This is a privacy policy for Ponemon Institute. Our homepage on the Web is located at http://www.ponemon.org. The full text of our privacy policy is available on the Web at http://www.ponemon.org/privacy_policy.html Users may go to lmci.asp for information on how to opt-in or opt-out of use of their information.
We invite you to contact us if you have questions about this policy. You may contact us by mail at the following address:
Ponemon Institute
2308 US 31 North
Traverse City, MI 49686
P.O. Box 601
Elk Rapids, MI 49629
United States
You may contact us by e-mail at research@ponemon.org. You may call us at 231.938.9900.
We have the following privacy seals and/or dispute resolution mechanisms. If you think we have not followed our privacy policy in some way, they can help you resolve your concern.
This policy is valid until 24 Feb, 2008 at 12:00:00 EST.
P3P policies declare the data they collect in groups (also referred to as "statements"). This policy contains 4 data groups. The data practices of each group will be explained separately.
We collect the following information:
At the user's option, we may also collect the following data:
This data will be used for the following purposes:
This data will be used by ourselves and our agents.
The following explanation is provided for why this data is collected:
Our Web server collects access logs containing this information.
We collect the following information:
At the user's option, we may also collect the following data:
This data will be used for the following purposes:
This data will be used by ourselves and our agents.
The following explanation is provided for why this data is collected:
Access to the Ponemon Institute RIM members only website, is only available to RIM members and those individuals who are carried under the account of RIM Member registrants of the website. In order to use this Web site, you must first complete the registration form. A username and password will be assigned to you within 48 hours. During registration you are required to provide contact information, minimally your name and email address. We use this information to contact you about the information, research and services on our site in which you have expressed interest. You have the option to provide other contact information such as business mailing address, work telephone numbers, job title, organization name and other contact information for the organization, to us; we encourage you to submit this information so we can provide you a more personalized experience on our site. Ponemon Institute is the sole owner of the information collected on www.ponemon.org. Ponemon Institute collects personally identifiable information from our users only at the RIM Council Sign In/Register.
We collect the following information:
At the user's option, we may also collect the following data:
This data will be used for the following purposes:
This data will be used by ourselves and our agents.
The following explanation is provided for why this data is collected:
If you use a bulletin board or chat room on the secure portion of this site, you should be aware that any personally identifiable information you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personally identifiable information you choose to submit in these forums.
We collect the following information:
At the user's option, we may also collect the following data:
This data will be used for the following purposes:
This data will be used by ourselves and our agents.
The data in this group has been marked as non-identifiable. This means that there is no reasonable way for the site to identify the individual person this data was collected from.
The following explanation is provided for why this data is collected:
We use WdWeb.Company to provide hosting and database management services on our site. When you sign up for access to the RIM members only portion of the website, we will share only the information you provide, minimally your contact name and email address as necessary for the WdWeb.Company to provide that service. During the registration process there are two ways where a registrant can indicate an opt in/opt-out choice. First, during registration the member is asked their preference for contact method: Email Only, Phone Only or Email &Phone. Secondly, there is a choice as to what information the registrant would like shared. These include: Company Name, Participant Name, Participant Title, Mailing Address, Work Phone, Work Fax. If your personally identifiable information changes, or if you wish to opt-out of receiving any further communications from our site, or if you wish to delete your registration from our site, you may correct, update, delete or deactivate it by emailing our customer support function available at research@ponemon.org or by contacting us by telephone or postal mail at the contact information listed previously. We do not collect sensitive personal information such as credit card or social security numbers. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. If you have any questions about security on our Web site, you can send email us at research@ponemon.org We reserve the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process served on our Web site. If we decide to change our privacy policy, we will post those changes to this privacy statement, the homepage, and other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. We reserve the right to modify this privacy statement at any time, so please review it frequently. If we make material changes to this policy, we will notify you here, by email, or by means of a notice on our homepage. We have updated our policy on 7-11-06.
Cookies are a technology which can be used to provide you with tailored information from a Web site. A cookie is an element of data that a Web site can send to your browser, which may then store it on your system. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it.
Our site makes use of cookies. Cookies are used for the following purposes:
The compact policy which corresponds to this policy is:
CP="IDC DSP COR CURa ADMa DEVa PSAa PSDa IVAi OUR STP LEG BUS IND PHY ONL COM NAV DEM"
The following table explains the meaning of each field in the compact policy.
| Field | Meaning |
| CP= | This is the compact policy header; it indicates that what follows is a P3P compact policy. |
| IDC | Access is available to contact information. |
| DSP | The policy contains at least one dispute-resolution mechanism. |
| COR | Violations of this policy will be corrected. |
| CURa | The data is used for completion of the current activity. |
| ADMa | The data is used for site administration. |
| DEVa | The data is used for research and development. |
| PSAa | The data is used for pseudononymous analysis. |
| PSDa | The data is used for pseudononymous decision-making. |
| IVAi | The data is used for analysis, including knowledge of the visitor's identity, if the user selects it. |
| OUR | The data is given to ourselves and our agents. |
| STP | The data is kept for the stated purpose only. |
| LEG | Legal requirements specify how long the data will be kept. |
| BUS | Our business practices specify how long the data will be kept. |
| IND | The data will be kept indefinitely. |
| PHY | Physical contact information is collected. |
| ONL | Online contact information is collected. |
| COM | Computer information is collected. |
| NAV | Navigation and clickstream data is collected. |
| DEM | Demographic and socioeconomic data is collected. |
The compact policy is sent by the Web server along with the cookies it describes. For more information, see the P3P deployment guide at http://www.w3.org/TR/p3pdeployment.
Microsoft Internet Explorer 6 will evaluate this policy's compact policy whenever it is used with a cookie. The actions IE will take depend on what privacy level the user has selected in their browser (Low, Medium, Medium High, or High; the default is Medium. In addition, IE will examine whether the cookie's policy is considered satisfactory or unsatisfactory, whether the cookie is a session cookie or a persistent cookie, and whether the cookie is used in a first-party or third-party context. This section will attempt to evaluate this policy's compact policy against Microsoft's stated behavior for IE6.
Note: this evaluation is currently experimental and should not be considered a substitute for testing with a real Web browser.
Satisfactory policy: this compact policy is considered satisfactory according to the rules defined by Internet Explorer 6. IE6 will accept cookies accompanied by this policy under the High, Medium High, Medium, Low, and Accept All Cookies settings.