Postini and SPAM in a BOX Privacy Statement

SPAM Privacy Statement

Solution | Email Security | Compliance | Resource Centre | Platform | Customers | Company
  Postini and SPAM in a BOX Privacy Statement  

Google Inc. (NASDAQ: GOOG) has completed the acquisition of Postini as of September 13, 2007.

Effective February 16, 2007

Overview

What Is Covered in this Privacy Statement? This Privacy Statement contains information on how Postini, Inc. ("Postini" or "we") processes certain categories of data relating to individual persons.

  • If you are a visitor to the portions of our website, www.postini.com or www.spaminabox.co.za , that can be accessed without a password (our "Public Website"), please see the section "Public Website Privacy" below for a comprehensive description of our data processing practices with respect to data about you. We refer to you as a "Public Website Visitor" in this Privacy Statement.
  • If you are an end user of Postini® services, please see the section "Service End User Privacy" below for information on our data processing practices with respect to data about you. For additional information, please contact the email service provider that contracts with us for the Postini service, which in most cases will be your employer or your Internet Service Provider. We refer to you as an "End User" in this Privacy Statement.
  • If you are a resident of any European Union Member State, please also see the section "EU Safe Harbor Privacy Statement" below for a comprehensive description of our data processing practices with respect to data about you in reference to the EU Safe Harbor Principles. We refer to data relating to you as an identifiable individual as "EU Personal Data."

What Is Not Covered in this Privacy Statement? We cover only our data processing practices described in the preceding paragraph. Without limitation, this Privacy Statement does not cover data that we collect offline, on businesses or legal entities or on our employees.

How Can You Contact Us? If you have questions or concerns regarding this Privacy Statement, you should first contact us by email at privacyrequest@postini.com. You can also write to Postini at 1600 Amphitheatre Parkway, Mountain View, CA 94043, Attention: Information Security Administrator. Postini will respond to personal information change requests within 30 days of receiving such requests.

What If You Do Not Get A Satisfactory Response? We will try our best to see that you will always get a satisfactory response from us. As part of this effort, we also offer you recourse to TRUSTe®, an independent, nonprofit organization dedicated to enabling individuals and organizations to establish trusting relationships based on respect for personal identity and information in the evolving networked world. Postini is a licensee of the TRUSTe Privacy Program. This Privacy Statement covers the url www.postini.com and www.spaminabox.co.za. TRUSTe's certification covers the gathering and dissemination of information described in this Privacy Statement, but not any of our other data processing practices. If you do not receive an acknowledgment of an inquiry sent to Postini, or if your inquiry has not been satisfactorily addressed, you may then contact TRUSTe at http://www.truste.org/consumers/watchdog_complaint.php. TRUSTe will then serve as a liaison with Postini to resolve your concerns.

How Will We Notify You of Changes? We reserve the right to make changes to this Privacy Statement. If we make any material changes in our data processing practices described herein that significantly affect your privacy, we will post a prominent notice on the Public Website notifying you of the change 30 days before the change takes effect. In some cases where we post such a notice, we may also send an email to you.

Public Website Privacy

What Is Covered by This Section? The paragraphs in this section describe how Postini uses and disseminates information collected about Public Website Visitors through our Public Website, which includes the portions of our website that are publicly available without a password. It does not cover any other data processing activities.

Your Use of the Public Website Implies Consent. Your use of the Public Website signifies your acceptance of this Privacy Statement. If you do not agree or are not comfortable with any policy described in this Privacy Statement, your remedies are to discontinue your use of the Public Website or to follow the other instructions described elsewhere in this Privacy Statement.

If You Don't Volunteer Any Personal Data, We Won't Collect Any Through the Public Website. We use cookies and various traffic tracking technologies to monitor the use of our Public Website. We collect such data related to IP addresses but do not link it to any personally identifiable information (such as names and email addresses) that you may voluntarily submit to us through other means (except as described below, in "Agents and Service Providers").

