Privacy Statement

Last Modified September 18, 2011

As a leading provider of commerce processing services to thousands of online businesses, privacy and data protection issues are of the utmost importance to CyberSource. This Privacy Statement applies to all of the products, services and websites offered by CyberSource Limited and details our policies with respect to the handling of personally identifiable information ("Information") submitted by the reader of this Privacy Policy ("You") or otherwise collected by CyberSource via the company's website or in the course of providing services to CyberSource's customers, including its Use of Cookies.

If you have any questions about our Privacy Statement, please feel free to contact us through our website or write to us at:

CyberSource Ltd (United Kingdom)
c/o CyberSource Corporation HQ
P.O. Box 8999
San Francisco, CA 94128-8999

CyberSource will collect, use and disclose Information only in accordance with the terms of this Privacy Statement. By using our website or services, You consent to the collection and use of Your Information in accordance with this Privacy Statement.

A. COLLECTION OF INFORMATION

The type of Information submitted to or collected by CyberSource varies depending upon the nature of the activity and relationship with CyberSource.
1. Browsing the Website: When You browse the company's website, CyberSource may collect information regarding the domain and host from which You access the Internet, the Internet Protocol ("IP") address of the computer or Internet Service Provider You are using, and anonymous site statistical data. This information is collected for the purpose of assessing the effectiveness of the company's website and for security reasons.
2. Inquiries: The website contains various forms, links to company e-mail addresses, and fax numbers that You may use to solicit information about the website, CyberSource services, and the company in general. When You complete and submit a form, send us an e-mail, send us a fax, or contact us by telephone, CyberSource may store the inquiries and their contents, including any Information You may have provided. Any Information You submit via an inquiry is collected only with Your knowledge and active participation.
3. Use of CyberSource Gateway Services: When You register to use CyberSource online processing services ("Gateway Services"), You will be required to provide Information and to enter into a written agreement with CyberSource. If You ordered any products or services from businesses that use Gateway Services ("Merchants"), You were required to submit Information ("Order Information"). Merchants transmit Order Information to CyberSource for the purpose of processing the Order. Order Information is maintained in servers located within the United States for a specific time then archived and stored in vaults for later retrieval to comply with audits, legal requirements, or for disaster recovery purposes.
4. Applying for a Merchant Account: When You submit an application to obtain a merchant account through CyberSource, You will be required to provide Information. If You apply for a merchant account through CyberSource, CyberSource may also obtain information about You from consumer reporting agencies.
5. Children: CyberSource does not request or knowingly collect Information from anyone under the age of thirteen (13).

B. COLLECTION, USE AND DISCLOSURE OF INFORMATION

Collection, use and disclosure of Your Information varies based on Your relationship with CyberSource. CyberSource never sells any Information and, except as expressly set forth below, never discloses Information to any third parties.

1. Use of Cookies: CyberSource and its third party service providers use certain tools to collect Information about You while browsing our website. These tools use cookies which are small text files that are stored on Your computer’s hard drive. The cookies are used to, among other things, improve website performance, provide You with customized viewing options, compile statistical reports on website activity, or for authentication and security purposes. We also do this to recognize You as a Merchant or a previous visitor of our website, or to pre-populate website forms. Such Information may be disclosed to third parties to provide any of the aforementioned activities on behalf of CyberSource. To find out more about cookies, including browser-specific instructions on how to restrict or block cookies may be found at http://www.allaboutcookies.org. Remember, though, without cookies, You may not be able to take full advantage of all of our Web site features.
2. Inquiries: If You submit an inquiry via online form, e-mail, fax, or telephone call, the information collected may be used by CyberSource to respond to Your inquiries or to contact You to inform You of CyberSource services that may be of use to You. Information collected during the course of an inquiry will not be disclosed to any third party unless such third party has been contracted by CyberSource, with obligations of confidentiality, to contact You on our behalf.
3. Use of CyberSource Services: If You are a Merchant, CyberSource will use Your Information during the course of providing You with the Gateway Services. During the course of providing such services, CyberSource may disclose Your Information to third parties that have contracted with CyberSource to perform certain functions within the Gateway Services on our behalf ("Licensors"). CyberSource may also use Your Information to contact You about other CyberSource offerings and to inform You about general company news and industry trends. CyberSource may also use Your Information for internal business analysis. If You are a customer of a Merchant, CyberSource will use Order Information during the course of providing processing services to such Merchant. CyberSource may also use Order Information at an aggregate level for internal business analysis and fraud prevention. During the course of providing Gateway Services to Merchants, CyberSource may disclose Order Information to banks, processors, card associations, and other financial institutions that are involved in the course of processing or screening the transaction applicable to the Order Information.
4. Applying for a Merchant Account: If You apply for a merchant account from or through CyberSource, CyberSource may use and disclose the Information to evaluate Your eligibility for a merchant account, including disclosure to consumer reporting agencies, relevant financial institutions, and other entities involved in providing the merchant account services. CyberSource may also use and disclose Your Information during the course of providing or procuring on Your behalf the merchant account services. CyberSource may also use Your Information to contact You about other CyberSource offerings and to inform You about general company news and industry trends. CyberSource may also use Your Information for internal business analysis.
5. Surveys and Questionnaires: If You submitted an inquiry to CyberSource or if You are a Merchant, periodically, CyberSource may use Your Information to contact You to complete a survey or questionnaire. Responses to any such survey or questionnaire may be used for internal business analysis and may be disclosed in aggregate form without disclosing Your Information.
6. Confidentiality Obligations: All contracts entered into between CyberSource and Merchants, CyberSource and Licensors, and CyberSource and other third party service providers contain express provisions governing the confidential treatment of any and all Information.
7. Investigations and Proceedings: CyberSource may use Information to conduct internal investigations. CyberSource may disclose Information to cooperate with an investigation by law enforcement agencies or other governmental authorities and may also disclose Information in response to a subpoena, warrant, court order, or other comparable legal processes.

C. INFORMATION SECURITY

CyberSource is committed to privacy and security, as evidenced by the fact that CyberSource has been certified to be compliant with the Visa Cardholder Information Security Program ("Visa CISP") since the program's inception in 2002. Visa CISP is the bankcard industry's most stringent security standard. CyberSource has also been certified to be compliant with the Visa International Account Information Security program. Examples of CyberSource's security measures include: physical, electronic, and procedural safeguards; sophisticated security monitoring tools; documented security policies; use of 3DES encryption for transmissions of Order Information to and from Merchants; restricting access only to employees that need to know Information; and, periodic security audits by third party security experts.

D. NOTICE TO EUROPEAN USERS

European legislation on the protection of personal data and privacy puts obligations on users of personal information and sets forth principles for its use. The first of these principles is that Information must be processed fairly and lawfully. This means that You are entitled to know how CyberSource intends to use any Information You provide. You can then decide whether You want to give Information to CyberSource.

The type of Information submitted to, collected by or used by CyberSource and our group companies varies depending upon the nature of the activity and relationship with CyberSource. Your Information will be kept secure using technical and physical security measures to prevent unauthorized access, and ensure safe disposal when information is no longer required.

E. CORRECTION OF INFORMATION

If You want CyberSource to correct Your Information that is stored on CyberSource systems, please submit Your request in writing to:

CyberSource Ltd (United Kingdom)
c/o CyberSource Corporation HQ
P.O. Box 8999
San Francisco, CA 94128-8999

Subject to our ability to verify Your request, CyberSource will correct the Information within thirty (30) days of receipt of Your request.