Compliance Depot, Vendor, Screening, Compliance, Risk, Business, Credentialing, Due diligence, Verification, Management Tool, Information Services

Privacy Statement
(Updated February 2006)

At ComplianceDepot we are committed to protecting customer information. In order to better serve your needs now and in the future, we may ask you to provide us with certain information. We understand that you may be concerned about what we will do with such information - particularly any personal or financial information. We agree that you have a right to know how we will utilize the personal information you provide to us. Therefore, we have adopted this Privacy Policy to govern the use and handling of your personal information.

Applicability
This Privacy Policy governs our use of the information that you provide us. It does not govern the manner in which we may use information we have obtained from any other source, such as information obtained from a public record or from another person or entity.

Personally-identifiable information
The ComplianceDepot site only collects personally-identifiable information from you if you choose to provide this information to us. Examples of this type of information include: name; email address; information you provide via application, forms or any other communications to us, whether in writing, in person, by telephone or any other means; any inquires you may make through our website; information about your transactions with us or others; and information we receive from a consumer reporting agency. We do not provide personally identifiable information to unaffiliated third-parties in the normal course of our business. However, we will provide such information when required by law or legal processes.

Use of Information
We request information from you for our own legitimate business purposes and not for the benefit of any nonaffiliated party. The information collected by this website is used only for corresponding with you; as necessary for us to provide the product or service you have requested of us; maintaining your account (if you have one), and for the administration, review and/or the improvement of our website content; or as permitted by law. We may, however, store such information indefinitely, including the period after which any customer relationship has ceased. Such information may be used for any internal purpose, such as quality control efforts or customer analysis.

We may contact you in response to your comments or inquiries, as part of the maintenance of your account with us (if you have one), or in order to complete a transaction that your have requested.

Former Customers
Even if you are no longer our customer, our Privacy Policy will continue to apply to you.

Confidentiality and Security
We will use our best efforts to ensure that no unauthorized parties have access to any of your information. We restrict access to nonpublic personal information about you to those individuals and entities who need to know that information to provide products or services to you. We will use our best efforts to train and oversee our employees and agents to ensure that your information will be handled responsibly and in accordance with this Privacy Policy. We currently maintain physical, electronic, and procedural safeguards that comply with federal regulations to guard your nonpublic personal information.
Information Obtained Through Our Web Site

ComplianceDepot is sensitive to privacy issues on the Internet. We believe it is important you know how we treat the information about you we receive on the Internet. In general, you can visit our site without telling us who you are or revealing any information about yourself. Our Web servers collect the domain names, not the e-mail addresses, of visitors. This information is aggregated to measure the number of visits, average time spent on the site, pages viewed and similar information. ComplianceDepot will use this information to measure the use of our site and to develop ideas to improve the content of our site. There are times, however, when we may need information from you, such as your name and email address. When information is needed, we will use our best efforts to let you know at the time of collection how we will use the personal information. Usually, the personal information we collect is used only by us to respond to your inquiry, process an order or allow you to access specific account/profile information. If you choose to share any personal information with us, we will only use it in accordance with the policies outlined above.

Cookies
The ComplianceDepot site may make use of "cookie" technology to measure site activity and to customize information to your personal tastes. A “cookie” is an element of data that a Web site can send to your browser, which may then store the cookie on your hard drive. Personally identifiable information is not collected through the use of cookies. Cookies are used to determine whether a visitor has viewed our site before or to track your activities on the site. Cookies are optional and do not affect our operability. While most browsers are set to accept cookies by default, you can set yours to refuse cookies or to alert you before accepting them. Use your browsers “Help” menu to change the default setting for your specific browser. The goal of this technology is to better serve you when visiting our site, save you time when you are here and to provide you with a more meaningful and productive Web site experience.

Fairness
ComplianceDepot considers consumer expectations about their privacy in all our businesses. We only offer products and services that assure a favorable balance between consumer benefits and consumer privacy.

Public Record
We believe that an open public record creates significant value for society, enhances consumer choice and creates consumer opportunity. We actively support an open public record and emphasize its importance and contribution to our economy.

Accuracy
ComplianceDepot will take reasonable steps to help assure the accuracy of the data we collect, use and disseminate. Where possible, we will take reasonable steps to correct inaccurate information. When, as with the public record, we cannot correct inaccurate information, we will take all reasonable steps to assist consumers in identifying the source of the erroneous data so that the consumer can secure the desired corrections.

Education
At ComplianceDepot we endeavor to educate the users of our products and services, our employees and others in our industry about the importance of consumer privacy. We will instruct and educate our employees on our fair information values and on the responsible collection and use of data.