Agents and Service Providers. We engage data processing agents and service providers that assist us in the processing of personally identifiable information that Public Website Visitors may volunteer through the Public Website, as well as electronic messages and traffic data that is linked to IP addresses. Such third parties process data only on our behalf and are contractually obligated to refrain from using such data for their own purposes. For those of our Public Website visitors, who either (i) submit inquiries to us via Web Forms or (ii) have been directed to our Public Website after clicking on a link in marketing email from us, we use software from a company called Eloqua Corporation to connect such information submitted to us (such as email addresses and contact information) with the IP address and cookie on the computer that has submitted the information to us (see "Use of Cookies" below for a further description of cookies). Each time such visitors visit our Public Website after they have submitted a Web Form to us or clicked on a particular link in a marketing email from us, we maintain a record of certain information about their visit including the pages viewed on our Public Website, the time of the visit, the order of pages accessed and the amount of time such visitors spend at each page. We use this information to better tailor our services to our visitors. If you would prefer that we not link your personally identifiable information with data from your visits to our Public Website you have several options: (i) not submit your information to us via Web Form or click on a link to our Public Website in a marketing email from us, (ii) let us know via email that you would prefer to opt out, (iii) visit http://www.postini.com/optstatus.php and opt out of web monitoring via use of Eloqua software on our Public Website (iv) visit http://www.eloqua.com/privacy/optstatus.asp and globally opt out of all web monitoring via use of Eloqua software, or (v) disable cookies in your web browser.

Use of Cookies. A cookie is a small text file containing information that a web browser transfers to your computer's hard disk for record-keeping purposes. On the Public Website, we may use cookies to analyze our site traffic patterns, but, except as described above, we link cookies only to IP addresses and not any personally identifiable information about Public Website Visitors (such as names or email addresses). For example, we currently use third party web tracking software to analyze traffic to the Public Website. Other than as mentioned above, the software used by Postini does not have a database of individual profiles for each visitor connected to personally identifiable information. This third party software uses cookies to track non-personally identifiable information, and links cookies only to IP addresses and aggregate data about the traffic to the Public Website. Most web browsers automatically accept cookies. Please consult your browser's manual or online help if you want information on restricting or disabling the browser's handling of cookies. If you disable cookies, you can still view the Public Website, but some features may not be available and you may not be able to take advantage of offers or activities regarding online registration, which includes online sales.

Volunteered Information Collected on the Public Website. Public Website Visitors may contact us in a variety of ways, including, without limitation, by completing the Web Forms described in the table below. Contact information, such as name, address, email addresses and/or phone number, is typically provided when using these methods. This information is used to provide the services that are requested by the Public Website Visitor (e.g. to respond to your request for further information about us or our services, to send you a newsletter or White Paper if you request them, etc.). To update, correct or remove his or her contact information (for example, to unsubscribe), a Public Website Visitor may follow the directions in the table below:

Web Form Purpose To Update, Correct or Request Removal
Request to Have a Salesperson Contact Me Contact the Postini Sales department Send an email to privacyrequest@postini.com
Postini White Papers View Postini white papers Send an email to privacyrequest@postini.com
Postini Webcasts View Postini webcasts Send an email to privacyrequest@postini.com
Postini Insider Newsletter Receive email security newsletter Complete and submit the form located at http://www.postini.com/newsletter/unsu.html or follow the instructions provided in the newsletters.

Public Website Visitors may sign up to receive various information or services from us, including the following: (i) free trials of our services, (ii) our Newsletter, (iii) White Papers, (iv) product demonstrations, (v) our Webinars or those of other third parties. Each of these submissions will produce an automated email response to the email address entered into the form. We may send promotional emails to Public Website Visitors who have sent us such Web Forms, although we do not currently do so for newsletter subscribers. If you consent to it, we may provide your information from these Web Forms to certain of our authorized resellers to communicate information to you about our services. If thereafter you prefer us not to provide this information to our authorized resellers, you may let us know by following the instructions described in this policy.

If you do not wish to submit the personal information requested by these forms, you may call us at 888.584.3150 or 650.216.3574.

Postini also allows Public Website Visitors to contact us by email with questions, comments or requests. The information collected from these emails is used to reply to such questions, comments, or requests. Sometimes we file visitor's comments, so that we can improve the Public Website in the future. A small sample of visitors to the Public Website who contact us may be invited to participate in usability studies.

Disclosure to Third Parties. In the course of our normal business activities, we do not share personally identifiable data about Public Website Visitors with any independent third parties, other than with our agents, service providers and authorized resellers as described in the preceding paragraphs "Agents and Service Providers" and "Volunteered Information Collected on the Public Website." In particular, we are not in the business of selling, renting or loaning personally identifiable information to independent third parties.

