EthicsPoint Privacy Policy

Effective July 25, 2007

EthicsPoint is committed to protecting your privacy in a variety of ways including using industry accepted security measures to protect against the loss, misuse and alteration of data contained in our system. The EthicsPoint Privacy Policy is designed to ensure the safety and accuracy of our customers' and visitors' personal information. Any information given to us will never be sold, rented, traded, or leased. This privacy policy covers the website: www.ethicspoint.com.

EthicsPoint does not publish text, images, or multimedia content that portray nudity, foul language, violence or other information not suitable for children. Web sites maintained by EthicsPoint are not directed to children under the age of 13. EthicsPoint will not knowingly collect or maintain personally identifiable information from or about anyone under 13. EthicsPoint is committed to assisting its clients in complying with privacy laws and adhering to the highest industry standards on privacy.

EthicsPoint is not responsible for content that is saved to any EthicsPoint system by reporters or client company representatives.

Collection and Use of Personally Identifiable Information

EthicsPoint collects personally identifiable information from reporters, clients and visitors in different ways.

Reporters:

No personally identifying information is automatically collected from reporters using EthicsPoint applications. Personally identifying information, such as name and email address, is stored only when a reporter voluntarily gives this information for use by a client company.

Clients:

Usernames and passwords are stored in our database for use with our software applications. This information is kept secure on our private servers and is only used to assist you in accessing your account as a client. No information is released outside of the EthicsPoint system.

Visitors:

EthicsPoint enables visitors to submit personally identifying information such as name and email address to its Web site through visitors' completion and submission inquiry forms related to our provision of services and subscription forms associated with newsletters and seminars. When EthicsPoint collects personally identifiable information from opt-in participants, such information is used by EthicsPoint only to respond to visitors' requests. In instances where opt-in participants' requests concern EthicsPoint partners, EthicsPoint will provide personally identifiable information only to respond to that request. EthicsPoint does not sell, rent, lease, trade or share visitors' personally identifiable information. EthicsPoint communicates only to users who affirmatively express an interest in receiving e-mails relevant to their interests, and visitors may "opt-in" and "opt-out" of receiving email communications through selections available on emails received. For participants of our web seminars, the only personally identifiable information we share is web seminar registration information and it is only shared with our web seminar presenters to provide this service. They are not permitted to use this information for their own marketing purposes.

Secure Communications

EthicsPoint will take reasonable precautions to protect personal information in its possession from loss, misuse and unauthorized access, disclosure, alteration and destruction.

All communications between the EthicsPoint site and a user's web browser are accomplished using 128 bit SSL encryption and Verisign certificates to protect confidential data. EthicsPoint does not allow users to transfer or receive confidential information unless they are using a validated 128 bit encrypted session.

We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

If you have any questions about security on our Web site, you can send email us at info@ethicspoint.com with "Questions about Web site Security" in the subject line.

We do not link this automatically-collected data to personally identifiable information.

Automatic Information Storage

Session Variables may be used temporarily in your system cache to create ease-of-use during your transaction. All Session Variables are deleted when you log off of EthicsPoint. Examples of such information are automatically produced alphanumeric numbers held during your session on our site to facilitate page-to-page transactions. Your name, email, phone, address, company name or any other identifying information is not stored at any time.

Use of Cookie and Log File Technology

A cookie is a small text file that is stored on a user's computer for record-keeping purposes. EthicsPoint utilizes Cookie technology for purposes of Web site traffic analysis such as the time/date of the visit, the time/date of last visit, the page viewed, the referrer, transaction information for eCommerce pages, and other data. EthicsPoint tracks click behavior in the e-mails it sends out. This data is used to update specific user-profile information, ascertain the areas of most interest to opt-in e-mail recipients, and to personalize e-mail messages to them. In addition, we use session ID cookies. These session Cookies are used to make it easier for you to navigate our site. A session ID Cookie expires when you close you browser.

If you reject Cookies, you may still use our site, but your ability to use some areas of our site, such as contests or surveys, will be limited.

As is true of most Web sites, we gather certain information automatically and store it in log files. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and clickstream data.

We use this information, to analyze trends, to administer the site, to track users' movements around the site and to gather demographic information about our user base as a whole.

We do not link automatically-collected data through the use of cookies and log files to personally identifiable information, nor are cookies used in the EthicsPoint reporting system application.

Use of Third Party Services

EthicsPoint contracts with third parties for Web-based services that include email delivery and content streaming, that may collect non-personally identifiable visitor data including IP address of their server and pages visited. These third parties may only use personally identifiable information, for example, email addresses, for the service requested and not for their own marketing purposes.

Use of Forums, Chat Rooms or Bulletin Boards

EthicsPoint makes available secure user group forums allowing our clients to communicate with one another on a variety of topics related to our industry and business. These forums are available by invitation only and require an EthicsPoint supplied username and password. Users of the forum have the choice to be identified or remain anonymous when making informational posts to the forum. Since these posts are displayed to other forum users we encourage you to manage your user profile appropriately.

Links to Other Sites

This Web site contains links to other sites that are not owned or controlled by EthicsPoint. Please be aware that EthicsPoint is not responsible for the privacy practices of such other sites.

We encourage you to be aware when you leave our site and to read the privacy statements of each and every Web site that collects personally identifiable information.

This privacy statement applies only to information collected by this Web site.

Terms

No company other than EthicsPoint is allowed to access information stored on our servers, unless expressly authorized by EthicsPoint. Unauthorized access to this information is a violation of the law. EthicsPoint has placed security measures and firewalls on all network servers in an attempt to prevent outside parties from accessing private information. In the event of a breach of security, EthicsPoint will press charges to the fullest extent against those parties illegally accessing information on our servers.

Safe Harbor Policy

EthicsPoint complies with the EU Safe Harbor framework as set forth by the Department of Commerce regarding the collection, use, and retention of data from the European Union. Please review our Safe Harbor Information page for more information.

Access to Personal Information

Upon request by mail or email (to the addresses noted below in the Contact Information section), EthicsPoint will grant individuals reasonable access to personal information that it holds about them. In addition, EthicsPoint will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. EthicsPoint shall provide a response to an access request within 30 days of receiving such request.

Disclosure Pursuant to Judicial or Government Subpoenas, Warrants or Orders

We reserve the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process served on our Web site.

Breach of Privacy Policy

If you have received unwanted, unsolicited email sent by EthicsPoint or from any EthicsPoint system or purporting to be sent via EthicsPoint, please forward a copy of that email with your comments to info@ethicspoint.com for review.

If you have questions or concerns regarding this statement, you should first contact Amanda L. Mayhew, General Counsel at amayhew@ethicspoint.com.

If you have any complaints regarding our compliance with Safe Harbor you should first contact Amanda L. Mayhew, General Counsel at amayhew@ethicspoint.com.

CONTACT INFORMATION

Questions or comments regarding this Policy should be submitted to EthicsPoint by mail or e-mail as follows:

EthicsPoint, Inc.
Office of the General Counsel
13221 SW 68th Parkway
Suite 120
Portland, OR 97223
USA
privacy@ethicspoint.com

CHANGES TO THIS PRIVACY POLICY

If we decide to change our privacy policy, we will post those changes to this privacy statement, the home page, and other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. We reserve the right to modify this privacy statement at any time, so please review it frequently. If we make material changes to this policy, we will notify you here, by email, or by means of a notice on our home page.