Verisign Privacy Statement

Version 2.9 - Effective July 30, 2018

VeriSign, Inc. and its subsidiaries (collectively, “Verisign”) are committed to processing your personal information in a fair and lawful manner. We have developed this Privacy Statement to inform you about how we handle personal information and about our privacy practices, including for the verisign.com website and any other Verisign websites that direct you to this Privacy Statement (the “Covered Sites”).

If you have questions or complaints regarding our Privacy Statement or privacy practices, please use one of the options listed in the “CONTACT VERISIGN” section at the end of this Privacy Statement.

I. OVERVIEW

This Privacy Statement will inform you of:

  • What information we gather.
  • How we use personal information.
  • When we share personal information.
  • Where we store and process personal information.
  • What security procedures we have in place to protect your personal information.
  • How long we keep personal information.
  • Your rights in relation to your personal information.
  • Our use of cookies, other tracking technologies and gathering of statistical data.

Please note that our Covered Sites may contain links to other unaffiliated third-party websites. Verisign is not responsible for the privacy practices, privacy statements, or content contained in or regarding these other unaffiliated third-party websites that do not include this Privacy Statement. You should consult the privacy statements associated with these unaffiliated third-party websites should you decide to visit them.

Third-party social media applications such as Facebook, Instagram or Twitter (each, a “Social Media Application”) may use buttons displayed on our Covered Sites that you may click on to “like” or “share” or “link” content available on our Covered Sites or “follow” Verisign or any of our product or service offerings made available on our Covered Sites. These buttons may record your IP address, browser type and language, access time and referring website addresses. When you are logged in to those Social Media Applications, they also may link this collected information with your profile information on that Social Media Application. We do not control these third-party tracking technologies and you understand and agree that any Social Media Application’s use of information collected from you (or as authorized by you) is governed by the Social Media Application’s privacy policies, terms or service and your settings on the applicable Social Media Application(s).

If you respond in a blog forum on our Covered Sites, you should be aware that any personal information you submit there will be stored on our servers and can be read, collected, or used by other users of these blog forums, and could be used to send you unsolicited messages. Verisign is not responsible for the actions that other users of the blog forums take in relation to personal information you choose to submit in the forums. You are also responsible for using these forums in a manner consistent with the Rules of Engagement or other terms and conditions set forth on the relevant forum website.

II. WHAT INFORMATION WE GATHER

“Personal information” means any information relating to an identified or identifiable person. An “identifiable person” is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (such as IP addresses, cookies and other identifiers to the extent that they can be used directly or indirectly – for example by combination with unique identifiers and other information received by Verisign servers to identify a data subject), or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that person.

We may collect, use, store and transfer different kinds of personal information about you, which we have grouped together as follows:

  • Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, job title, company name, date of birth and gender.
  • Contact Data ncludes billing address, delivery address, email address and telephone numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data includes internet protocol (“IP”) address, cookies, java script, web beacons, clear gifs, HTTP headers, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access Covered Sites
  • Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback, survey responses, and any unsolicited personal information not otherwise covered by this Privacy Statement that you choose to submit in an enquiry or webchat, on a blog forum or otherwise on our Covered Sites or in person to a Verisign representative at an event.
  • Usage Data includes information about how you use the Covered Websites (for example time of day, duration of visit, pages visited, actions taken on pages), and/or our products and services.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
  • Social Media Application Data includes, without limitation, your public profile, social media relationships, listed work and education history, listed hometown and current city, profile photos, personal description and “likes.”

Occasionally we collect and process what may be considered sensitive personal information.

Sensitive personal information is a category of personal information which relates to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person's sex life or sexual orientation. For example, we have mentioned above that we may collect certain information made available through Social Media Applications. This information may contain sensitive personal information. In addition, the information that you submit in blog forums (or otherwise) on our Covered Sites or by telephone may include sensitive personal information. We do not collect any information about criminal convictions and offences.

We will only process sensitive personal information on the basis that (i) it has manifestly been made public by you, or (ii) the processing is necessary (a) in relation to legal claims, (b) for reasons of substantial public interest, or (c) where we need to carry out certain legal obligations and/or exercise certain rights relating either to Verisign or you.

