2) How is my information collected and transmitted? All of your information is collected via SSL secured and encrypted methods. As you enter information into the data collection fields the information is kept on your local machine. When you hit the “submit button”, or similar feature, your data is transmitted across the Internet, via the same SSL secured connection, to our servers.
3) How is my information stored and used? When your data is submitted to us it is stored in our secure database. The information that we collect is used to administer the Program and manage your account. In addition, some of the data, such as your email address, may be used to send you advertising and/or promotional materials relating to the Program.
4) Who is given or has access to my information? Employees and persons engaged by Cayan, or an affiliate of Cayan, who are directly involved in the administration of the Program and the management of your account, will have access to or are given the information you have provided through the Program site. We do not release or provide your information to any third party, unless compelled to do so by law or unless as expressly authorized herein. This policy does not preclude our use of (i) non-personal, summarized, derived, or aggregate information (i.e., volumes, totals, averages, etc.), or (ii) the information collected in (i) to share with a third party solely for purposes of administering the program, provided that any such third party shall be strictly forbidden from using or sharing such information for any purpose other than billing.
6) Your Responsibility. As a member of the Program, you may be provided with a unique identifier such as a password, user ID, or “PIN” (personal identification number) which is intended to authenticate your identity when accessing the Program site. Such identifying items are intended to be secret and to be known, possessed, and used only by you for the purposes consistent with the Program. The effectiveness of these mechanisms for authenticating your identity is dependent upon you keeping them in your exclusive possession and upon you protecting them from the discovery, access, or possession by others. If you fail to keep such identifying information in your exclusive possession (e.g., you allow, either intentionally or accidentally, others to have knowledge or possession of your password, user ID, or PIN), you may bear responsibility for the actions of other persons who use this information in accessing our systems. Should you become aware or have reason to suspect that a personal identifier has been lost or has been disclosed to someone other than yourself, you should immediately notify us.
7) In the event of a data breach. We endeavor to utilize all reasonable methods to ensure that private data is only made available to those employees and third-parties, in accordance with this policy, on a “need-to-know” basis. Should we ever be advised that the security of your data has been breached and that you are at considerable risk for identify theft; we will immediately notify you of the nature of the data breach. In those circumstances, it may be advisable for you to immediately notify the credit reporting agencies of the data breach and to request that they issue a fraud alert on your behalf.