Conxxus has created this security and privacy statement in order to document and communicate its commitment to doing business with the highest ethical standards and appropriate internal controls.
We respect your privacy. Information you entrust to Conxxus will be handled with the greatest care, and Conxxus will not use the information in ways to which you have not consented or is not required by law.
Links to Other Sites - This site contains a number of links to other sites. Conxxus is not responsible for the security or privacy practices of these sites, the products or services offered by these sites, or the content appearing at these sites. Conxxus does not endorse any of the products or services marketed at these other sites
WEB SITE INFORMATION GATHERING
Conxxus recognizes the importance of keeping the information we collect about you confidential. We always take great care to protect what you entrust to us. Conxxus is committed to protecting the privacy of visitors to our website.
Personal Information Gathering - We do not automatically collect personally identifiable information (PII) about our web site visitors. We may record the Internet protocol (IP) address of the computer you are using, the browser software used, the operating systems used, and the websites from which our visitors link directly to our site. We aggregate and use this information to determine how many visitors we have to different pages on our web site, to detect and correct systems problems, and to improve the usability of our web site. This information is not connected to individual names or personal identities.
Explicit Information Gathering - You can examine our entire web site without providing any information whatsoever. Our web site’s request-for-more-information form requires users to give us contact information. This information is used to provide information to those who inquire about our products and services, to ship orders, to bill orders, and to handle related business matters. This information is also used to get in touch with customers when necessary. From time to time, the information gathered through this site will be used to notify you about products and services that we think will be of interest to you.
Personal Information Usage - When you disclose personal information to us that is where it stays. The only exception involves disclosure to the government according to normal business practice, for instance for the collection of taxes, and according to the orders of a court, for example responding to a subpoena or search warrant. We do not sell, rent, trade, lend, or otherwise transfer such personal information to affiliates, subsidiaries, sister companies, holding companies, parent companies, strategic partners, or any other organization.
Precautions For Children - Conxxus does not attempt to collect personal information from children, and we do not provide services to children. The Conxxus website is not directed to children under age 18, and we do not knowingly collect personal information from children under age 18. If a child sends personal information to us, and this information can be identified as originating from a child, the information will be deleted. We cannot always determine which information originates with a user that is a child. We do not maintain databases about children.
EMAIL LIST PRIVACY
Opt-in Email Lists - We use email lists that we have assembled from people who have indicated they want additional information about our services. Additionally, we use email lists that are comprised of people who have requested additional information about services similar to those Conxxus provides.
Third Party Email Lists – Currently, Conxxus does not purchase email addresses and other contact information from outside vendors for the purposes of marketing and selling our products and services. If this changes, the policy statement will be updated to disclose vendor information.
Personal Contacts: Conxxus personnel frequently give presentations at conferences and seminars; write books, articles and newsletters; and participate in similar types of group and individual communications. We often receive business cards as well as requests for additional information or help with risk related issues. When we receive requests for information or help in person, from our web site from information volunteered by our web site visitors, or from conferences from people indicating they want more information about our type of services, we will place these individuals on our contact list.
Email List Privacy - With the above exception, Conxxus does not sell, rent or share our email lists with any other third parties. We do not link our email lists to any other databases. We do not store emails or individual information on our web server. All personally identifiable information is stored on servers behind our firewall.
THIRD PARTY ACCESS TO PERSON INFORMATION
Conxxus may use third-parties to process your personal information. In these cases, the information is only used for Conxxus business purposes. Conxxus contractually prohibits these vendors from using your personal data for any other activities, and from disclosing, selling or leasing them to any other parties.
THIRD PARTY ADVERTISING
Third Party Ads – Certain pages of our web site may contain advertisements from third- parties not affiliated with Conxxus. These advertisements may collect your IP address if you click on the ads. Otherwise, they do not collect personal information.
Behavioral Targeting - In order to better serve customers via our web site, Conxxus uses software to track online behavior of web site visitors, including their visits to other web sites. This information is used to solely to distribute content that is more relevant to web site users, and it is not stored or sold to any third parties.
Third Party Certification - Conxxus uses the (TRUSTe) service to validate the privacy policies on this web site. Web site visitors can verify our status by clicking on the TRUSTe logo on the web site.
Compelled Disclosure - There may be times when we are required by law to disclose the information that you have submitted. Unless we are legally prohibited to do so, we will do our best to provide you with notice that a request for your information has been made to give you an opportunity to object to the disclosure. If you do not challenge the disclosure request, we may be legally required to turn over your information.
WEB SITE SECURITY
Security Measures - Our site is protected with a variety of security measures such as change control procedures, passwords, and physical access controls. We also employ a variety of other mechanisms to ensure that data you provide is not lost, misused, or altered inappropriately. These controls include data confidentiality policies and regular database backups.
Encryption Policy - Please be aware that the information you send to us in the information request form, privacy information request form, or in an email message will not be encrypted. Do not send any confidential information within clear text forms or email messages. If you want to give us confidential information, please call us at the number given at the bottom of this page.
Encryption Policy - We use (type of encryption, such as SSL, SHTTP, etc.) encryption to protect the information you submit to us.
Storage of Personally Identifiable Information (PII) - We do not store any personally identifiable information on our web server.
Accountability - Information security personnel ensure the security of the information we process and store.
Policies and Procedures - Conxxus has internal policies and procedures to limit access to your information to only those who have a business need to view it.
Collecting Confidential Information – Conxxus will always use encryption when collecting personal information via web forms. Web site users can identify these forms by looking in the address bar of the browser, where the “https” in the URL indicates a secure connection. Site users can also view the “padlock” icon within the browser window. A closed padlock indicates an encrypted connection.
YOUR PERSONAL INFORMATION
Access to Personal Information - We make every effort to keep our records accurate. We will make appropriate changes when you notify us. We will follow procedures to verify your identity before providing this information to further protect your privacy.
Email Lists - If you are currently on our email list and wish to be removed, please send an email to firstname.lastname@example.org.
Customer Information Requests - With respect to this web site, there are two options regarding your personal information. If you wish to contact us about our products or services, then you need to disclose your contact information so that we can service your request. If you wish to remove your name and related information from our contact database, we will promptly take action to comply with your request. We are pleased to process address error correction notices and address change requests through any of the following channels:
• Sending electronic mail to email@example.com.
• Sending regular mail to 230 W. Ottawa, Paxton, IL 60957.
• Calling (217) 379-2026 during regular business hours for CST.
This policy helps address the requirements of the following regulations and standards:
OECD Fair Information Principles
FTC Online Privacy Principles – US Federal Trade Commission COPPA – Children’s Online Privacy Protection Act
ISO 27002: 15.1.4 Data protection and privacy of personal information Health Care: HIPAA Privacy - Final Rule, HITECH Act
Financial Services: GLBA Act, Title V - Privacy