III. HOW WE USE PERSONAL INFORMATION

We will only use your personal information in a manner that is consistent with applicable laws.

Most commonly, we will use your personal information in the following circumstances:

  • Where it is necessary for the purposes of our legitimate interests or those of a third party (e.g., for the provision of our services or products, the operation of our business or a third party’s business, or the marketing of products or services by us to you in circumstances where you have already bought or subscribed for similar Verisign products or services) and your interests and fundamental rights and freedoms do not override our legitimate interests.
  • Where we need to comply with our legal obligations.
  • Where we need to perform a contract we have entered into with you or in order to take steps at your request prior to entering into a contract.
  • Insofar as the use relates to sending you marketing communications, where we have your active consent to send you such communications (except where you have bought or subscribed for one or more of our products or services, and we market similar products or services to you).

We may also use your personal information in the following situations, which are likely to be rare:

  • Where we need to protect your interests (or someone else's interests).
  • Where it is needed in the public interest or for official purposes.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent where this is required or permitted by law.

Purposes for which we may use your personal information

We have set out below, in a table format, a description of all the ways in which we plan to use your personal information, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Note that we may process your personal information for more than one lawful ground depending on the specific purpose for which we are using your information. Please contact us (using the contact details at the end of this Privacy Statement) if you need details about the specific legal ground we are relying on to process your personal information where more than one ground has been set out in the table below.

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To register you as a new customer (a) Identity
(b) Contact
Performance of a contract with you
To process and deliver your order (including renewals) including:
(a) Managing payments, fees and charges
(b) Collecting and recovering money owed to us
(a) Identity
(b) Contact
(c) Financial
(d) Transaction
(e) Marketing and Communications
(a) Performance of a contract with you
(b) Necessary for our legitimate interests (to recover debts due to us)
To manage our relationship with you, which will include:
(a) Notifying you about changes to our terms or privacy policy
(b) Asking you to submit a review or take a survey
(c) Interacting with you (and enabling you to interact with others) on or using our Covered Sites
(d) Your use of our products/services (including facilitating and supporting such use)
(a) Identity
(b) Contact
(c) Profile
(d) Marketing and Communications
(e) Social media application
(f) Usage
(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services, to facilitate the use of our products/services, to develop them and grow our business)
To enable you to partake in a survey (a) Identity
(b) Contact
(c) Profile
(d) Usage
(e) Marketing and Communications
Necessary for our legitimate interests (to monitor/improve the use of and satisfaction with the Covered Sites, and improving our customer service and product offerings)
To administer and protect our business and Covered Sites including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) (a) Identity
(b) Contact
(c) Technical
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)
(b) Necessary to comply with a legal obligation
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences (a) Technical
(b) Usage
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop
our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that may be of interest to you (a) Identity
(b) Contact
(c) Technical
(d) Usage
(e) Profile
(f) Marketing and Communications
(g) Social Media Application Data
Necessary for our legitimate interests (to develop our products/services and grow our business)
Consent (in limited circumstances only – please see the Marketing section below for further details)

Compliance with Legal Obligations and Protection of Verisign and Others

We may be required to use and retain personal information for legal and compliance reasons, such as the prevention, detection, or investigation of a crime; loss prevention; or fraud. We may also use personal information to meet our internal and external audit requirements, and as we otherwise believe to be necessary or appropriate: (a) under applicable law, which may include laws outside your country of residence; (b) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence; (c) to enforce or apply our contractual rights; and (d) to otherwise protect our rights, privacy, safety, or property, or those of other persons.

Business Transitions

Circumstances may arise where, whether for strategic or other business reasons, Verisign decides to sell, buy, merge, or otherwise reorganize businesses or business units in some countries. Such a transaction may involve the disclosure of personal information to prospective or actual purchasers, or the receipt of it from sellers. It is Verisign's practice to seek appropriate protection for information in these types of transactions.

