Privacy Frequently
Asked Questions

Verisign has a Global Privacy Officer who is responsible for ensuring that the company’s global data privacy functions are effective and performed in a comprehensive and coordinated manner across the entire business and in compliance with global privacy laws and regulations. Among other things, the Global Privacy Officer designs and implements Verisign’s enterprise-wide privacy-related compliance programs, overseeing employee training and the investment in new privacy tools. The Global Privacy Officer may be reached at:

VeriSign, Inc.
Attn: Global Privacy Officer
12061 Bluemont Way
Reston, Virginia 20190
United States of America
contactprivacy@verisign.com

While Verisign does not believe it is required to have one, it has voluntarily designated the following individual to serve as DPO:

VeriSign, Inc.
Attn: Data Protection Officer
12061 Bluemont Way
Reston, Virginia 20190
United States of America
dpo@verisign.com

Verisign has an Information Security organization with experts in implementing, organizing, updating, and supervising Verisign’s high level of data security measures.

Verisign´s commitment to keeping our clients´ data confidential spreads throughout our organization, with all Verisign employees and partners having policy requirements or contractual commitments with Verisign to handle and maintain client data with utmost secrecy and confidentiality. We also offer regular training to all employees regarding security and privacy matters. In addition, relevant information from Verisign’s written information security policies is available in the applicable SOC 2 or SOC 3 reports that can be shared with customers.

Verisign meets the AICPA, Trust Services Principles and Criteria (System and Organization Controls (“SOC”) Audits) (www.aicpa.org). This is subject to an annual audit and report (SOC 2 Type II & SOC 3 -- Report on Controls at a Service Organization Relevant to Security, Availability, and Processing Integrity).

Verisign ensures that its employees undergo training in relation to data protection awareness and the handling of sensitive personal data.

Verisign routinely undergoes AICPA, Trust Services Principles, and Criteria (System and Organization Controls (“SOC”)) and Sarbanes-Oxley Act of 2002 (“SOX”) compliance audits relating to the key products and services that it provides around the world.

Verisign has implemented and will continue to maintain appropriate technical and organizational security measures for customer data. These measures involve Verisign infrastructure, software, employees, and procedures and take into account the nature, scope, and purposes of the processing as specified in the customer’s agreement. The security measures are intended to protect data against the risks inherent in the processing of personal data, in particular risks from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to customer data transmitted, stored, or otherwise processed.

Verisign adheres to the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) (collectively, the DPF). The DPF was designed by the U.S. Department of Commerce to provide companies with a mechanism to comply with data protection requirements when transferring data from the European Union, United Kingdom, and Switzerland to the United States. More information about the DPF can be found at https://www.dataprivacyframework.gov/.

In case of requests, Verisign will provide its customers with reasonable support to help with any data privacy matters, including providing information regarding Verisign’s data privacy compliance activities.

Verisign has never been subject to a complaint related to data protection from either an individual or an applicable data protection supervisory authority.