Last updated on February 24, 2004
Security and Privacy Posture
As an Information Technology Security Provider (ITSP), WhiteHat actively supports
the evolution of security and privacy technologies, standards, industry best practices
and legislation to achieve Privacy goals. WhiteHat is a trusted partner committed
to superior customer service and delivering value through exceptional employees, partners
and suppliers. Our code of ethics and client confidentiality prohibits the disclosure
of personal information, client information and relationships.
In general, whether we know you as an individual or as an employee/representative
of a corporation does not materially change the manner in which we treat your information.
You may choose to disclose personal information, such as your name, address, employer,
job title or e-mail address, for purposes of correspondence, to obtain information,
to process an order, to seek a subscription service, or to gain employment. In any
event, your information is subject to the same high standards of confidentiality and
privacy.
WhiteHat has been granted the "Enhanced Reliability" security clearance level by the
Canadian Government.
Advertising
WhiteHat does not accept any advertising on any of its websites. Banner ads
are strictly prohibited. Since the cost of maintaining those sites is borne solely
by us, we have exclusive control and rights to the information generated by the site,
therefore eliminating any basis by which an advertiser, vendor or any other third
party can compromise our Privacy Policy.
Marketing
Information generated on WhiteHat website(s) and attendant personal information
may be employed internally for marketing purposes. Typical marketing activities include
determination of the popularity of specific products, vendors, web pages, geographical
correlation of business activity and trends, industry trends, etc. At no time, and
under no circumstance, is personal information transmitted or distributed outside
WhiteHat.
Fulfilling Transactions
In fulfilling a transaction, whether it is a request for information, or the delivery
of a product, we may share information with others as required by the context of the
transaction. For instance, in shipping an order, the processes may, as a consequence,
require information disclosure to financial institutions (merchant credit card services
or credit check), manufacturer/vendor (user database, support and maintenance information),
shipping companies (courier, postal service) or government authorities (customs authorities).
In any event, this disclosure is implicit in, and is limited to that required, for
the completion of that transaction.
WhiteHat may also elect to contact you as a participant in client satisfaction surveys,
confirmation of details for financial or quality audit purposes, or for market research.
Credit Card Information
WhiteHat accepts personal and corporate credit cards as a payment method;
our internal processes and procedures do not require the storage of credit card information
on any Internet-connected computer system. Further, after completion of the transaction,
no credit card information persists on any WhiteHat computer system or storage device.
Cookies, Web Beacons and Information Collection
We do not employ cookies, nor web beacons. WhiteHat does not collect personal information
to personalize web browsing.
External Web sites
Our web sites may reference external (non-WhiteHat) web sites in several
manners. For example, our server may access and include external website information
into a WhiteHat web page, or our page may contain a link to other web sites. WhiteHat
Inc. is not responsible for the content or for the privacy practices of external Web
sites.
E-mail Distribution Lists (SPAM policy)
WhiteHat has a strict anti-SPAM policy and does not maintain or employ any e-mail
distribution lists for promotion, publicity, advertising or marketing.
We do not initiate or perform any unsolicited e-mail campaigns, either internally
or through any third-party.
WhiteHat does maintain e-mail distribution lists where e-mail information is a service
specifically purchased by a client and with the implicit permission of that client.
An example of this is the e-mail announcement of new patches and version upgrades
for software purchased under an Upgrade Maintenance and Support Agreement.
WhiteHat actively supports the efforts of a legitimate anti-SPAM organizations, technologies,
standards and policies. Internally, we employ a variety of anti-SPAM technologies.
As such, be advised that an e-mail message sent to us by you may be rejected and never
viewed if it originates from a known and listed "SPAM haven".
Human Resources
In the regular course of business, WhiteHat accepts employment inquiries and applicant
resumes. The privacy and confidentiality of these communications and resumes are afforded
the same protection as that enjoyed by personal information, client information and
our internal employee information. This information will not be disclosed to any party
outside of WhiteHat. This information may be kept for possible future reference for
an appropriate period of time, unless we are instructed otherwise. Physical documents
are destroyed by cross-cut shredding.
Any individual sending personal information and/or resumes is assumed to understand
and accept the risks associated with their transmission of personal data in clear
text over the public Internet. WhiteHat accepts no responsibility whatsoever for any
possible interception, duplication, or redirection of your e-mail while on the public
Internet.
Privacy Exceptions
Required By Law
WhiteHat is a corporation subject to law and regulation. Disclosure of personal information
may be required, but only to the extent and for the purposes of such required disclosure,
in response to a valid order of a court, governmental body, warrant or order, within
the guidelines of privacy legislation in effect.
Abuse, Illegal Activity or Security Risk
Personal information accompanied by indecent or obscene language; threats to business,
property, IT systems, WhiteHat personnel and/or third party individuals, businesses,
government or other entities; and any other inappropriate content constitute unacceptable
use of the Internet and its resources. Any attempt to obtain information, resources,
software or any other technology that will be used for illicit or immoral purposes
or attempted use by entities or territories known to be hostile to Canada, the U.S.A.
and their allies, or any attempt to transmit a computer virus, Trojan, backdoor or
any other malicious code, or any attempt to establish Denial of Service, or targeting
or facilitating WhiteHat as a SPAM recipient or relay will be considered hostile acts.
Any such behavior or suspect activity will be investigated and at the exclusive discretion
of WhiteHat, full disclosure of all attendant information and log entries will be
made to the appropriate parties and/or authorities, including law enforcement.
Note
It's important to note that if you give us personal information about somebody else,
or a corporation or other entity, we will assume that you are authorized to do so.
Notification of Changes
This Privacy Policy web page was last updated on February 24, 2004. If a
revision is made, the date at the top of the Privacy Policy web site page will be
updated.
Privacy Questions
For any questions or clarifications concerning this Privacy Policy, please send an
e-mail to privacy@whitehatinc.com, or contact us by telephone or mail. Our contact
information is located at: http://www.whitehatinc.com/corporate/contact.html
Be advised that we may ask you to verify your identity and to provide other details
to authenticate your request. We will expend best effort to a respond within an appropriate
timeframe.