|
||||
InstaPAY International Privacy PolicyThe opportunities you deserve, the privacy you expectInstaPAY International (“InstaPAY”) offers a wide range of financial products and services to enable you and your business to meet its financial objectives. At InstaPAY, you can count on us to provide you with the responsive and professional service you deserve, and to protect your privacy and security along the way and at all times. This Privacy Policy describes how we protect and use your information in a safe, secure and responsible manner. We believe that protecting your privacy is an integral part of the customer service we provide to you. At InstaPAY, we value your relationship, and we work diligently every day to honor the trust you place in us. Your protection is our priorityWe strive to safeguard your data at all times. At InstaPAY:
How InstaPAY protects and uses customer information
About our websiteOur systems automatically switch to "secure" mode when you are asked to enter personal information on InstaPAY’s website (such as your monthly sales or account number). To keep your data safe, we use:
For more details on Internet security, please see our "About Internet Security" section. Use of cookies, Web beacons and similar filesWe design many features of our website so new visitors may anonymously learn about our products and services, and use our educational tools without revealing their identity. For new visitors, we use "cookies" and Web beacons to collect limited data (such as the date, time and areas of our website visited and the website the new visitor came from). When you select one of our products or services, or respond to marketing materials sent to you directly, we will try to identify your browser and may combine information from "cookies," Web beacons and other information collected online with any other data we maintain about you. By improving the marketing and content of our website and making your online experience more convenient, we are able to better serve our customers' financial needs. How to confirm accuracy of your informationWe commit to maintain accurate and up-to-date information on all of our customers. We provide access to account information in many ways - over the phone, in paper and online statements, and other communications. If you believe any of your information is incorrect, please notify us immediately using the customer service number provided on your account statement. We will respond timely to your request to correct inaccurate account or transaction information. However, in order to protect your information, we may ask to verify your identity and for other details to respond to your request. Notification of changesIf we make any changes to this Privacy Policy, we will revise the policy effective date below, so that you can keep track of when those changes occur. The policies and practices described in this disclosure are subject to change, but we will communicate any significant changes to you as required by applicable law. The policies and practices described in this disclosure replace all previous notices or statements regarding this subject. If you have any questions about our Privacy Policy, please send an e-mail message to info@instapayerp.com This Privacy Policy is Effective as of February 10, 2009.About Internet SecurityHow Does Browser Security Work?Recent versions of most internet browsers support the encrypted transmission of online documents and the data you enter on a web page. This means that instead of sending readable text, both your browser and the website's secure server encode all text using a security key. That way, personal data sent to your browser or data you send back would be extremely difficult to decode in the unlikely event it was intercepted by an unauthorized party. The key used for encoding is a random number that is unique to your session at the secure website. There are two grades of internet security: International-grade encryption uses a 40-bit random number negotiated between your browser and the web-server. This means that only one out of about 1,000,000,000,000 possible decoding keys can be used to decipher your data. Domestic-grade encryption uses a 128-bit key, so that the number of possible keys is vastly larger. The InstaPAY site uses the highest grade of encryption supported by your browser and your internet connection. How Do I Know If Security Is Operating?Your internet session is encrypted if your security-enabled browser is connected to a website using the Secure Hypertext Transport Protocol. URL strings beginning with "HTTPS://" instead of the usual "HTTP://" indicate that the secure protocol is in effect. Your browser may also tell you if security is operating. For example, Mozilla's Firefox will display the icon in the lower right corner of your screen in secure mode. Microsoft Internet Explorer shows an icon. Note that security may be operating without any visible indication if the web page you are viewing employs frames (see below). If secure transmission is not in effect or only part of a frame-based page is secure, Firefox shows the "red-slashed lock" icon, and Explorer does not show the "lock" icon. Most browsers can be set to give you a pop-up announcement when you enter or leave a secure web page. In Firefox, these settings are on the Security section when you select "Options" on the Tools menu. In IE, the setting is on the "Advanced" tab when you select "Options" on the View menu. Secure Mode and Frame-Based Web PagesSecurity may be operating without displaying any security icons (or Firefox may show the "red-slashed lock" icon) if only part of a frame-based page is employing security. You can verify the security of a page within a frame by opening it in a new browser window. Both IE and Firefox allow you to open a link in a new window by right-clicking on the link and selecting that option from the pop-up context menu. When a secure page is open in its own window, instead of being viewed within a frame, you can then see the security icons provided by your browser as well as the "https://" secure protocol prefix in the URL string. CookiesWhen you visit a website, a small file called a "cookie" may be saved to your computer’s hard drive during your visit. When you revisit the site, the website’s server may open the cookie file and access the stored information. You can usually set your browser to limit or let you know about cookies that a website places on your computer. Web BeaconsA Web beacon is a graphic image (such as a pixel tag or clear GIF) that is placed on a web page or in an e-mail message to monitor user activity (such as whether the web page or e-mail message is read or clicked). They are often invisible because they are very small in size. They are also used on many web pages for alignment purposes. We sometimes use Web beacons to provide an independent accounting of how many people visit our websites or to gather statistics about browser usage at our websites. Some of our web pages and HTML-formatted e-mail newsletters use Web beacons in conjunction with cookies. It is difficult for you to limit the use of Web beacons because there is no easy way to distinguish their use from alignment and other purposes. They may be loaded from a different web server than the rest of the page. Similar DevicesFor example, we include URLs in e-mail marketing materials sent directly to you (such as special offers) so that we can identify that it is you responding to the campaign and provide details on the offer available to you. What are Shared Secrets?Shared secrets are the most common security method for accessing confidential information. A shared secret is something known to both the user and the holder of the confidential information. The most common shared secrets are a user ID and password. These shared secrets allow the user to log into the site of the holder of confidential information such as a financial institution or online merchant. Shared secrets form an integral part of user authentication in today's online environment. Protecting Your Shared SecretsProtecting your shared secrets ensures that information accessed via those shared secrets is protected. You should never record your shared secrets electronically such as in documents or spreadsheets. In the event of a compromise of your computer hard drive, your shared secrets can be compromised as well placing all the data protected by those shared secrets at banks and merchants at risk. Likewise you should never store credit card numbers, expiration dates, bank account number, social security numbers, driver’s license number or other personal identifying information electronically on your computer for the same reason. Your shared secrets should never be revealed in response to unsolicited e-mails. Criminals attempt to obtain individual’s personal identifying information and use that information illegally such as to open and/or use credit cards, obtain phone or utility accounts, obtain loans, work, open bank accounts and/or pass fraudulent checks using a technique called "phishing". Criminals may also attempt to obtain that information over the phone posing as a survey taker, telemarketer or other unsolicited caller ("pretexting"). Common Shared SecretsTo minimize the potential compromise of your shared secrets, you should avoid commonly used secrets such as names (yours, your spouse's, your children's, parents), common terms that appear in the dictionary (brute force attacks to crack passwords often use dictionaries in an attempt to randomly match the password), exclusively numbers (numbers range from 0 to 9 for each character where letters range from a to z creating 26 potential variations or 52 if case sensitive). The best passwords are a combination of both letters and numbers where the letters do not spell words that could be found in a dictionary and the password is of sufficient length, 6 characters or preferably more, to make brute force attacks harder. We suggest you do not use shared secrets across multiple domains (e.g. websites). If you use the same logon and password while shopping or surfing online as you use for your bank, if one of the online merchant sites is compromised, your user ID and password could then be used to access your bank information. Not all websites apply the same level of security to their database. The use of a single logon ID and password across multiple sites is only as secure as the least secure site. |
||||
|