Marketing

We may use your personal information (including cookies – for more information on how we use cookies, please see Section IX below) to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

  • Where it is necessary for the purposes of our legitimate interests or those of a third party (e.g., for the provision of our services or products, the operation of our business or a third party’s business, or the marketing of products or services by us to you in circumstances where you have already bought or subscribed for similar Verisign products or services) and your interests and fundamental rights and freedoms do not override our legitimate interests.
  • You may receive marketing communications from us if you have purchased products or services from us, we have identified similar products or services that may be relevant for you and, in each case, you have not opted out of receiving that marketing.
  • We will get your express opt-in consent before we market products or services to you that are not similar to products or services you have purchased from us before, or if we share your personal information with any company outside the Verisign group of companies for marketing purposes.
  • You can ask us or third parties to stop sending you marketing messages at any time. If you receive a marketing communication from us, the communication will contain an option to opt-out of further communications. If you receive a marketing communication from one of our business partners, or from social media providers or independent resellers, you should opt out with that entity directly. You can also contact us at any time to opt-out using the details given at the end of this Privacy Statement.

IV. WHEN, WHY AND WITH WE WHOM SHARE PERSONAL INFORMATION

We may disclose personal information for the purposes set out in the table in Section III above. When we share personal information, we do so in accordance with our data privacy and security requirements. Below are the parties with whom we may share personal information and why.

Within Verisign. Personal information will be made available to Verisign businesses around the world if necessary for the provision of our products and services, account administration, sales and marketing, customer and technical support, and business and product development, for instance. All of our employees and contractors are required to follow our data privacy and security policies when handling personal information.

Business Partners and Independent Resellers. There may be situations in which we provide your personal information to a Verisign business partner or independent reseller so that they can facilitate the provision, support, renewal, and/or purchase of Verisign products and services. Please be assured that these Verisign business partners nd independent resellers have agreed to ensure the privacy and security of any transferred information and may only use the shared information to send you information about products or services about which you asked, or for sending updates or providing services on our behalf.

Third-party service providers. We partner with and are supported by service providers around the world. Personal information will be made available to these parties only when necessary to fulfill the services they provide to us, such as software, system, and platform support; direct marketing services; cloud hosting services; advertising; data analytics; and order fulfillment and delivery. Our third-party service providers are not permitted to share or use personal information we make available to them for any purpose other than to provide services to us.

Third parties for legal reasons. We will share personal information where we believe it is required (i) in order to comply with our legal obligations and protect Verisign and others as set out in Section III above, and (ii) in the context of a business transition as set out in Section III above.

To find out the names and locations of the subsidiaries, business partners, and/or independent resellers to whom we have provided your information, please contact us at the address given at the end of this Privacy Statement.

V. WHERE WE STORE AND PROCESS PERSONAL INFORMATION

Verisign is a global organization, and your personal information may be stored and processed outside of your home country. We take steps to ensure that the information we collect is processed according to this Privacy Statement and the requirements of applicable law wherever the data is located.

Verisign has networks, databases, servers, systems, support, help desks and offices located around the world, including outside the European Union (“EU”).

We use third party service providers located around the world, including outside the EU to serve the needs of our business, workforce, and customers. We take appropriate steps to ensure that personal information is processed, secured, and transferred according to applicable law. In some cases, we may need to disclose or transfer your personal information within Verisign or to third parties in areas outside of your home country (including areas outside the EU).

We may transfer the personal information we collect about you to recipients in countries other than the country in which the information originally was collected. Those countries may not have the same data protection laws as the country in which you initially provided the information. When we transfer your information to recipients in other countries (such as the U.S.), we will protect that information as described in this Privacy Statement and will comply with applicable legal requirements providing adequate protection for the transfer of personal information to recipients in countries other than the one in which you provided the information.

If you are located in the European Economic Area (“EEA”) or Switzerland, with respect to transfers of personal information to the U.S., VeriSign, Inc. is certified under the EU-U.S. and Swiss-U.S. Privacy Shield frameworks developed by the U.S. Department of Commerce, and the European Commission and Swiss Federal Data Protection and Information Commissioner, respectively, regarding the transfer of personal information from the EEA and Switzerland to the U.S. Click here to view our EU/Swiss-U.S. Privacy Shield Privacy Policy.

VI. OUR SECURITY PROCEDURES

We consider the protection of all personal information we receive from our Covered Sites’ visitors and subscribers as critical to our corporate mission. We have security measures in place to protect against the loss, misuse, and alteration of any personal information we receive from you. As with any transmission over the Internet, however, there is always some element of risk involved in sending personal information.

