Privacy Policy

ES Research Group, Inc.
Privacy Policy for its Web Site

The web sites located at www.ESResearch.com and www.ESResearchCorp.com (together, the “Web Site”) is a web site developed and maintained by ES Research Group, Inc. (“ESR”). When you register with ESR (1) for any of the Web Site’s Registered Guest or Subscription levels; or (2) upgrade from one Subscription level of the Website to another Subscription level (each, a “Registration”), your E-mail address (“Address”) is added to our electronic mailing list so that, from time to time, we can send you information about our latest publications and about new features, additions, and changes to our Web Site. ESR does not send you such emails if you opt out of such notices upon Registration or subsequently by updating your subscription profile. ESR does not provide Address information to any third parties. If you have indicated your interest in affiliate offers by having opted for such notices upon Registration or subsequently by updating your subscription profile (an “Update”), ESR carefully screens those offers and ESR sends such offers directly to you, never revealing your identity or Address to any third party. Effectiveness Solutions Research Corporation Customer Privacy Policy (the “Privacy Policy”) has been developed as part of ESR’s commitment to provide the highest quality products and services and maintain the highest level of integrity in dealing with ESR customers. This Privacy Policy discloses how ESR collects, stores and uses information about customers and prospects. Periodically, ESR assesses and modifies this Privacy Policy in light of new technologies, business practices and its customers' changing needs. ESR may, from time to time, at its sole discretion, modify this Privacy Policy to reflect legal, technological and other developments. In that event, the changes will appear on the Web Site.

The Privacy Policy recognizes two kinds of personal data that deserve varying levels of protection. Personally-Identifiable Information includes, for example, e-mail addresses, payment information, addresses, and "click stream" data that tracks user activity on a Web site or online service (hereafter, “Personally Identifiable Information”). A subset of that category, Sensitive Data, deserves additional safeguards (hereafter, “Sensitive Data”). Sensitive Data includes, by way of example, Social Security numbers (not solicited by ESR) or personal financial data (such as specific salary, net worth or individual portfolio information, also not solicited by ESR). ESR is committed to using, to the best of its ability, all reasonable efforts to abide by the following Privacy Policy statement:

1. Collection. Personally-Identifiable Information will only be collected where ESR identifies a reasonably necessary and legitimate business purpose, at its sole discretion. Please be aware that if you disclose Personally-Identifiable Information on Web Site message boards or chat rooms, that information may be collected and used by third parties without ESR’s knowledge or permission and may result in unsolicited communications from third parties. Such activities are beyond the control of ESR and you recognize and agree that ESR is not liable for such communications.
2. Choice: Opt Out. ESR does not provide any Personally Identifiable Information to third parties. Any third party communications ESR believes are relevant to you will be sent directly by ESR, as affiliate offers. You may elect not to receive affiliate offers from ESR during Registration or Update.
3. Security. Appropriate safeguards have been implemented in an effort to ensure the security, integrity and privacy of Personally-Identifiable Information about ESR’s customers and prospects. Specifically, ESR performs a 1-way encryption of passwords and password recovery questions. This encryption uses a method which creates a 32 character string from the information you provide. The encryption always produces the same string from the same input. However, it is difficult to convert the 32 character string back into the original information provided. This way, for example, when you select a password, ESR encrypts the password and saves it. Every time ESR asks you for your password, ESR encrypts the password you give ESR and compares it to the encrypted password ESR saves. They must match. If anyone were to hack ESR’s database, they would only get the encrypted term and even resubmitting that term will encrypt to a different result. ESR cannot recover your password or your test question answer. If you lose them, you must re-create new password and test question answers. ESR does not encrypt your Address or other personal information it must retrieve. However, ESR’s database is password protected and behind a firewall for your protection. As there can never be a guarantee that a sophisticated and determined hacker cannot penetrate the database, you agree to and do hereby release ESR from any and all liability for disclosure of your Address, Personally Identifiable Information and/or Sensitive Data.
4. Access: Review and Correction. You can review and change or correct the Personally-Identifiable Information that has been collected by ESR. These procedures may not, however, compromise the security, integrity and privacy of either ESR's own proprietary databases or databases licensed from third party companies. Methods of review and correction require a valid login.
5. Sensitive Data. The collection and use of Sensitive Data carries with it special obligations and responsibilities in order to maintain such data's security, integrity and privacy. Sensitive Data is not rented or otherwise made available outside ESR, except that such data may be made available through Data Forwarding as described below. Customers and prospects will be given the opportunity to refuse permission for their Sensitive Data to be distributed outside of the business unit that collected the Sensitive Data through use of an Opt Out mechanism for internal distribution within ESR.
6. Data Forwarding. At this time, the only forwarding of data occurs either by request of a verified, legitimate government agency as required by law, or the minimum data necessary to process a credit card, check or other payment for services.
7. Children. Collection and use of information from children in the U.S. who notify ESR that they are under the age of thirteen will be made in compliance with the Children's Online Privacy Act of 1998. In the Web Site’s Terms of Use, you represent and warrant that you are 18 years or older. If we are made aware of the age of a user, and that user is a child under the age of 13, ESR will:
   • provide parents or guardians with Notice of our information practices;
   • obtain prior verifiable parental or guardian consent for the collection, use, and/or disclosure of Personally-Identifiable Information from children;
   • provide a parent or guardian, upon request, with the means to review the Personally-Identifiable Information collected from his or her child;
   • provide a parent or guardian with the opportunity to prevent the further use of Personally-Identifiable Information that has already been collected, or the future collection of Personally-Identifiable Information, from that child;
   • limit collection of Personally-Identifiable Information for a child's online participation in a game, prize offer or other activities to Personally-Identifiable Information that is reasonably necessary to participate in the activity; and
   • establish procedures to protect the confidentiality, security and integrity of the Personally-Identifiable Information collected from children.

412279 v.03