Privacy Policy on Information Collection and Use

Carillon Information Security Inc. is the sole owner of the information collected on this site. We will not sell, share, or rent this information to others in ways different from what is disclosed in this statement. Carillon Information Security Inc. collects information from our users at several different points on our website.

Cookies
A cookie is a piece of data stored on the user's hard drive containing information about the user. Usage of a cookie is in no way linked to any personally identifiable information while on our site. Once the user closes their browser, the cookie simply terminates. For instance, by setting a cookie on our site, the user would not have to log in a password more than once, thereby saving time while on our site. If a user rejects the cookie, they may still use our site.

Log Files
We use IP addresses to analyze trends, administer the site, track user's movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.

Links
This web site contains links to other sites. Please be aware that we (Carillon Information Security Inc.) are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects personally identifiable information. This privacy statement applies solely to information collected by this Web site.

Security
This website takes every precaution to protect our users' information. When users submit sensitive information via the website, their information is protected both online and offline.

While we use SSL encryption to protect sensitive information online, we also do everything in our power to protect user information offline. All of our users' information, including the sensitive information mentioned above, is restricted in our offices. Only employees who need the information to perform a specific job (for example, our billing clerk or a customer service representative) are granted access to personally identifiable information. Our employees must use password-protected screensavers when they leave their desk. When they return, they must re-enter their password to regain access to user information. Furthermore, all employees are kept up to date on our security and privacy practices. Every quarter, as well as any time new policies are added, our employees are notified and/or reminded about the importance of privacy and what they can do to ensure our customers' information is protected. Finally, the servers that we store personally identifiable information on are kept in a secure environment.

If you have any questions about the privacy and security policies at our website, you can send an email to privacy@carillon.ca.

Personal Information Collected:
Carillon collects personally identifiable information from our web visitors and customers only in the following cases:
Download of Whitepapers and other documents: In the event that a visitor would like to download a document that we provide, we provide an optional feedback form that collects name, affiliation and email address information. This information is for review by our product development and sales teams, both to identify potential customers, as well as to fine tune our product lines. This information will never be shared with any third party.
Customers desiring to Contact Carillon: On our "Contact us" page, there is a form to be filled out by individuals and companies desiring to be contacted by Carillon. This information is used for the purposes of marketing and sales and will never be shared with any third party.
Purchase of Basic Assurance Certificates: For customers desiring to purchase Basic Assurance Certificates, we collect information as required to create and maintain a PKI Subscriber record, as well as information necessary to perform credit card billing and tax assessment. For the Subscriber record, the information is shared with our PKI Provider (Cassidian, a division of EADS) via a secured and strongly encrypted link to their PKI bunker in Germany, where Certificate Issuance is performed. Further information regarding EADS's privacy policy, as well as details of the uses of this Subscriber record can be found in the terms and conditions of the Certificates in question, and on the EADS Corporate web site. All other information collected for this service is stored according to the requirements of the PCI-DSS.

Correction/Updating Personal Information:
If a user's personally identifiable information changes (such as a postal code), or if a user no longer desires our service, we will endeavour to provide a way to correct, update or remove that user's personal data provided to us. This can be done by emailing our Customer Support department.

Notification of Changes
If we decide to change our privacy policy, we will post those changes on our homepage so our users are always aware of what information we collect, how we use it, and under which circumstances, if any, we disclose it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether we use their information in this different manner. We will use information in accordance with the privacy policy under which the information was collected.