PRIVACY STATEMENT
This privacy statement covers
the site KidSave.com, a service
of Inphodentity, Inc. Inphodentity
is commitment to providing the
best safety tools available to
families nationwide. It is imperative
that Inphodentity protect the
privacy of all members and keep
their family’s information
secure from unauthorized use.
Inphodentity, Inc. discloses
its information practices as
follows:
- What personally identifiable
information KidSave.com collects.
- Who are KidSave.com and
Inphodentity, Inc.
- How KidSave.com uses
the information.
- What choices are available
to users regarding collection,
use and distribution of the
information.
- What types of security
procedures are in place to
protect the loss, misuse or
alteration of information
under KidSave.com control.
- How users can correct
any inaccuracies in the information.
If users have questions or concerns
regarding this statement, they
should first contact
.
Information Collection and Use
Information Collection
Inphodentity is the sole owner of the information
collected on KidSave.com. Inphodentity collects
information from our users at several different
points on our Web site.
Registration
In order to use this Web site, a user must first
complete the registration form. During registration
a user gives contact information (such as name
and email address). We use this information to
contact the user about services on our site for
which he has expressed interest.
Order
We request information from the user on our order
form. A user must provide contact information (such
as name, email, and shipping address) and financial
information (such as credit card number, expiration
date). This information is used for billing purposes
and to fill customer’s orders. If we have
trouble processing an order, the information is
used to contact the user.
Financial Information
For on-line orders it is necessary to collect members’ financial
information (such as credit card number, expiration
date). This information is securely forwarded to
our credit card merchant account-processing gateway.
The gateway responds with an authorization code,
which is stored in the KidSave.com database. This
information (credit card number, expiration date)
is not stored anywhere on the KidSave.com system.
Child Identification
The central function of the KidSave.com web site
is to collect the physical description of a member’s
children for the sole purpose of generating a Missing
Child Poster in the event of a missing child emergency.
Only information required to create this poster
is collected from the member. This information
includes a name, physical description (eye color,
height, weight, etc.) and one or more photographs.
This information is provided by and collected from
the member.
NO INFORMATION IS COLLECTED
FROM CHILDREN
While KidSave.com securely stores information on
our members and their children, we do not solicit
any information from children. The KidSave member
personally enters and confirms all information in
their profile.
Information Use
Profile
We store information that we collect through the
registration process and other updates to create
a profile of our members. A profile is stored information
that we keep on individual members that details
their child’s physical description. The profile
allows for the instant retrieval and dissemination
of a Missing Child Poster. The Missing Child Poster
is only disseminated at the members’ request
and only in the case of an emergency.
Except for the retrieval and dissemination of a Missing
Child Poster, the Member’s profile is kept
absolutely private. A member’s profile and
their children’s information is not used or
shared for any other purpose. In addition to keeping registered members profiles and confidential information absolutely private, Inphodentity will not disclose any information and also not confirm or deny the existence of or absence of a registration or registered member or identity of any child registered, with exception to a governmental agency or the parent/guardian that performed the actual registration.
Cookies
A cookie is a piece of data stored on the user’s
computer tied to information about the user. Our
site uses cookies only to maintain a member’s
authentication and identification for security purposes.
No other organizations are allowed
to use cookies on our site (for
example, advertisers). We use
cookies for no other purposes.
Log Files
Like most standard Web site servers we use log files.
This includes internet protocol (IP) addresses,
browser type, internet service provider (ISP),
referring/exit pages, platform type, date/time
stamp, and number of clicks to analyze trends,
administer the site, track user’s movement
in the aggregate, and gather broad demographic
information for aggregate use. In our log files,
IP addresses, etc. are not linked to personally
identifiable information.
IP address collection for security
To maintain the integrity of the KidSave.com system,
IP addresses may be collected when at various transaction
stages. At the point of collection a connection
can be made between a member’s profile and
their IP address. This information will be used
to investigate and prosecute abuse of the system,
especially hoaxes. This information is only used
for security purposes and is not shared with our
marketing personnel or partners.
