will protect your personal information in accordance with this Privacy Policy. If you use our products and/or services through the IdenTrust™ Trust Network, the collection and use of your personal information may be subject to additional privacy policies or statements of one of the Participant financial institutions who may serve as your Registrar. If you use products or services provided directly by IdenTrust, the collection and use of your personal information may be subject to additional provisions set forth in the applicable Governing Documents, subscriber agreement or other policy applicable to such product or service, each of which is available on our Websites. You should refer to such documents, if any, for further details.

Whenever you send us personal correspondence, such as email and letters, sign up to receive newsletters or announcements, or when other users or third parties send us correspondence about your activities or postings on the Site, we may also collect and store such information, but it will not be disclosed externally.

What Other Information is Collected
As you visit our Websites, we collect traffic data to help us understand how our Websites are being used and how we can improve them. This automatically-gathered data includes your computer's IP or "Internet Protocol" address, statistics about how visitors navigate through our Websites, search terms entered, and information provided through the use of "cookies." Cookies are small files that we send to and store on your computer so that we may recognize it as a unique machine the next time you visit our Websites.

We use cookies for three reasons:

  1. to keep track of your information for your own convenience and to help you avoid having to re-key in data;
  2. to help us optimize your online experience by altering our content to provide you with information more likely to be relevant to you; and
  3. to help us understand the size of our audience and their traffic patterns within our network. Some of our features depend on the use of cookies. Therefore, while you are accessing the Websites, you should ensure that your browser will accept cookies.
IdenTrust may provide aggregate information about users of its products or services that does not allow them to be identified or contacted ("Aggregate Information") by third parties. For example, we may inform third parties regarding the number of users completing transactions through the Websites.

Children
IdenTrust is committed to protecting the privacy of children. Our Websites are not intended for minors. We do not intend and do not wish to collect any information from, or about, any person who is under the age of 18 years. If you are under 18, you should not provide any information to us in any manner including through our Websites.

II. HOW YOUR PERSONAL INFORMATION IS USED

IdenTrust will only use your personal information:

  1. for the purpose that such personal information is collected; and/or
  2. as specifically authorized by you. IdenTrust uses the personal information for the purpose of issuing or processing digital certificates, revocation or suspension instructions, validation requests or responses, or certificate revocations, authenticating your identity, confirming your employment, responding to your inquiries, completing transactions, and processing payments.
We also may use your contact information to send you information about our products and events, and announcements and changes to our Websites or our policies. You may elect not to receive, or opt-out of receiving such e-mail correspondence by contacting us at helpdesk@IdenTrust.com.

If you are providing your personal information to a third party Registration Authority you should look to such Registration Authority's privacy policy for policies relating to the collection, use, and distribution of your personal information.

Please note that the purposes of issuing digital certificates include disclosing certain information about the certificate holder to any person who relies upon the certificate. Accordingly, all information contained in a digital certificate or a revocation or suspension instruction, validation request, validation response or certificate revocation list (collectively, "Credential Documents") is not considered confidential and can be viewed by others. A third party may access, review, and rely on such Credential Documents. The information that may be included in the Credential Documents is defined by the applicable Governing Documents and may include, but is not limited to, your name, Public Key, email address; your organization's name; the certificate serial number; and/or the certificate expiration date.

III. WITH WHOM THE PERSONAL INFORMATION IS SHARED

IdenTrust will hold and safeguard all data collected. IdenTrust will not disclose personal information to any third party, except as described herein or as authorized by you.

Disclosures to Third Parties Assisting In Our Operations
Some personal information that we maintain may be shared on occasion with outside auditors, attorneys, consultants and others we hire to assist in supporting or hosting our Websites or performing other functions necessary to operate our business. If we make a disclosure of this type, the recipient must agree to:
(i) view the personal information only on our premises and not remove it,
(ii) use it only for the purpose that we have specified,
(iii) return it or destroy it as soon as the need for the personal information expires; and
(iv) adhere to this Privacy Policy.


Change in Ownership
In the event that IdenTrust is merged with, or is acquired by, another entity, then such entity may become the successor to our obligations with respect to personal information that you have provided to IdenTrust, which would be necessary for the entity to effectively continue IdenTrust's business. You consent to the continued retention and use of your personal information for such purpose by such an entity under the terms of this Privacy Policy.

Disclosure for Law Enforcement Purposes
In addition to the circumstances described above, we may disclose your personal information if required to do so by law, court order, subpoena, or as requested by other government or law enforcement authority, or in our good faith belief that disclosure is otherwise necessary or advisable including, without limitation, to protect our rights and property and the rights and property of others with whom we do business.

