Privacy
All about Privacy and Policy definitions within CAcert Policies
Privacy in CCA
The CAcert Community Agreement is the entry point to all policies in force. This includes all definitions about Privacy. CCA 1.4 Privacy definition is a quick summary of Privacy in AP and Privacy in Privacy Policy
http://www.cacert.org/policy/CAcertCommunityAgreement.php Section 1.4 Privacy
1.4 Privacy You give rights to CAcert to store, verify and process and publish your data in accordance with policies in force. These rights include shipping the data to foreign countries for system administration, support and processing purposes. Such shipping will only be done among CAcert Community administrators and Assurers. Privacy is further covered in the Privacy Policy ("PP" => COD5).
- References:
policies in force -> Assurance Policy
Privacy Policy -> Privacy Policy
- References:
Privacy in AP
The Assurance Policy was written after Privacy Policy, so therefor the enhancements have been added into the Assurance Policy
http://www.cacert.org/policy/AssurancePolicy.php Section 7. Privacy
7. Privacy CAcert is a "privacy" organisation, and takes the privacy of its Members seriously. The process maintains the security and privacy of both parties. Information is collected primarily to make claims within the certificates requested by users and to contact the Members. It is used secondarily for training, testing, administration and other internal purposes. The Member's information can be accessed under these circumstances: * Under Arbitrator ruling, in a duly filed dispute (Dispute Resolution Policy => COD7); * An Assurer in the process of an Assurance, as permitted on the CAcert Assurance Programme (CAP) form; * CAcert support administration and CAcert systems administration when operating under the authority of Arbitrator or under CAcert policy.
- References:
Dispute Resolution Policy -> http://www.cacert.org/policy/DisputeResolutionPolicy.php
- References:
Privacy in Privacy Policy
http://www.cacert.org/policy/PrivacyPolicy.html
Privacy Policy 0. Preliminaries This policy discloses what information we gather about you when you visit any of our Web site, and when you issue or use our certificates. It describes how we use that information and how you can control it. 1. Website information We collect two kinds of information about website users: 1) data that users volunteer by signing up to our website or when you send us an email via our contact form; and 2) aggregated tracking data we collect when users interact with our site. 2. Personal information When you post to the contact form, you must provide your name and email address. When you sign up to the website, you must provide your name, email address, date of birth and some lost pass phrase question and answers. We only share your information with any other organisation when so instructed by a CAcert arbitrator. 3. Aggregated tracking information We analyse visitors' use of our sites by tracking information such as page views, traffic flow, search terms, and click through. We use this information to improve our sites. We also share this anonymous traffic and demographic information in aggregate form with advertisers and other business partners. We do not share any information with advertisers that can identify an individual user. 4. Cookies Some of our advertisers use a third-party ad server to display ads. These ads may contain cookies. The ad server receives these cookies, and we don't have access to them. We don't use cookies to store personal information, we do use sessions, and if cookies are enabled, the session will be stored in a cookie, and we do not look for cookies, apart from the session id. However if cookies are disabled then no information will be stored on or looked for on your computer. 5. Notification of changes If we change our Privacy Policy, we will post those changes on www.CAcert.org. If we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users via email. Users will be able to opt out of any new use of their personal information. 6. How to update, correct, or delete your information You are able to update, add and remove your information at any time via our web interface, log into the 'My Account' and then click on the 'My Details' section, and then click the relevant link 7. Privacy of certificates CAcert does not automatically publish the certificates through a directory service or the website to other people than the user who requested the certificate. In the future, the user might be able to opt-in for publication of the certificates through a directory server by CAcert. 8. Privacy of user data CAcert Assurers can see the name, birthday and the number of points by looking up the correct email address. No other person related data is published by CAcert. 9. Exceptions A CAcert arbitrator may override this policy in a dispute. To obtain access to confidential data, a dispute has to be filed. 10. Legal mandates CAcert adopts the Australian privacy regulations. Please see http://www.privacy.gov.au/ for further details. Governmental warrants and civil supoenas will be processed through the dispute resolution system, which ensures that valid authority is given to whoever complies with the supoena or the warrant. If you need to contact us in writing, address your mail to: CAcert Inc. P.O. Box 66 Oatley NSW 2223 Australia
If you want to write a physical letter to CAcert Inc., please check, if the address mentionned is the actual postal address (policies maybe updatet not as fast as postal adresses change). The actual adress is:
CAcert Inc.
Clos Belmont 2
1208 Genève
Suisse
- References:
Australian privacy regulations -> AU Privacy Policy
- further references:
Privacy Act 1988 (Cth) -> AU Privacy Act 1988