This website is hosted in the USA by Xensys™ Corporation, headquartered in Tampa, Florida, USA. We take user privacy seriously. This is why your privacy at our website and while doing business with is our utmost priority. You are welcome to visit Xensys Corporation on the Internet without telling us who you are or giving us your personal information. At certain times, however, we may need information from you. For instance: to process a service order, to correspond with you, to provide a subscription-based service, to store data during an online backup or in processing your email, or in connection with a job application. We may supplement the implementation of services through a supplier to complete a transaction or to provide a better service. For these instances we provide the following to help you understand how we will keep your information safe online while you are doing business with us.

Our Commitment to Privacy:
Your privacy is important to us. To better protect your privacy we provide this notice explaining our online information practices and the choices you can make about the way your information is collected and used. To make this notice easy to find, we make it available on our website and at every point where personally identifiable information may be requested.

The Information We Collect:
This notice applies to all information collected or submitted on the Xensys Corporation website. On some pages, you can request services, make requests, and register to receive materials for yourself or your business and for other people and other businesses. The types of personal information collected at these pages are:

Top

The Way We Use Information:
We use the information you provide about yourself or your business to process a given selection of services or information from Xensys Corporation. We do not share this information with outside parties except to the extent necessary for ongoing services. For example, we use outside suppliers to carry out the roles necessary to provide your selected services. For more information on this, please see section titled: Use of Suppliers.

We use the information you provide about someone else when requesting information only for processing of ongoing services. We do not share this information with outside parties except to the extent necessary to carry out these services. We use your e-mail addresses to answer the e-mail we receive from you. Such addresses are not used for any other purpose and are not shared with outside parties.

You can register with our website if you would like to receive information such as a newsletter or updates on our new services. Information you submit on our website will not be used for this purpose unless you fill out the registration form.

We use non-identifying and aggregate information to better design our website and to share with our internal Marketing Department. For example, we may tell the Marketing Department that X number of individuals or businesses visited a certain area on our website or filled out our registration form, but we would not disclose anything that could be used to identify those individuals or businesses.

We never use or share the personally identifiable information provided to us online in ways unrelated to the ones described above without also providing you and your business an opportunity to opt-out or otherwise prohibit such unrelated uses.

Our Commitment to Data Security:
To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online. This includes industry standard secure socket layer (SSL) encryption. You will know when a page is SSL encrypted by looking at the locked padlock in the lower right corner of your Mozilla Firefox browser and to the right of the Internet Explorer and Opera Address Bar or Location Bar (where you type in a web address).

How You Can Access or Correct Your Information:
Please help us keep our records accurate. You can access all of your personally identifiable information that we collect online and maintain by logging into your account or portal. We use this procedure to better safeguard your information.

You can correct factual errors in your personally identifiable information by sending us a request that descries the error in question. Please see section 5.0 for contact information. To protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections.

Top

Password and Sensitive Personal Data Storage:
Your password should never be shared with anyone. When we receive certain types of sensitive information such as financial or credit card information, we redirect visitors to the secure portion of our site using industry standard SSL. This site has security measures in place to protect the loss, misuse and alteration of the information under our control. The user data is password protected.

Purpose:
This portion of the Policy states the requirements for securely storing and retrieving database usernames, passwords, (e.g. database credentials), and files for use by a program that will access a database running on one of Xensys Corporation's networks. This Policy is adhered to by Xensys Corporation employees and must also be adhered to by customers engaging in services with us.
Computer programs running on Xensys Corporation’s networks often require the use of one of the many internal database servers. In order to access one of these databases, a program must authenticate to the database by presenting acceptable credentials. The database privileges that the credentials are meant to restrict can be compromised when the credentials are improperly stored.

Scope:
This portion of the policy applies to all software that will access a Xensys Corporation, multi-user production database.

General:
In order to maintain the security of Xensys Corporation's internal databases, access by software programs must be granted only after authentication with credentials. The credentials used for this authentication must not reside in the main, executing body of the program's source code in clear text. Database credentials must not be stored in a location that can be accessed through a web server.

Top

Specifics of Data Storage and Usage:

Storage of User Names, E-mail, Passwords and Online backup:
Database user names and passwords may be stored in a file separate from the executing body of the program's code. This file is not world readable.