IV. HOW YOU CAN CORRECT OR UPDATE THE INFORMATION

IdenTrust will endeavor to ensure that your personal information is reliable for its intended or authorized use, is accurate, complete, and current. However, you should update IdenTrust with changes in your personal information.

If you are a holder of a certificate issued by the IdenTrust™ Trust Network (e.g., you enrolled through a Participant financial institution that is a Registrar), and you desire to review, amend, correct or delete your personal information, you should contact that Registrar. If you are a holder of a certificate issued under the ACES or ECA programs by a trusted agent who works at your employer, and you desire to review, amend, correct or delete your personal information, you should contact that trusted agent. If you received your certificate through enrollment via our Websites, and you desire to review, amend, correct or delete your personal information, please email us at helpdesk@IdenTrust.com. If you are unsure of who issued your certificate, please email a copy of your certificate to helpdesk@IdenTrust.com and we will direct you to the correct entity.

V. ENFORCEMENT AND DISPUTE RESOLUTION

IdenTrust utilizes the self-assessment approach to ensure that this Privacy Policy is properly implemented. We have procedures in place to investigate and resolve your complaints (and provide you recourse, if necessary) and resolve your disputes in an efficient manner. We are subject to the jurisdiction of the Federal Trade Commission of the United States and our failure to comply with this Privacy Policy shall be actionable under Section 5 of the Federal Trade Commission Act.

With respect to the IdenTrust™ Trust Network system Certification Authority (i.e. a “Certificate Authority” function within a PKI system) services provided by IdenTrust Services, LLC to member institutions complaints should be directed to the member institution that was the Registrar of the relevant digital certificate or, alternatively, complaints may be directed to helpdesk@IdenTrust.com. Complaints from member institutions shall be addressed through London Court of Arbitration (LCIA) dispute resolution procedures, as provided for by the agreements under which digital certificates are issued.

With respect to employees of IdenTrust, Inc. located in the EU, complaints should first be directed the employee’s Human Resources manager. If the matter is not resolved through internal IdenTrust, Inc. procedures, then employees will be directed to the state or national data protection authority (EU DPA) in the jurisdiction in which the employee works.

VI. YOUR ROLE IN PROTECTING YOUR PRIVACY

If you access our Websites through an e-mail or Internet account maintained by your employer, please note that it is possible that your employer may monitor your e-mail or Internet communications. Also, if you share a computer with others, it is your responsibility that any personal or sensitive information accessed through our Websites is not shared with others. It is also your responsibility to read and understand your responsibilities under the applicable Governing Documents.

Links
This Privacy Policy applies solely to personal information collected by our Websites or via submission to a Registration Authority. Our Websites contain links to other sites. Please be aware that IdenTrust is not responsible for and does not know the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every Website that may collect user information.

VII. RETENTION AND DESTRUCTION OF PERSONAL INFORMATION

The personal information collected by IdenTrust is stored in a manner to permit identification only for as long as necessary, as determined in the applicable Governing Documents, to perform the services on behalf of IdenTrust's clients and complete the purposes for which the Information has been acquired.

VIII. SECURITY
IdenTrust uses reasonable care to ensure that the personal information will be handled in accordance with this Privacy Policy. IdenTrust uses security safeguards to protect the personal information from loss or theft; misuse; unauthorized access, disclosure, alteration, copying, or destruction.

IX. NOTIFICATION OF CHANGES

This Privacy Policy may be revised from time to time as we add new features and services, as laws change, and as privacy and security practices evolve. If we make any change to this Privacy Policy regarding use or disclosure of personal information, we will endeavor to provide notice on our Websites.

X. HOW TO CONTACT US; QUESTIONS

If you are a holder of a certificate issued by the IdenTrust™ Trust Network (e.g., you enrolled through a Participant financial institution that is a Registrar), you should contact that Registrar. If you are a holder of a certificate issued under the ACES or ECA programs by a trusted agent who works at your employer, you should contact that trusted agent. If you received your certificate through enrollment via our Websites, please email us at helpdesk@IdenTrust.com. If you are unsure of who issued your certificate, please email a copy of your certificate to helpdesk@IdenTrust.com and we will direct you to the correct entity.



IdenTrust, Inc. BBB Business Review WebTrust WebTrust Baseline EHNAC EHNAC GSA Schedule SOC We self-certify compliance with

© IdenTrust, Inc. All Rights Reserved.    Home | Contact Us | Legal Policies Follow us: Follow IdenTrust on Twitter