MacUSA
Chicago, IL USA

Date: October 30, 2000
Last Revised: June 1, 2009

Scope
This policy covers the privacy practices that MacUSA employs when providing network-based support, consulting and outsourcing services to its customers (which are referred to collectively as "Hosting Services"). We have established a separate policy for Hosting Services because of the significantly different nature of the information provided to MacUSA in connection with such services and, as a result, the difference in how such information is treated by MacUSA.

Customer Information and Hosted Data
In order to let you know how we treat hosted information, it is important to make a distinction between information that MacUSA has about its customers ("Customer Information") and data we host on behalf of those customers, some of which has to do with our customers' employees, vendors, partners, suppliers and/or clients ("Hosted Data").

Customer Information is information that is part of the interaction between us and the people who visit MacUSA to purchase products/services or directly interact with MacUSA on its subsidiary sites or through our publications, store or sales operations. Customer information includes both online and offline collection of information, and both direct (registration forms, etc.) and automated (cookies, etc.) collection of information. We deal with Customer Information according to the terms of our general privacy policy.

Hosted Data is typically data that resides on MacUSA, Customer or Third-party systems (including both outsourcing environments and test, development and production environments accessed as part of MacUSA consulting and support services) for which MacUSA provides Hosting Services. This policy applies to the personally identifiable information that may be provided or accessed as a result of these outsourcing, consulting and/or support services. MacUSA treats Hosted Data according to the terms of this policy, and treats Hosted Data as confidential in accordance with the terms of the relevant agreement between you and MacUSA under which MacUSA agrees to provide Hosting Services.

The following example may help further clarify some of the differences between Hosted Data and Customer Information. "Hosted Services Customer (HSC)" contracts with MacUSA for outsourcing services. When accessing and when contracting with MacUSA, HSC provides information about itself to MacUSA, including its name, address, billing information, and some employee contact information for those who will administer the contract. MacUSA's web site may also collect some information about HSC and some employees as part of that interaction. All of that information is Customer Information, and is treated according to MacUSA's general Privacy Policy. Having contracted with MacUSA for outsourcing services, HSC then provides MacUSA with access to its production outsourcing environment, which may include personal information about its employees, customers, partners or suppliers (collectively "Hosted End Users"). This policy covers the personal information that is provided to or accessed by MacUSA in the Hosted Data or in any personal information that may be collected as part of MacUSA's resulting interactions that deal with HSC's Hosted End Users personal information.

Company-wide Approach to Privacy and Safe Harbor Certification
MacUSA serves a global community, providing hosting services for more than 80 countries, and we have developed information practices designed to assure that Hosted Data and Customer Information accessed in connection with Hosting Services are appropriately protected.

In light of the worldwide nature of our business, MacUSA's privacy practices are self-certified to the Safe Harbor Program agreed to by the US Department of Commerce and European Commission. For more information about the Safe Harbor, go to Welcome to the Safe Harbor. MacUSA's Hosting Services Policy is consistent with MacUSA's general Privacy Policy and with MacUSA's participation in the safe harbor. MacUSA maintains a separate privacy policy for Hosting Services to clarify that use of information in circumstances covered by this policy is more limited than under the general privacy policy.

While our main data centers are in the USA, we may transfer Hosted Data provided by customers to the appropriate MacUSA office, service engineer or consultant to provide the necessary service or information requested by the customer. In order to provide service in a timely, cost-effective and efficient manner, Hosted Data provided to MacUSA will be made available to authorized MacUSA users across other MacUSA offices that need access to the information to accomplish customer requirements. MacUSA's policies require all MacUSA employees and offices worldwide that access Hosted Data to comply with our requirements for the protection of Hosted Data.

1. Hosted Data and How We Collect and Use It
MacUSA has access to Hosted Data in connection with Hosting Services and in accordance with the terms of the relevant agreement between MacUSA and its hosted customer. MacUSA may process Hosted Data, but does not control cutomers' information collection or use practices related to Hosted Data. MacUSA merely provides the relevant application management and support services and may provide storage of Hosted Data. MacUSA has no liability for your failure to provide any appropriate notice and/or obtain any appropriate consent prior to transferring Hosted Data to MacUSA. MacUSA makes no independent use of the Hosted Data outside of what is needed to provide the Hosting Services. Below we set forth the conditions under which Hosted Data may be accessed as well as the possible circumstances under which there may be direct interaction with Hosted End Users.

To Provide Services Requested By Customer. Hosted Data will be accessed as required to fulfill the requirements of the Hosted Services contract or subsequent requests for service by our Hosted Services Customer.

To Provide Support. Hosted Data collected/accessed for this purpose may include contact information and information related to products and support requested by a Hosted Services Customer or a Hosted End User and may include information related to a service issue.

To Maintain and Upgrade the System. Technical staff may require periodic access to Hosted Data to monitor system performance, test systems and develop and implement upgrades to systems. Any temporary copies of Hosted Data created as a necessary part of this process are only maintained for periods of time relevant to those purposes.

To Address Performance and Fix Issues. On occasion, patches and other fixes to software, such as security patches addressing newly discovered vulnerabilities, are supported by MacUSA. In accordance with the terms of your contract for Hosting Services and/or with notice to you, we may access your test and development or production environment, including Hosted Data, to validate that such patches and fixes work in your environment(s).

As a Result of Legal Requirements. MacUSA may be required to provide personally identifiable information to comply with legally mandated reporting, disclosure or other legal process requirements.

2. Communication, Preferences and Opt-Out
Communication preferences and opt-outs, if any, are controlled by the terms of the contract between MacUSA and a Hosted Services Customer. MacUSA does not use Hosted Data for its own marketing, but may market to Hosted End Users if there are pre-existing relationships or independent contacts with the Hosted End User. The ability to opt out of those marketing contacts is covered in MacUSA's general Privacy Policy. MacUSA may make limited use of cookies in certain environments to facilitate user session transitions between servers; end user specific information is not retained, however. Please also note that Hosted Customers may deploy cookies that are returned to them. These are not accessed by MacUSA.

3. Access
MacUSA may access the customer's hosted environment to provide the necessary support, to resolve an issue or inquiries into performance-related issues, or for periodic maintenance and management of the systems. MacUSA also may require that the customer provide access to user information to validate that a particular issue has been resolved. All access to the customer's system is controlled via an access control list (ACL) mechanism, as well as the use of an account management framework, to ensure security at the system and user level. Access to personal information by the Hosted End User is controlled by the Hosted Services Customers and Hosted End Users should direct any requests for disclosure or correction of personal information to the Hosted Services Customer.

4. Security
MacUSA is concerned with the security of the personally identifiable information and has in place measures designed to prevent unauthorized access to that information. These measures include policies, procedures, and technical elements relating to data access controls. In addition, MacUSA uses standard security protocols and mechanisms in the transmission of sensitive data.

5. Compliance Issues
Should you believe your data has been used in a way that is not consistent with this policy or your stated preferences, or should you have further questions related to this policy, please contact us by email at support@MacUSA.net. Written inquiries may be addressed to Chief Privacy Officer, MacUSA, 10222 S 80th Court, Palos Hills, IL 60465, United States of America.

 Updated: 6/1/2009