This Privacy and Security Statement relates solely to the online information collection and use practices of the NYPPEX web site located at www.nyppex.com (this "Web Site"), and not to any sub-domains of this Web Site. We recognize that many visitors and users of this Web Site are concerned about the information they provide to us, and how we treat that information. This Privacy and Security Statement, which may be updated from time to time, has been developed to address those concerns.
Your use of this Web Site indicates to us that you have read and accept our privacy practices, as outlined in this Privacy and Security Statement. If you have any questions or concerns regarding this Privacy and Security Statement, please contact: firstname.lastname@example.org.
Information That We Collect About You.
When you visit our Web Site, you may provide us with two types of information: (1) personally identifiable information that you knowingly choose to disclose, which is collected on an individual basis, and (2) general user information that does not contain personally identifiable information, which is collected on an aggregate basis as you browse the Web Site. In some cases, if you choose not to provide us with requested information, you may not be able to access all of our Web Site's content or services.
Personally Identifiable Information.
We may ask for certain personal information from you for the purpose of providing to you content and/or services that you request. For example, if you indicate an interest in receiving press releases about NYPPEX, you are asked to submit your name and e-mail address, which we retain on file, so that we may send you the information that you requested. If you indicate on our E-mail Alert registration form that you are a member of the press, we may also send you information regarding our business. We also request your name and e-mail address each time you contact us by clicking on the "Contact Us" link. We may retain a record of users who have contacted us in order to respond properly to questions or concerns and for purposes of future communications.
Non-Personally Identifiable Information.
Cookies/ Web server logs: Similar to other commercial Web sites, our Web Site utilizes standard technology called "cookies" and Web server logs to collect information about how our Web Site is used. Cookies are a feature of Web browser software that allows Web servers to recognize the computer used to access a Web site. Cookies are small pieces of data that are stored by a user's Web browser on the user's hard drive. Information gathered through cookies and Web server logs may include the date and time of visits, the pages viewed, time spent at our Web Site, and the Web sites visited just before and just after our Web Site. This information is collected on an aggregate basis. None of this information is associated with you as an individual.
You can, of course, disable cookies on your computer by indicating this in the preferences or options menus in your browser. However, it is possible that some parts of our Web Site will not operate correctly if you disable cookies. You should consult with your browser's provider/manufacturer if you have any questions regarding disabling cookies.
How Do We Use The Information We Collect?
We use your personally identifiable information to provide you with the information or content that you have requested, and, in some cases, to contact you about our programs, products, features or services. If you no longer wish to receive press releases or any other type of information from us, you may send us an email through our "Contact Us" link or use our E-mail Alert form to change your preferences./p>
We use non-identifying information collected on our Web Site in the aggregate to better understand your use of the Web Site and to enhance your enjoyment and experience. For example, we may use the information to improve the design and content of our Web Site or to analyze the programs and services that we offer.
We may employ other companies and individuals to perform functions on our behalf. Our employees, agents and contractors who have access to personally identifiable information are required to protect the information in a manner that is consistent with this Privacy and Security Statement.
We may provide access to your personally identifiable information when legally required to do so, to cooperate with police investigations or other legal proceedings, to protect against misuse or unauthorized use of our Web Site, to limit our legal liability and protect our rights, or to protect the rights and safety of visitors to this Web Site or the public. In those instances, the information is provided only for that limited purpose.
We will not share your personally identifiable information in ways unrelated to those described above without providing you with an opportunity to opt out of such use or otherwise prohibit such unrelated uses.
How Do You Access and/or Modify Your Information or Choices?
If you visit our Web Site and volunteer personally identifiable information, you may modify, update or delete such information at any time by visiting the E-mail Alert area where you will have the opportunity to access and revise certain of your personally identifiable information, and to update your preferences regarding what information you want to receive from us, or by clicking on the "Contact Us" link and sending us an e-mail. You should be aware, however, that it is not always possible to completely remove or modify information in our databases. In addition, please be aware that your ability to opt out from receiving marketing and promotional materials does not change our right to contact you regarding your use of our Web Site.
Privacy Protections For Children Using the Internet
Protecting children's privacy is important to us. For that reason, we do not collect or maintain information on our Web Site from those we actually know are under the age of 13, nor is any part of our Web Site targeted to attract anyone under 13. We request that all visitors to our Web Site who are under 13 not disclose or provide any personally identifiable information. If we discover that a child under 13 has provided us with personally identifiable information, we will delete that child's personally identifiable information from our records.
