Enterprise and other applications provided by Access International ("Access") provide a number of functional components to insure compliance with the Payment Card Industry (PCI) Data Security Standard. These features include integration with IATS for PCI compliant credit card processing, user account management to enforce PCI user requirements, and the ability to encrypt sensitive data elements.
Enterprise and PledgeLink include integration of IATS for credit card processing to eliminate the need to maintain credit card data within the application database. IATS fully supports and endorses PCI compliance and is certified at Level 1 by TrustWave Ambiron. Within Enterprise, the IATS integration results in the elimination of all credit card numbers and security codes from the application database when the transaction is processed. Additionally, this functionality maintains the ability to process reoccurring charges or, additional one time donations, without the donor's credit card information. Within PledgeLink, the IATS integration includes a direct secure connection to the IATS processing center to allow for the secure processing of credit card transactions without any credit card data being transmitted to the PledgeLink web or database servers.
In addition to insuring PCI compliance for credit card data, Enterrpise and other Access applications provide user management features to insure organizations meet the requirements specified for PCI compliance. User logins separate from the network and database logins can be created for Enterprise to enable a separate layer authentication. Additionally, logins can be created to enforce password expiration dates and insure that users are adhering to the PCI requirements to change passwords on a regular basis.
All sensitive data maintained within the application databases is encrypted to prevent individuals who gain unauthorized access from viewing this data. This includes user passwords and credit card data that is awaiting processing by IATS.
1. What personally identifiable information of yours is collected through the Site;
2. Who collects such information;
3. How such information is used;
4. With whom your information may be shared;
5. What choices you have regarding collection, use and distribution of your information;
6. What kind of security procedures are in place to protect the loss, misuse or alteration of information under our control;
7. and, How you can correct any inaccuracies in your information.
What Information We Collect and How We Use That Information
Areas of our Site require users to give us contact information that may include name, e-mail address, format preference (HTML vs. Text), address, interests, and similar information. We do not request or store sensitive information from our visitors such as credit card or social security numbers. We use customer contact information from the registration forms to send the user requested information about our company. We never sell, share or trade any of our customer information with other companies.
Contact and Profile Information
ACCESS International is the sole owner of the information collected on the Site. This Site does not collect personally identifying information about users except when you specifically and knowingly provide it. For example, we collect information from you in the following ways:
Some areas of our Site request or require contact and other information. During the registration process, we collect personal and other information such as your name, address, and e-mail address. Demographic and profile data (e.g., age, gender and income level) may also be collected at our Site. We use such data to improve our marketing and promotional efforts, to statistically analyze site usage, to improve our content and product offerings and to customize our site's content, layout, and services.
Additionally, this data may be shared with advertisers or other third parties solely on an aggregated basis. We do not share any personally identifying information with any third party without your consent, except to a court or governmental agency if required by law.
Internet Protocol Address
We collect an IP address from all visitors to our Site. An IP address is a number that is automatically assigned to your computer when you use the Internet. We use IP addresses to help diagnose problems with our server, administer our Site, analyze trends, track users' movement, gather broad demographic information for aggregate use in order for us to improve the site, and deliver customized, personalized content. IP addresses are not linked to personally identifiable information.
Information from Children
Our Site is for adults and usage by children is not intended. We make efforts to verify the age of our users in order to avoid collecting personal information from children, and do not seek to collect personal information about children through our Site. If a child submits information to us through any part of our Site, and we know that the user submitting the information is a child, we delete the information as soon as we discover it and do not use it for any purpose, nor do we disclose it to third parties.
Use of "Cookies"
All information provided to ACCESS International is transmitted using SSL (Secure Socket Layer) encryption. SSL is a proven coding system that lets your browser automatically encrypt, or scramble, data before you send it to us. We also protect account information by placing it on a secure portion of our Site that is only accessible by certain qualified employees of ACCESS International. Unfortunately, however, no data transmission over the Internet is 100% secure. While we strive to protect your information, we cannot ensure or warrant the security of such information.
ACCESS International provides users with the opportunity to opt-out of receiving communications from us at any time. ACCESS International gives users the following options for removing their information from our database to not receive future communications.
You can e-mail us at firstname.lastname@example.org.
You can click on the "Unsubscribe" link included at the bottom of your e-mail and follow the instructions on the Web page. Our unsubscribe requests are processed immediately.
ACCESS International gives you the following options for changing and modifying information previously provided. Upon your request, we will also remove any other personally identifying information we may retain from our databases. To make any such changes or requests:
E-mail us at email@example.com.
We may conduct occasional online surveys via our Website or via an e-mail newsletter. These surveys are entirely voluntary and you may easily decline to participate. Participating in an online survey does not automatically add your name to the subscriber list for the ACCESS International Newsletter.
Other Web Sites
Our Site may contain links to other Web sites. Please note that when you click on one of these links, you are entering another Web site for which ACCESS International has no responsibility. We encourage you to read the privacy statements on all such sites as their policies may be different than ours.
Contacting the Web Site
1035 Cambridge Street, Suite 2
Cambridge, MA 02141