Communications from the Site
Welcome and Reminder Messages
We send all new members a welcoming email to verify
password and username. Established members will occasionally
receive reminders to update their child’s profile
or photograph. Messages will also be sent when a
members account needs maintenance or renewal.
Newsletter
If a user wishes to subscribe to our newsletter,
we ask for contact information such as name and
email address. Out of respect for our users privacy
we provide a way to opt-out of these communications.
Service Announcements
On rare occasions it is necessary to send out a strictly
service related announcement. For instance, if
our service is temporarily suspended for maintenance
we might send members an email. Generally, members
may not opt-out of these communications, though
they can deactivate their account. However, these
communications are not promotional in nature.
Customer Service
We communicate with members on a regular basis to
provide requested services and in regards to issues
relating to their account we reply via email or
phone, in accordance with the members wishes.
Sharing
From time to time, Inphodentity will have certain marketing offers and promotions placed on our website. These promotions may not adhere to the same privacy policy as Inphodentity. Visitors should investigate the privacy policies of each promotion if interested.
Legal Disclaimer
Though we make every effort to preserve user privacy,
we may need to disclose personal information when
required by law wherein we have a good-faith belief
that such action is necessary to comply with a current
judicial proceeding, a court order or legal process
served on our Web site.
Business Transitions
In the event Inphodentity goes through a business
transition, such as a merger, being acquired by
another company, or selling a portion of its assets,
users’ personal information will, in most
instances, be part of the assets transferred. Users
will be notified via email prior to a change of
ownership or control of their personal information.
If as a result of the business transition, the
users’ personally identifiable information
will be used in a manner different from that stated
at the time of collection they will be given choice
consistent with our notification of changes section.
Choice/Opt-out
Users who no longer wish to
receive our newsletter and promotional
communications may opt-out of
receiving these communications
by clicking on the unsubscribe
link at the bottom of the newsletter.
Links
This Web site contains links to other sites. Please
be aware that we, Inphodentity, are not responsible
for the privacy practices of such other sites.
We encourage our users to be aware when they leave
our site and to read the privacy statements of
each and every Web site that collects personally
identifiable information. This privacy statement
applies solely to information collected by this
Web site.
Security
This Web site takes every precaution to protect our
members’ information. When members submit sensitive
information via the Web site, their information is
protected both online and off-line.
When our registration/order
form asks members to enter sensitive
information (such as credit card
number and/or social security
number), that information is
encrypted and is protected with
the best encryption software
in the industry - SSL. While
on a secure page, such as our
order form, the lock icon on
the bottom of Web browsers such
as Netscape Navigator and Microsoft
Internet Explorer becomes locked,
as opposed to un-locked, or open,
when users are just ‘surfing’.
While we use SSL encryption
to protect sensitive information
online, we also do everything
in our power to protect member-information
off-line. All of our members’ information,
not just the sensitive information
mentioned above, is restricted
in our offices. Only employees
who need the information to perform
a specific job (for example,
a customer service representative)
are granted access to personally
identifiable information. Furthermore,
all employees are kept up-to-date
on our security and privacy practices.
Every quarter, as well as any
time new policies are added,
our employees are notified and/or
reminded about the importance
we place on privacy, and what
they can do to ensure our members’ information
is protected. Finally, the servers
that store personally identifiable
information are in a secure environment,
hosted by industry-leader Rackspace.com
KidSave.com is hosted at Rackspace.com.
Rackspace.com is the industry
leader in reliability and support
with an outstanding 99.999% uptime.
Rackspace.com achieves this unprecedented level of
reliability through:
- Redundant Internet
connectivity through the
5 largest national providers
- 60,000 foot Hardened
Data Center
- Highly trained
operations and support staff
- Redundant and
conditioned power supply
- Military grade
physical security
Our Rackspace.com server is secured by rigorous security
procedures, automated software updates, and a firewall
to keep hackers away from our Member’s personal
information.
The reliability of our systems is paramount to the safety
of children in crisis. That is why we make the investment
in RackSpace.com.