Data stored online, such as user names, passwords, files, and email messages are protected from internal and external access by industry security standards. All data are protected from unauthorized access by Xensys employees and access from the World Wide Web. Customer e-mail is stored and secured to industry standards and will not be viewed or used to mine data.

E-mail messages, data, and personal information will not be accessed except by network administration in the course of delivering a service.

Database credentials may reside on the database server. In this case, a hash number identifying the credentials may be stored in the executing body of the program's code.

Database credentials may be stored as part of an authentication server (e.g., an entitlement directory), such as an LDAP server used for user authentication. Database authentication may occur on behalf of a program as part of the user authentication process at the authentication server. In this case, there is no need for programmatic use of database credentials.

Database credentials may not reside in the documents tree of a web server.

Pass through authentication (e.g., Oracle OPS$ authentication) must not allow access to the database based solely upon a remote user's authentication on the remote host.

Passwords or pass phrases used to access a database must adhere to the Password and Sensitive Personal Data Storage Policy

Retrieval of Database User Names and Passwords:
If stored in a file that is not source code, then database user names and passwords must be read from the file immediately prior to use. Immediately following database authentication, the memory containing the user name and password must be released or cleared.

The scope into which you may store database credentials must be physically separated from the other areas of your code, e.g., the credentials must be in a separate source file. The file that contains the credentials must contain no other code but the credentials (e.g., the user name and password) and any functions, routines, or methods that will be used to access the credentials.

For languages that execute from source code, the credentials' source file must not reside in the same browseable or executable file directory tree in which the executing body of code resides.

Access to Database User Names and Passwords:
Every program or every collection of programs implementing a single business function must have unique database credentials. Sharing of credentials between programs is not allowed.

Database passwords used by programs are system-level passwords as defined by the Password and Sensitive Personal Data Storage Policy.

Developer groups must have a process in place to ensure that database passwords are controlled and changed in accordance with the Password and Sensitive Personal Data Storage Policy. This process must include a method for restricting knowledge of database passwords to a need-to-know basis.

Top

Surveys and Customer Feedback:
In addition to required member information, we may conduct surveys and ask users to volunteer demographic information to be used on an aggregate basis for internal market research, joint research projects with outside companies involved in product development. We use such information to better focus our services and to personalize the scope of services offered to each individual user. This is intended for quality control. No user information will at any time be compiled into mailing lists or sold to other organizations.

We use non-identifying and aggregate information to better design our website and to share with our internal Marketing Department. For example, we may tell the Marketing Department that X number of individuals or businesses visited a certain area on our website or filled out our registration form, but we would not disclose anything that could be used to identify those individuals or businesses.

Online Help And Chat Functions:
If you participate in Xensys Corporation’s online help function, you may be using a chat style program. You should be aware that the information you provide there may be made broadly available to others, potentially inside or outside Xensys, who have access to that discussion forum or chat room. Also, please recognize that individual forums and chat rooms may have additional rules and conditions. Each participant's opinion on a forum or chat room is his or her own and should not be considered as reflecting the opinion of Xensys Corporation.

Use of Suppliers:
In some cases Xensys Corporation uses suppliers to collect, use, analyze and otherwise process information and services on its behalf. It is the policy of Xensys Corporation to require such suppliers to handle information in a manner consistent with our policies. Our suppliers may consist of tax and auditing firms, banks for merchant accounts to process financial transactions, and organizations handling vended services.

While we strive to maintain online supplier relationships with the best in the industry, Xensys Corporation does not exert control over the practices of its suppliers. If you have questions about how our online suppliers use the information gathered, we invite you to visit their privacy policies. These are external links and as such Xensys Corporation is not responsible for the privacy practices and the content of suppliers' websites.

Children's Privacy:
Xensys appreciates the rights of children online and recommends that parents and families create rules for allowing their children access to the Internet. However, Xensys Corporation intends its readership and customers to be strictly other business and as such this site is not intended for anyone under the age of 13. We do not target anyone under the age of 13. We do not knowingly collect information from children under 13.

Notification of Changes:

This document was last updated September 19, 2007.

How to Contact Us
We are here to help you. If any questions arise concerning this Privacy Policy or your privacy in doing business with the Xensys Corporation, we welcome your inquiry. Please contact us to the attention of the Privacy Manager, privacy@xensys.net.

Top