Our security procedures are subject to at least an annual SOC Type II audit by an internationally recognized accounting firm.

VII. HOW LONG WE KEEP PERSONAL INFORMATION

We will only retain your personal information in identifiable form for as long as needed for the purposes for which it is gathered and processed. In determining retention periods, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. When we no longer need personal information, we either anonymize, securely delete or destroy it.

VIII. YOUR RIGHTS IN RELATION TO YOUR PERSONAL INFORMATION

We respect the rights that you have in relation to your personal information, and we will respond to requests for information and, where applicable, will correct, amend, or delete your personal information.

Access to personal information. We will give you access to your personal information upon written request, subject to any relevant legal requirements and exemptions, including identity verification procedures. Before providing information to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data. Except where it is not permissible under applicable law, we may also charge you a fee for providing you with a copy of your data.

Correction and deletion. You have the right to correct or amend your personal information if it is inaccurate or requires updating. You have the right to request deletion of your personal information; however, this is not always possible due to legal requirements and other obligations and factors.

Data portability. You may have the right to (i) obtain personal information concerning you, which you have provided to Verisign, and (ii) transmit such information to another data controller. The information may be transmitted directly from Verisign to the other data controller where feasible.

Direct marketing. We may send you marketing communications as set out above. Where your personal information is processed for direct marketing purposes, you have the right to object at any time to such processing, which includes profiling to the extent that it is related to such direct marketing. All of Verisign’s direct marketing communications include an “unsubscribe” link to enable you to easily opt-out of future communications.

Withdrawal of consent. Where Verisign is processing your personal information on the basis that you have consented to such processing, you have the right to withdraw that consent at any time. Once we have received written notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Objection to and/or restriction of processing of personal information. You have the right to (i) restrict the processing of your personal information in certain circumstances (e.g., where you contest the accuracy of your personal information); and (ii) object to certain types of processing of personal information.

Lodging a complaint. If you are not satisfied with how Verisign manages your personal information, you have the right to lodge a complaint to a data protection regulator. A list of National Data Protection Authorities can be found here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.

IX. USE OF COOKIES, OTHER TRACKING TECHNOLOGIES AND GATHERING OF STATISTICAL DATA

In addition to the personal information identified above, we use "cookies" and other statistical and tracking technologies as described in this Section in connection with the operation of our Covered Sites. A cookie is a piece of information that our Covered Sites send to your browser, which then stores the cookie information on your system. Other statistical and tracking technologies, such as web beacons, clear gifs, HTTP headers, also work in ways that collect information about your visit and use of our Covered Sites. We may use both temporary and persistent cookies based on the cookie’s purpose. Some cookies are deleted when you close down your browser. These are known as session cookies. Others remain on your device until they expire or you delete them from your cache. These are known as persistent cookies and enable us to remember things about you as a returning visitor to our Covered Sites. We use these technologies in four ways:

  • To provide a product or service: A cookie may be used to provide you with a specific product or service. For instance, if you request our Covered Sites to remember your login password or remember your profile in a response to a blog post, we deposit a cookie on your computer to facilitate that request. If you are logging into an access-controlled section of our Covered Sites, we set a temporary session cookie to establish that you have been authenticated. The information contained in these cookies consists of random data that is used by our server to authenticate the browser requests to the server for that particular session. These cookies do not include any type of personal information. This bit of information is erased when you close your current browser window. If you choose not to accept a temporary cookie, you will not be able to navigate in these online applications. We also use a cookie when you visit our Covered Sites and request documentation or a response from us. When you are filling out a form, you may be given the option of having our Covered Sites deliver a cookie to your local hard drive. You might choose to receive this type of cookie in order to save time in filling out forms and/or revisiting our Covered Sites. We only send this type of cookie to your browser when you have clicked on the box labeled "Please remember my information" or another box with an equivalent content when submitting information or communicating with us.
  • To facilitate website use: If a cookie is used, our Covered Sites will be able to remember information about your preferences and movement either until you exit your current browser window (if the cookie is temporary) or until you disable or delete the cookie. For instance, we may deposit a cookie to remember which of Verisign’s regional Covered Sites you have selected to access. Many users prefer to use cookies in order to help them navigate a website as seamlessly as possible. If you are accessing our services through one of our online applications, our web server may automatically send your browser a temporary cookie, which is used to help your browser navigate our Covered Sites. The information contained in these temporary cookies is a direction value that lets our software determine which page to display when you hit the back button in your browser. This bit of information is erased when you close your current browser window.
  • To understand our visitors: When you visit our Covered Sites, our systems may automatically collect statistics in aggregate about visitor behavior. We may monitor statistics and other data, such as how many people visit our site, the user's IP address, which pages people visit, how users interact with page content and functionality, from which domains our visitors come, which browsers people use and how they move about our Covered Sites. We use this data about your visit for aggregation purposes only. These statistics are used to help us to understand our visitors’ interests and improve the content and performance of our Covered Sites. If you come to our site from one of our business partners, our web server may also send your browser a temporary cookie that reflects an origination code for that business partner. We use this information for statistical and marketing purposes.