We also test our website daily in order to ensure the highest
level of security. ControlScan's® certification
is the world's leading web site security certification mark.
ControlScan is accredited to perform network security compliance
audits conforming to the highest US government and financial
industry standards. Our security audits meet all U.S. Government
requirements for remote vulnerability testing as set forth
by the National Infrastructure Protection Center (NIPC) and
are accredited by the SANS Institute to meet the FBI's recommendations
as set forth in the SANS/FBI security tests. Visa USA, MasterCard
International, American Express and Discover Card also accredit
ControlScan certification to meet the requirements for all
levels of their respective security compliance
programs.
ControlScan's security audits test for all vulnerabilities
that can be remotely scanned for as listed in the Federal
Computer Incident Response Center (FedCIRC) vulnerability
catalog, the Common Vulnerabilities and Exposures (CVE) list,
the SANS/FBI Top 20 Internet Security Vulnerabilities list,
the Computer Emergency Response Team's (CERT) advisories list,
and the Information Assurance Vulnerability Alerts (IAVAs)
issued by the US Department of Defense.
To earn ControlScan certification web servers, and any other
network devices being audited, must pass more than 4,300 daily
security tests. These tests probe all of the known methods
and tricks hackers use to access private information, in addition
to vulnerabilities that would allow malicious software (i.e.
viruses and worms) to gain access to or disrupt the network
devices being tested. This audit report summarizes the results
of these tests, along with the current security status of
each network device covered in this report.
ControlScan® sites are tested and certified daily by
ControlScan to meet all U.S. Government requirements for remote
vulnerability testing as set forth by the National Infrastructure
Protection Center (NIPC) and are accredited by the SANS Institute
to meet the requirements of the SANS/FBI "Top Twenty
Internet Securities Vulnerabilities" test, as well accredited
to meet the requirements of VISA's Cardholder Information
Security Program (CISP), MasterCard's Site Data Protection
(SDP) program, American Express' CID security program and
the Discover Card Information Security and Compliance (DISC)
program Web servers and other network devices meeting ControlScan's
ControlScan security certification requirements are also certified
to be in compliance with the requirements for web site and
Internet security to protect private information under the
CHILDREN'S ONLINE PRIVACY PROTECTION ACT OF 1998, the HEALTH
INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA),
the GRAMM-LEACH-BLILEY ACT (GLBA) protecting financial information,
the SARBANES-OXLEY ACT(SOX) and Canada's Personal Information
Protection and Electronic Documents Act.
If users have any questions about the security at our Web
site, users can send an email to
Correcting/Updating/Deleting/Deactivating Personal
Information
If a member’s personally identifiable information
changes (such as zip code, phone, email or postal
address), if a member wishes to review his/her personally
identifiable information, or if a member no longer
desires our service, we provide a way to correct,
review, update or delete/deactivate members’ personally
identifiable information. This can usually be done
at the member’s home page or by emailing our
Customer Support at
.
Notification of Changes
If we decide to change our privacy policy, we will
post those changes to this privacy statement, the
homepage, and other places we deem appropriate
so our users are always aware of what information
we collect, how we use it, and under what circumstances,
if any, we disclose it. We will use information
in accordance with the privacy policy under which
the information was collected.
If, however, we are going to
use subscribers’ personally
identifiable information in a
manner different from that stated
at the time of collection we
will notify users via email.
Users will have a choice as to
whether or not we use their information
in this different manner. However,
if users have opted out of all
communication with the site,
or deleted/deactivated their
account, then they will not be
contacted, nor will their personal
information be used in this new
manner. In addition, if we make
any material changes in our privacy
practices that do not affect
user information already stored
in our database, we will post
a prominent notice on our Web
site notifying users of the change.
In some cases where we post a
notice we will also email users,
who have opted to receive communications
from us, notifying them of the
changes in our privacy practices.
Contact Information
If users have any questions or suggestions regarding
our privacy policy, please contact us at:
Phone: 408-293-4065
Fax: 408-286-3158
Email:
765 Coleman Avenue
San Jose, CA
95110
http://www.kidsave.com
|