Nevertheless, Postini may have to disclose information to third parties when required by law or under the good-faith belief that such disclosure is necessary in order to conform to applicable law, comply with legal process served on Postini, or to protect the property or interests of Postini, its agents and employees, or the personal safety of others, or the public. Under such circumstances, Postini may be prohibited by law, court order or other legal process from providing notice of the disclosure, and Postini reserves the right to not provide such notice in its sole discretion.

As its business evolves, Postini may sell, transfer or otherwise share some or all of its assets, including personally identifiable information, in connection with a merger, reorganization, or sale of assets, or in the event of bankruptcy. If in any such event, personal information is one of the assets transferred, we will provide notice as described in the paragraph "How Will We Notify You of Changes?" above.

Links to Other Sites. The Public Website may contain links to other sites, including under the "News and Events" and "Postini Resource Center" sections of the Public Website. Postini is not responsible for the privacy practices of any sites other than its own. This section on "Public Website Privacy" applies only to information collected by Postini on the Public Website. In addition, the webinar registration portion of our Public Website may contain links to other sites. We may use service providers to collect certain information about those users who register for our webinars including the user's name, title, company name, physical address, email address, phone and fascimile number, web address, job title, company size, and job function. Our service providers then provide us this information so that we may follow-up to provide our services to such users.

Security of Data. Postini treats data as a valuable asset, and applies technology and operations practices that are designed to ensure the security of this data both during transmission and while stored on our servers. Postini takes reasonable precautions to protect this data against loss, misuse, and alteration. To learn more, please see the Postini Security Statement.

Our Public Website includes certain testimonials from customers who have agreed to the use of their testimonials on our Public Website.

Service End User Privacy

What Is Covered by This Section? The paragraphs in this section provide information on how Postini uses and disseminates information collected about End Users of the Postini service through password-protected portions of our website, such as the Postini Portal, the Administration Console and the Message Center. It does not cover any other data processing activities. In the password-protected portions of our website, we observe the following privacy practices:

Personal Information About End Users is Supplied to Postini by their Email Service Providers. Postini does not require End Users to provide personal contact or demographic information. The only information Postini obtains about an End User is the End User's email address and the End User's configuration settings, as well as certain information in electronic messages (such as email messages or instant messages) that are or may be linked to End Users (collectively, "End User-specific information"). Information about an End User's email address is provided to Postini as a result of our customer relationship with the End User's email service provider. This information, as well as all the other data that Postini obtains about End Users, is controlled by the email service provider, not Postini. As such, if an End User wishes to correct or update his or her email address, the End User must contact his or her email service provider directly.

End User Control of Configuration Settings. If you are an End User of Postini services, and you wish to access your Message Center Account or adjust the application of the electronic message filtering solution to your account, you should follow the instructions provided by your email service provider. In addition, if you need to update or change the email address or other data that Postini may maintain about you, you should contact your email service provider for such changes. In turn, the email service provider will generally update the information that it provides to Postini for purposes of delivering the electronic message filtering services.

Passwords and Message Content. To log in to the Message Center for the first time, an End User must use the password provided by Postini, which is automatically generated. This password is not released to any party other than authorized personnel of the End User's email service provider, except as described herein. After the End User logs in for the first time, the End User will be prompted to enter a personalized, secret password. This password is not released to any other party. End User configuration settings and electronic messages are processed automatically by Postini's software, and humans do not review this information except as required by law or with the consent of the End User's email service provider. All End User-specific information, and electronic message information, including content, addresses, categorizations, and IP addresses, is kept confidential. Postini delivers its services in compliance with the existing service agreement between Postini and the End User's email service provider (and
End Users derive no legal rights from such agreements).

Contact Update. Our customers designate administrators with respect to the Postini service. These designated administrators may review and edit the contact information for their company directly by using the Contact Update feature, which is available in the Postini Support Portal.

Email Communications. For End Users with direct access to the quarantine area of the Message Center, Postini will provide email notification when emails with viruses and other email are quarantined in the Message Center on a schedule that may be determined by the End User or his or her email service provider. Generally an End User may not opt-out of these types of emails as they are necessary to provide the requested service and are not promotional in nature.

Use of Cookies. Postini uses cookies to store the name, email addresses, and configuration settings of End Users for session management. Other than name, email address and configuration settings, these cookies do NOT hold any personal information.

Framed Environments. If an End User's email service provider displays the Message Center in a "framed" environment, Postini cannot guarantee the privacy practices of that email service provider. In this case, the End User must contact his or her email service provider directly to obtain information about the privacy policies of his or her email service provider.