    We also use a cookie when we track traffic patterns on our Covered Sites. Analysis of the collected information by our tracking technologies allows us to improve our Covered Sites and the user experience. If you choose not to accept a persistent cookie, you will still be able to use our Covered Sites. Even if you choose to receive this type of cookie, you can always set your browser to notify you when you receive any cookie, giving you the chance to decide whether to accept it in each situation in which one is sent. We may supplement this unidentified user data with other data to better understand our users. For instance, we may relate a user’s IP address to the company to which it relates to better understand our visitors’ interests.
  • To advertise: We may tailor our advertisements to certain users based on the unidentified user data and related information. Also, we may receive information on unidentified users’ movements on other websites to tailor advertisements to them on our Covered Sites and, likewise, provide unidentified user information to service providers, such as an ad agency, who places our advertisements on other websites to market to these users that visit them. You can opt out of this tracking by accessing the link below. You will need to invoke these opt-out procedures on each computer you use. If you opt out, you may still see Verisign advertisements on other websites you visit, but these ads are not user specific and are not placed because of your past visits to our Covered Sites.

To opt out of advertising which utilizes cookies, access the following link:

http://www.networkadvertising.org/choices/

All major Internet browsers allow you to control cookies. You can learn more about adjusting browser controls at the following website: http://www.aboutcookies.org. (Note that Verisign does not control this website and is not responsible for its content. It is provided as information only. For the most current browser-specific information, please consult your browser’s manufacturer).

Do Not Track

We do not respond to Do Not Track signals.

If you are in the EU, you may opt-out of certain third-party cookies that we and other websites may use for targeting through http://www.youronlinechoices.eu or www.aboutads.info. Opting out of one or more ad networks only means that those particular members no longer will deliver targeted content or ads to you. It does not mean you will stop receiving any targeted content or ads on our Covered Sites or other third-party websites. If your browser is configured to reject cookies when you visit one of the above referenced opt-out pages, and you later erase your cookies, use a different computer or change web browsers, your preference may no longer be active. Since all of these cookies are managed by third parties, you should refer to the third parties' own website privacy notifications and policies for further information.

Can I withdraw my consent?

If you wish to withdraw your consent at any time, you will need to delete your cookies using your Internet browser settings, and disable cookies. Please note that disabling cookies will affect the functionality of our Covered Sites, and may prevent you from being able to access certain features on our Covered Sites.

X. CHANGES TO THIS PRIVACY STATEMENT

It is important that you check back often for updates to this Privacy Statement. If a material change is made to this Privacy Statement and/or the way we use our customers' personal information, we will post a prominent notice on the Covered Sites and/or by means of other methods of contact such as email.

XI. CONTACT VERISIGN

If you have questions or complaints about this Privacy Statement, you may contact us in the following ways:

  • You may email us at privacystatement@verisign.com. Please specify "Privacy Statement" in the subject line of your email.
  • You may call us at +1 703-948-3350
  • You may write to us at

VeriSign, Inc.
Verisign Law Department
12061 Bluemont Way
Reston, VA 20190
Attn: Privacy Committee