We take reasonable steps to maintain the security of the personally identifiable information that we collect, including limiting the number of people who have physical access to our database servers, as well as installing electronic security systems that guard against unauthorized access. However, no data transmission over the Internet can be guaranteed to be completely secure. Accordingly, we cannot ensure or warrant the security of any information that you transmit to us, so you do so at your own risk.
Consent to Transfer
This Web Site is operated in the United States. If you are located outside of the United States, please be aware that any information you provide to us will be transferred to the United States. By using our Web Site, participating in any of our services and/or providing us with your information, you consent to this transfer.
Safeguarding Your Information
We take precautions to ensure the information we collect about you is protected and is accessed only by authorized individuals or organizations.
Companies we use to provide support services are not allowed to use information about our clients for their own purposes and are contractually obligated to maintain strict confidentiality. We limit their use of information to the performance of the specific services we have requested.
We restrict access to personal information by our employees and agents. Our employees are trained about privacy and are required to safeguard personal information.
We maintain physical, electronic and procedural safeguards to protect personal information.
Teaming Up Against Identity Theft
Identity theft is a serious concern to all of us. Safeguarding information to help protect you from identity theft is our priority. NYPPEX takes steps to protect you from identity theft by:
- utilizing client identification and authentication procedures before initiating transactions;
- creating a secure transmission connection to our NYPPEX Websites. You will see the padlock in the lower right corner of your browser's frame indicating it is a secure site;
- ensuring our employees are trained to safeguard personal information about you.
You can also help protect your identity and accounts. Here are a few steps to remember:
- NYPPEX will never request your account number, login password, or Social Security number in either a non-secure or unsolicited email communication;
- shred documents that contain personal information;
- check your credit report regularly for unauthorized activity and protect your personal identification numbers (PINs) or personal data.
If you have been a victim of identity theft or to learn more about protecting yourself
against identity theft, go to the Identity Theft Prevention Program.
Authentication is the process that our clients go through to access secure areas
of our Website. This process takes place when you log into your account. The two
key components of login are your Login ID and Password.
Login ID: We urge you to create your own unique Login ID and recommend that it be a Login ID that you don’t commonly use for other purposes. We particularly urge you not to use your Social Security or number date of birth as a Login ID. Please call NYPPEX at 914-305-2800 x215 and a representative will assist you in creating a new Login ID.
Passwords: We maintain strict rules to help prevent others from guessing your password, and recommend that you change your password periodically. Your password must meet the following criteria:
- 6-8 characters long
- Include both letters and numbers
- Include at least one number between the first and last character
In addition, for your protection, repeated unsuccessful attempts to log in will cause your online access to be disabled. Once this happens your password must be reset. If this happens to you inadvertently, please follow the instructions under “Forgot your password” on the Login page
Recently there has been rapid growth in email-related information security challenges
such as “phishing” or “spoofing” schemes. These fraudulent techniques attempt to
fool you into giving up your personal data by impersonating legitimate communications
from financial service providers. We are working with other financial institutions
and technology leaders to prevent these security challenges from impacting our clients.
Measures currently in place or underway include:
- Implementation of domain-verification technologies that, in cooperation with Internet service providers, will enable clients to verify that emails claiming to have come from NYPPEX actually did come from NYPPEX.
- Standardization of NYPPEX emails and adherence to industry anti-phishing best practices. We continually re-design our email policies to incorporate the latest tools and standards aimed at preventing phishing.
- Ongoing assessment and implementation of new login technologies designed to prevent others from masquerading as our Web site.
Steps you should take for protecting your emails:
Client Security Practices
Your participation is an important component of all of our security efforts. We believe it is essential that we work in close cooperation with you as our client to maintain the highest levels of security. These are the steps you should take to protect your account:
Protecting the security of your computer
- Keep your computer and browser software current with security updates.
- Install and update anti-virus and anti-spyware software and use personal firewalls to protect your computer.
- Be alert to the threats posed by malware--short for malicious software, this form of software is designed specifically to damage or disrupt a system, or to secretly record information such as keystrokes. Malware types include key logging tools, trojan horses, hijacking programs, and dialer programs that may reside on your personal computer. While these threats constantly evolve, you can help protect your personal information and computer by using a personal firewall, maintaining up-to-date anti-spyware and anti-virus programs, and by immediately reporting any suspicious activity involving your personal information.