For Additional Information, Please Contact Your Email Service Provider.

EU Safe Harbor Privacy Statement

What Is Covered by This Section? The paragraphs in this section describe how Postini collects, uses, and discloses EU Personal Data, which is certain personally identifiable information that Postini receives in the United States about individuals in the European Union. Postini complies with the US-EU Safe Harbor Privacy Principles as set forth by the U.S. Department of Commerce ("EU Safe Harbor"), with respect to the collection, use, and retention of data from the European Union regarding EU Personal Data that it obtains about (i) Public Website visitors, (ii) individuals who are employed by or act on behalf of customers, suppliers, and business partners ("Business Contacts"), and (iii) end users of Postini services and individuals referenced in electronic messages covered by the services ("EU Emailers"). For further background and information about the EU Safe Harbor, please refer to the U.S. Department of Commerce's website at http://www.export.gov/safeharbor.

Public Website Visitors. Postini generally collects, uses, and discloses information about Public Website Visitors located in the EU in accordance with the section "Public Website Privacy" above.

Business Contacts. Postini may obtain various types of EU Personal Data about Business Contacts. Such data may include identifying information (names, titles, addresses, phone and fax numbers, and email addresses); information about products and services ordered or provided; financial and payment information; and other transaction-related data.

Postini may use these types of EU Personal Data for legitimate business purposes, including to deliver or provide products or services; to establish or maintain customer and business relationships; to perform accounting functions; and to conduct other activities as necessary or appropriate in connection with the servicing and development of the business relationship.

Business Contacts should email or otherwise contact Postini if any of their EU Personal Data changes, or if they would like to access and correct or remove EU Personal Data that Postini may maintain about them. In many instances, such access may be obtained through the newsletter updates and comparable procedures described in the section "Public Website Privacy" above. All access requests will be responded to within 30 business days of receipt. For other requests, Business Contacts may contact Postini as explained at the end of this EU Safe Harbor Privacy Statement. Also, to the extent that any Business Contacts receive marketing and or customer support communications from Postini, and wish to unsubscribe or otherwise stop receiving such communications, they can follow the instructions in such communications to unsubscribe.

EU Emailers. Postini provides a wide variety of services to its customers that facilitate the detection and filtering of spam and other unwanted emails, the filtering of electronic messages and the archiving of electronic messages. In the course of providing these services, Postini may obtain access to EU Personal Data about EU Emailers referenced in electronic messages covered by the services. Such data may include name and email address, and other information in the electronic messages covered by the services. Wherever Postini obtains or otherwise processes EU Personal Data about an EU Emailer, Postini acts as a mere data processor on behalf of its customer (the email service provider to the End User of the Postini service). The email service provider is the controller of the EU Personal Data, and Postini therefore processes such data strictly in accordance with the email service provider's instructions and pursuant to its contractual arrangements with the email service provider as Postini's customer.

If you are an End User of Postini services, and you wish to access your Message Center Account or adjust the application of the electronic message filtering solution to your email account, you should follow the instructions provided by your email service provider. In addition, if you need to update, change or remove the email address or other EU Personal Data that Postini may maintain about you, you should contact your email service provider for such changes. In turn, the email service provider will generally update the information that it provides to Postini for purposes of delivering the email filtering services.

Other Necessary Disclosures. Postini may disclose EU Personal Data to processors, or agents, as necessary in connection with the performance of requested services or solutions, or as otherwise appropriate in connection with a legitimate business need. Postini may also disclose EU Personal Data as necessary and legally permissible in connection with the sale or transfer of all or part of the business. In these situations, Postini will require the recipient of the data to protect the data in accordance with the relevant principles in the EU Safe Harbor, including providing appropriate notice to EU users, or otherwise take steps to ensure that the EU Personal Data is appropriately protected. Postini may also disclose EU Personal Data where required or permitted by law, or where Postini believes that such disclosures are appropriate in connection with a law enforcement request.

Data Security and Integrity. Postini takes reasonable precautions to protect EU Personal Data from loss, misuse and unauthorized access, disclosure, alteration, and destruction. Also, to the extent necessary or appropriate consistent with its role as a mere data processor, Postini makes reasonable efforts to keep EU Personal Data reliable for its intended use, accurate, current, and complete.

Copyright 2004, SPAMinaBOX.co.za