Security
We will maintain appropriate facilities and systems to protect against unauthorized access to and corruption of the data we maintain.

Online Security
ComplianceDepot is serious about safeguarding your personal information online.

ComplianceDepot uses Secure Socket Layer (SSL) technology to encrypt your personal information such as User Ids, Passwords, and account information over the internet. Any information provided to you is scrambled en route and decoded once it reaches your browser.

In addition, any information you provide via electronic forms on the ComplianceDepot website is secure and encrypted in most instances. In other words, your information is scrambled en route and decoded once it reaches ComplianceDepot. You can verify that your web session is secure by looking for a small lock symbol usually located in the lower corner of your web browser window. Current versions of leading web browsers indicate when a web page is encrypted for transmission through this symbol. You may also look for the letters "https://" at the beginning of your website URL in your web browser. The "s" means that the web connection is secure.

The PCI Data Security Standard:

Install and maintain a firewall.

Do not use vendor-supplied defaults for system passwords and other security.

Protect stored data.

Encrypt transmission of cardholder data and sensitive information across public networks.

Use and regularly upgrade anti-virus-software.

Develop and maintain secure systems and applications.

Restrict access to data by business need-to-know.

Assign a unique ID to each person with computer access.

Restrict physical access.

Track and monitor all access to network resources and cardholder data.

Regularly test security systems and processes.

Maintain a policy that addresses information security.

Security Enforcement

Employee Conduct
The ComplianceDepot Code of Conduct expresses our absolute commitment to integrity, our related corporate values and ethical standards and the associated business conduct we expect from all our employees. The Code of Conduct includes very specific guidelines concerning the safeguarding of confidential information, which includes customer information. In general, these guidelines limit employee access to confidential information, and limit the use and disclosure of such information to specifically authorized processes and transactions. If it is determined that employees have violated the Code of Conduct, corrective action may be taken, including immediate dismissal.

Verification of Practices
Our security practices are reviewed quarterly for compliance with corporate policies and best practices, as well as the Payment Card Industry (PCI) Data Security Standard. Included in these reviews is an external vulnerability testing program conducted by an independent security auditing firm.

Consumer Recourse
If you believe we have not complied with our stated privacy policies concerning our usage of personally identifiable information that we may collect over the Internet, or that information we have provided to you based upon your Internet activity is inaccurate, please Contact Us.