- Do not enable any application features that would automatically log you in to your NYPPEX account or pre-fill the Login ID or Password fields.
- Change your password periodically and avoid using passwords for NYPPEX that you commonly use for other purposes.
- For more information on how to protect your personal computer, including links to vendors providing anti-virus and anti-spyware software, please visit the Federal Trade Commission’s computer security site at http://onguardonline.gov. Microsoft Corporation provides additional information specific to the Windows operating system at http://www.microsoft.com/security. Users of Apple computers can find security information at http://www.apple.com/support/security.
Using your computer
- Your username and password are for your use only. Do not share them with anyone.
- Check to make sure you are interacting with a secure Web site see above.
- Always log off after accessing your NYPPEX account. This prevents someone else from accessing your account if you leave your computer unattended while the session has not yet “timed out,” or automatically shut down.
- Be careful about using third-party computers or computers that you are not familiar with, such as those in Internet cafés.
If you do use a third-party computer, be particularly careful to ensure you have
fully logged out. NYPPEX’s systems are set to prevent browsers from saving account
information in a computer’s Internet cache, but as an extra precaution you may want
to clear the cache of any public computer on which you have accessed your NYPPEX
accounts. Please check the browser’s help section to learn how to manually
clear its Internet cache.
Reading your statements:
- Review your account statements carefully.
- Reduce the risk of lost and stolen paper statements by subscribing to online account statements and confirmations. You can sign up for paperless products quickly and easily by emailing email@example.com.
Recognizing and fighting fraud
- Do not provide personal or financial information in response to an email request or by clicking on a link, unless you are able to verify the authenticity of the site to which you are taken through the SSL padlock or other means.
- Do not enter personal information into a form within an email message or a pop-up.
- Note that NYPPEX will never ask you to provide personal financial information in an email.
- Do not open an email from a sender that your do not recognize. Be particularly cautious of any attachments to emails from unrecognized sources.
- Immediately report any unusual activity regarding your NYPPEX accounts to our representatives at 914-305-2800 x215 or at firstname.lastname@example.org.
How To Spot a Phishing Attack
There are many phishing attacks
active on the Internet. Here are a few of their lines and lures:
- An email contains an “urgent” or “shocking” tone requesting your immediate action on an account-related matter. Phishers frequently succeed by getting consumers to act quickly without thinking.
- An email is sent from a user falsely claiming to be a legitimate company with an attachment. An unsolicited email attachment more than likely contains a virus. Do not open it.
- A pop-up window appears from a user falsely claiming to be a legitimate company’s Web site asking for personal information.
Learn More About Phishing Scams or Identity Theft
Additional information can be found at www.antiphishing.org or www.consumer.gov/idtheft/ .
How To Report a Phishing Attack
If you suspect you have received a fraudulent email from NYPPEX or any of its subsidiary companies, please contact: email@example.com If you believe that any communications with or from NYPPEX resulted in identity theft, call us immediately at 914-305-2800 x215.
What To Do If You Are A Victim of Identity Theft
If you are a victim of identity theft, here are some recommended steps:
- Contact NYPPEX and let us know you have been a victim of identity theft
- Contact the fraud departments of each of the 3 major credit bureaus:
|Order Credit Report||800-525-6285||888-397-3742||800-916-8800|
PO Box 740241
PO Box 9530
PO Box 6790
Report the identity theft and request a "fraud alert." This ensures that you will be contacted before any new account is opened and/or an existing account is changed.
Request copies of credit reports. Review the reports carefully and identify any new accounts that may have been opened. Pay particular attention to the section of the report that lists "inquiries" from new companies. Contact these companies immediately and have them remove any pending or new accounts from their system. Note: Credit bureaus must provide free copies of credit reports to victims of identity theft. Contact the fraud departments of creditors to dispute unauthorized charges (e.g., credit card issuer, phone companies, utilities, banks, other lenders.) Describe your identity theft problem and follow up with a letter.
Contact the fraud departments of creditors to dispute unauthorized charges (e.g., credit card issuer, phone companies, utilities, banks, other lenders.) Describe your identity theft problem and follow up with a letter.
File a report with your local police department and ask to file a report. This may help when clearing your credit.
File a complaint with the Federal Trade Commission (FTC). The FTC handles complaints from victims of identity theft, provides information to those victims, and refers complaints to appropriate entities, including the major credit-reporting agencies and law enforcement agencies.By Phone: 877-ID THEFT
Online Complaint Form: www.consumer.gov/idtheft