Privacy Policy

Security and Privacy Posture
As an Information Technology Security Provider (ITSP), WhiteHat actively supports the evolution of security and privacy technologies, standards, industry best practices and legislation to achieve Privacy goals. WhiteHat is a trusted partner committed to superior customer service and delivering value through exceptional employees, partners and suppliers. Our code of ethics and client confidentiality prohibits the disclosure of personal information, client information and relationships.

In general, whether we know you as an individual or as an employee/representative of a corporation does not materially change the manner in which we treat your information. You may choose to disclose personal information, such as your name, address, employer, job title or e-mail address, for purposes of correspondence, to obtain information, to process an order, to seek a subscription service, or to gain employment. In any event, your information is subject to the same high standards of confidentiality and privacy.

WhiteHat has been granted the "Enhanced Reliability" security clearance level by the Canadian Government.

Advertising
WhiteHat does not accept any advertising on any of its websites. Banner ads are strictly prohibited. Since the cost of maintaining those sites is borne solely by us, we have exclusive control and rights to the information generated by the site, therefore eliminating any basis by which an advertiser, vendor or any other third party can compromise our Privacy Policy.

Marketing
Information generated on WhiteHat website(s) and attendant personal information may be employed internally for marketing purposes. Typical marketing activities include determination of the popularity of specific products, vendors, web pages, geographical correlation of business activity and trends, industry trends, etc. At no time, and under no circumstance, is personal information transmitted or distributed outside WhiteHat.

Children's Privacy
This Web site is not intended for people under the age of 13. WhiteHat Inc. does not knowingly solicit or collect information from children or minors (under 18).

Fulfilling Transactions
In fulfilling a transaction, whether it is a request for information, or the delivery of a product, we may share information with others as required by the context of the transaction. For instance, in shipping an order, the processes may, as a consequence, require information disclosure to financial institutions (merchant credit card services or credit check), manufacturer/vendor (user database, support and maintenance information), shipping companies (courier, postal service) or government authorities (customs authorities). In any event, this disclosure is implicit in, and is limited to that required, for the completion of that transaction.

WhiteHat may also elect to contact you as a participant in client satisfaction surveys, confirmation of details for financial or quality audit purposes, or for market research.

Credit Card Information
WhiteHat accepts personal and corporate credit cards as a payment method; our internal processes and procedures do not require the storage of credit card information on any Internet-connected computer system. Further, after completion of the transaction, no credit card information persists on any WhiteHat computer system or storage device.

Cookies, Web Beacons and Information Collection
We do not employ cookies, nor web beacons. WhiteHat does not collect personal information to personalize web browsing.

External Web sites
Our web sites may reference external (non-WhiteHat) web sites in several manners. For example, our server may access and include external website information into a WhiteHat web page, or our page may contain a link to other web sites. WhiteHat Inc. is not responsible for the content or for the privacy practices of external Web sites.

E-mail Distribution Lists (SPAM policy)
WhiteHat has a strict anti-SPAM policy and does not maintain or employ any e-mail distribution lists for promotion, publicity, advertising or marketing.

We do not initiate or perform any unsolicited e-mail campaigns, either internally or through any third-party.

WhiteHat does maintain e-mail distribution lists where e-mail information is a service specifically purchased by a client and with the implicit permission of that client. An example of this is the e-mail announcement of new patches and version upgrades for software purchased under an Upgrade Maintenance and Support Agreement.

WhiteHat actively supports the efforts of a legitimate anti-SPAM organizations, technologies, standards and policies. Internally, we employ a variety of anti-SPAM technologies. As such, be advised that an e-mail message sent to us by you may be rejected and never viewed if it originates from a known and listed "SPAM haven".

Human Resources
In the regular course of business, WhiteHat accepts employment inquiries and applicant resumes. The privacy and confidentiality of these communications and resumes are afforded the same protection as that enjoyed by personal information, client information and our internal employee information. This information will not be disclosed to any party outside of WhiteHat. This information may be kept for possible future reference for an appropriate period of time, unless we are instructed otherwise. Physical documents are destroyed by cross-cut shredding.

Any individual sending personal information and/or resumes is assumed to understand and accept the risks associated with their transmission of personal data in clear text over the public Internet. WhiteHat accepts no responsibility whatsoever for any possible interception, duplication, or redirection of your e-mail while on the public Internet.

Privacy Exceptions

Required By Law
WhiteHat is a corporation subject to law and regulation. Disclosure of personal information may be required, but only to the extent and for the purposes of such required disclosure, in response to a valid order of a court, governmental body, warrant or order, within the guidelines of privacy legislation in effect.

Abuse, Illegal Activity or Security Risk
Personal information accompanied by indecent or obscene language; threats to business, property, IT systems, WhiteHat personnel and/or third party individuals, businesses, government or other entities; and any other inappropriate content constitute unacceptable use of the Internet and its resources. Any attempt to obtain information, resources, software or any other technology that will be used for illicit or immoral purposes or attempted use by entities or territories known to be hostile to Canada, the U.S.A. and their allies, or any attempt to transmit a computer virus, Trojan, backdoor or any other malicious code, or any attempt to establish Denial of Service, or targeting or facilitating WhiteHat as a SPAM recipient or relay will be considered hostile acts. Any such behavior or suspect activity will be investigated and at the exclusive discretion of WhiteHat, full disclosure of all attendant information and log entries will be made to the appropriate parties and/or authorities, including law enforcement.

Note
It's important to note that if you give us personal information about somebody else, or a corporation or other entity, we will assume that you are authorized to do so.

Notification of Changes
This Privacy Policy web page was last updated on February 24, 2004. If a revision is made, the date at the top of the Privacy Policy web site page will be updated.

Privacy Questions
For any questions or clarifications concerning this Privacy Policy, please send an e-mail to privacy@whitehatinc.com, or contact us by telephone or mail.

Be advised that we may ask you to verify your identity and to provide other details to authenticate your request. We will expend best effort to a respond within an appropriate timeframe.