ES Research Group, Inc.
- Collection. Personally-Identifiable Information will only be collected where ESR identifies a reasonably necessary and legitimate business purpose, at its sole discretion. Please be aware that if you disclose Personally-Identifiable Information on Web Site message boards or chat rooms, that information may be collected and used by third parties without ESR’s knowledge or permission and may result in unsolicited communications from third parties. Such activities are beyond the control of ESR and you recognize and agree that ESR is not liable for such communications.
- Choice: Opt Out. ESR does not provide any Personally Identifiable Information to third parties. Any third party communications ESR believes are relevant to you will be sent directly by ESR, as affiliate offers. You may elect not to receive affiliate offers from ESR during Registration or Update.
- Security. Appropriate safeguards have been implemented in an effort to ensure the security, integrity and privacy of Personally-Identifiable Information about ESR’s customers and prospects. Specifically, ESR performs a 1-way encryption of passwords and password recovery questions. This encryption uses a method which creates a 32 character string from the information you provide. The encryption always produces the same string from the same input. However, it is difficult to convert the 32 character string back into the original information provided. This way, for example, when you select a password, ESR encrypts the password and saves it. Every time ESR asks you for your password, ESR encrypts the password you give ESR and compares it to the encrypted password ESR saves. They must match. If anyone were to hack ESR’s database, they would only get the encrypted term and even resubmitting that term will encrypt to a different result. ESR cannot recover your password or your test question answer. If you lose them, you must re-create new password and test question answers. ESR does not encrypt your Address or other personal information it must retrieve. However, ESR’s database is password protected and behind a firewall for your protection. As there can never be a guarantee that a sophisticated and determined hacker cannot penetrate the database, you agree to and do hereby release ESR from any and all liability for disclosure of your Address, Personally Identifiable Information and/or Sensitive Data.
- Access: Review and Correction. You can review and change or correct the Personally-Identifiable Information that has been collected by ESR. These procedures may not, however, compromise the security, integrity and privacy of either ESR's own proprietary databases or databases licensed from third party companies. Methods of review and correction require a valid login.
- Sensitive Data. The collection and use of Sensitive Data carries with it special obligations and responsibilities in order to maintain such data's security, integrity and privacy. Sensitive Data is not rented or otherwise made available outside ESR, except that such data may be made available through Data Forwarding as described below. Customers and prospects will be given the opportunity to refuse permission for their Sensitive Data to be distributed outside of the business unit that collected the Sensitive Data through use of an Opt Out mechanism for internal distribution within ESR.
- Data Forwarding. At this time, the only forwarding of data occurs either by request of a verified, legitimate government agency as required by law, or the minimum data necessary to process a credit card, check or other payment for services.
- provide parents or guardians with Notice of our information practices;
- obtain prior verifiable parental or guardian consent for the collection, use, and/or disclosure of Personally-Identifiable Information from children;
- provide a parent or guardian, upon request, with the means to review the Personally-Identifiable Information collected from his or her child;
- provide a parent or guardian with the opportunity to prevent the further use of Personally-Identifiable Information that has already been collected, or the future collection of Personally-Identifiable Information, from that child;
- limit collection of Personally-Identifiable Information for a child's online participation in a game, prize offer or other activities to Personally-Identifiable Information that is reasonably necessary to participate in the activity; and
- establish procedures to protect the confidentiality, security and integrity of the Personally-Identifiable Information collected from children.