		Privacy Statement (Updated February 2006) At ComplianceDepot we are committed to protecting customer information. In order to better serve your needs now and in the future, we may ask you to provide us with certain information. We understand that you may be concerned about what we will do with such information - particularly any personal or financial information. We agree that you have a right to know how we will utilize the personal information you provide to us. Therefore, we have adopted this Privacy Policy to govern the use and handling of your personal information. Applicability This Privacy Policy governs our use of the information that you provide us. It does not govern the manner in which we may use information we have obtained from any other source, such as information obtained from a public record or from another person or entity. Personally-identifiable information The ComplianceDepot site only collects personally-identifiable information from you if you choose to provide this information to us. Examples of this type of information include: name; email address; information you provide via application, forms or any other communications to us, whether in writing, in person, by telephone or any other means; any inquires you may make through our website; information about your transactions with us or others; and information we receive from a consumer reporting agency. We do not provide personally identifiable information to unaffiliated third-parties in the normal course of our business. However, we will provide such information when required by law or legal processes. Use of Information We request information from you for our own legitimate business purposes and not for the benefit of any nonaffiliated party. The information collected by this website is used only for corresponding with you; as necessary for us to provide the product or service you have requested of us; maintaining your account (if you have one), and for the administration, review and/or the improvement of our website content; or as permitted by law. We may, however, store such information indefinitely, including the period after which any customer relationship has ceased. Such information may be used for any internal purpose, such as quality control efforts or customer analysis. We may contact you in response to your comments or inquiries, as part of the maintenance of your account with us (if you have one), or in order to complete a transaction that your have requested. Former Customers Even if you are no longer our customer, our Privacy Policy will continue to apply to you. Confidentiality and Security We will use our best efforts to ensure that no unauthorized parties have access to any of your information. We restrict access to nonpublic personal information about you to those individuals and entities who need to know that information to provide products or services to you. We will use our best efforts to train and oversee our employees and agents to ensure that your information will be handled responsibly and in accordance with this Privacy Policy. We currently maintain physical, electronic, and procedural safeguards that comply with federal regulations to guard your nonpublic personal information. Information Obtained Through Our Web Site ComplianceDepot is sensitive to privacy issues on the Internet. We believe it is important you know how we treat the information about you we receive on the Internet. In general, you can visit our site without telling us who you are or revealing any information about yourself. Our Web servers collect the domain names, not the e-mail addresses, of visitors. This information is aggregated to measure the number of visits, average time spent on the site, pages viewed and similar information. ComplianceDepot will use this information to measure the use of our site and to develop ideas to improve the content of our site. There are times, however, when we may need information from you, such as your name and email address. When information is needed, we will use our best efforts to let you know at the time of collection how we will use the personal information. Usually, the personal information we collect is used only by us to respond to your inquiry, process an order or allow you to access specific account/profile information. If you choose to share any personal information with us, we will only use it in accordance with the policies outlined above. Cookies The ComplianceDepot site may make use of "cookie" technology to measure site activity and to customize information to your personal tastes. A “cookie” is an element of data that a Web site can send to your browser, which may then store the cookie on your hard drive. Personally identifiable information is not collected through the use of cookies. Cookies are used to determine whether a visitor has viewed our site before or to track your activities on the site. Cookies are optional and do not affect our operability. While most browsers are set to accept cookies by default, you can set yours to refuse cookies or to alert you before accepting them. Use your browsers “Help” menu to change the default setting for your specific browser. The goal of this technology is to better serve you when visiting our site, save you time when you are here and to provide you with a more meaningful and productive Web site experience. Fairness ComplianceDepot considers consumer expectations about their privacy in all our businesses. We only offer products and services that assure a favorable balance between consumer benefits and consumer privacy. Public Record We believe that an open public record creates significant value for society, enhances consumer choice and creates consumer opportunity. We actively support an open public record and emphasize its importance and contribution to our economy. Accuracy ComplianceDepot will take reasonable steps to help assure the accuracy of the data we collect, use and disseminate. Where possible, we will take reasonable steps to correct inaccurate information. When, as with the public record, we cannot correct inaccurate information, we will take all reasonable steps to assist consumers in identifying the source of the erroneous data so that the consumer can secure the desired corrections. Education At ComplianceDepot we endeavor to educate the users of our products and services, our employees and others in our industry about the importance of consumer privacy. We will instruct and educate our employees on our fair information values and on the responsible collection and use of data. Security We will maintain appropriate facilities and systems to protect against unauthorized access to and corruption of the data we maintain. Online Security ComplianceDepot is serious about safeguarding your personal information online. ComplianceDepot uses Secure Socket Layer (SSL) technology to encrypt your personal information such as User Ids, Passwords, and account information over the internet. Any information provided to you is scrambled en route and decoded once it reaches your browser. In addition, any information you provide via electronic forms on the ComplianceDepot website is secure and encrypted in most instances. In other words, your information is scrambled en route and decoded once it reaches ComplianceDepot. You can verify that your web session is secure by looking for a small lock symbol usually located in the lower corner of your web browser window. Current versions of leading web browsers indicate when a web page is encrypted for transmission through this symbol. You may also look for the letters "https://" at the beginning of your website URL in your web browser. The "s" means that the web connection is secure. The PCI Data Security Standard: Install and maintain a firewall. Do not use vendor-supplied defaults for system passwords and other security. Protect stored data. Encrypt transmission of cardholder data and sensitive information across public networks. Use and regularly upgrade anti-virus-software. Develop and maintain secure systems and applications. Restrict access to data by business need-to-know. Assign a unique ID to each person with computer access. Restrict physical access. Track and monitor all access to network resources and cardholder data. Regularly test security systems and processes. Maintain a policy that addresses information security. Security Enforcement *Employee Conduct* The ComplianceDepot Code of Conduct expresses our absolute commitment to integrity, our related corporate values and ethical standards and the associated business conduct we expect from all our employees. The Code of Conduct includes very specific guidelines concerning the safeguarding of confidential information, which includes customer information. In general, these guidelines limit employee access to confidential information, and limit the use and disclosure of such information to specifically authorized processes and transactions. If it is determined that employees have violated the Code of Conduct, corrective action may be taken, including immediate dismissal. *Verification of Practices* Our security practices are reviewed quarterly for compliance with corporate policies and best practices, as well as the Payment Card Industry (PCI) Data Security Standard. Included in these reviews is an external vulnerability testing program conducted by an independent security auditing firm. *Consumer Recourse* If you believe we have not complied with our stated privacy policies concerning our usage of personally identifiable information that we may collect over the Internet, or that information we have provided to you based upon your Internet activity is inaccurate, please Contact Us.

© ComplianceDepot 2005