Harland Clarke does not capture and store any personal information about individuals who access this website, except where you voluntarily choose to give us your personal details via the online e-mail form or if you are an employee entering the Employee area of the site. The personal information you give us is used exclusively by Harland Clarke for providing you with current and future information. We will not pass any of the personal data that you have provided us to any outside organizations and/or individuals, except with your express consent.
Harland Clarke's Information Security Program (ISP)
Harland Clarke's Information Security Program (ISP) is based on the standards identified by the International Standards Organization (ISO). We review and test our online security measures regularly. These measures include:
- Authentication- Users require a unique user account and password. Our policy states user accounts must not be shared and requires complex password construction.
- Encryption - All data input during a user's session is encrypted during transmission. Sessions are logged out after 15 minutes of inactivity.
- Vulnerability Testing - We maintain current patches and anti-virus definitions, and an independent security firm regularly performs vulnerability tests on our perimeter and enterprise infrastructure.
- Monitoring - We monitor for security events with Intrusion Detection and respond with our Security Threat Response Team (START).
- Annual Auditing - Our audit plan includes an annual review of our control measures, penetration testing, and an annual certification of our perimeter and enterprise to ensure Harland Clarke is meeting or exceeding essential security best practices.
We are registered with the following organizations:
Cybertrust® Our network has been certified by Cybertrust (formerly TruSecure) since 2002. For information on Cybertrust certification visit their website at www.cybertrust.com.
Web browsing "cookies"
A cookie is a piece of data stored directly on the user's computer hard drive that contains information about the user. Harland Clarke's site is not capable of using the cookies on a user's computer to identify the user. Cookies are used only for storing temporary information. For example, the user will only have to log in once while on Harland Clarke's site. Once the user closes the browser, the cookie created while browsing the Harland Clarke site terminates. If a user rejects the cookie by having the function turned off in the browser settings, the user can still use Harland Clarke's site. In this case, though, usability of the site may be limited.
Harland Clarke uses Internet Protocol (IP) addresses to administer the site, track page views and click-through activity, and gather broad information for internal use. IP addresses are not linked to personally identifiable information. For applications that have audit requirements, a unique user ID and password are necessary. To ensure audit controls are enforced, Harland Clarke will log and track the user ID while on our site.
A site may contain links to other sites. Please be aware that Harland Clarke is not responsible for the privacy practices of sites not managed or maintained by our company. Harland Clarke encourages Web users to read the Privacy Statement of any site that collects personally identifiable information. Harland Clarke's Privacy Statement applies solely to information collected by Harland Clarke.
Surveys and contests
On occasion Harland Clarke may request information from users through surveys. Participation in these surveys is voluntary. Information requested may include contact information (such as name and phone number) for the purposes of contacting survey respondents if they have granted permission for Harland Clarke to do so. Surveys may solicit opinions and general information such as client/employee satisfaction and user satisfaction. Such information is for Harland Clarke's internal use only.
Harland Clarke may use nonaffiliated companies to perform services on our behalf and at our direction (with the permission of those financial institutions with which Harland Clarke does business) to help Harland Clarke communicate with consumers or provide them with products or services. In these instances, Harland Clarke has written agreements that require the parties with whom it shares information to keep it safe and confidential and to use it only for the purposes specified.
When entering into an agreement to provide services to any financial institution, Harland Clarke contractually agrees the user's personally identifiable, non-public information will not be sold or provided in any way to another entity except as stated above. Harland Clarke will not share that information with any other party, including affiliates of Harland Clarke, for purposes that are not related to providing services to those financial institutions and/or their account holders.
All Harland Clarke employees are kept up-to-date on our security and privacy practices. When new policies are implemented, Harland Clarke's employees are notified and reminded of the importance the company places on consumer privacy.
Finally, the servers in which Harland Clarke stores personally identifiable information are kept in a secure environment and Cybertrust Inc., an Internet Security Service Provider, currently certifies this environment. Periodic assessments are conducted to ensure the controls in place are functioning as designed.