Web Analytics
Contact Us  |  Supported Devices
Visto Mobile™ Login

Privacy Policy

Visto Service Overview
Visto Corporation (hereinafter referred to as "Visto" "us" "we" or "our") is committed to respecting your privacy and to complying with applicable data protection and privacy laws.

Visto provides the Visto Mobile service directly to businesses and consumers and also provides a brandable service to mobile operators (“carriers”) whereby Visto hosts the provision of the Visto Mobile service under the carrier’s brand. These web sites are maintained at the Visto Network Operations Center (the “NOC”) in Seattle, Washington, USA, and only accessed by Visto’s trained NOC staff.

The following privacy policy discloses the information practices followed by Visto with respect to its commercial web sites (both branded and re-branded), including the type of information that we gather, the way we use information internally and our policy regarding sharing information with others. We have implemented the privacy practices described herein for all of our sites, including those which are only accessible via the URLs managed by carriers that provide Visto service under the carrier’s brand to their customers.

We encourage you to read this Privacy Policy Statement.

Personally Identifiable Information (PII)
PII means any information that is related to an identified person, or that may be used to identify an individual, including, but not limited to: first and last name; e-mail address; a home, postal or other physical address or other contact information; title, birth date, gender, occupation, industry, or personal interests; and other personal information necessary or useful to provide a product or service that you have requested. We respect your right to privacy and we have provided this Privacy Policy Statement to help you understand how we collect, use and protect your information when you use visit our web sites and when you generally use Visto services.

Safe Harbor
The United States Department of Commerce and the European Commission have agreed on a set of data protection principles (the "Safe Harbor Principles") to enable a U.S. Company to satisfy the requirement under European Union law that adequate protection be given to personal information transferred from the EU to the United States. The EEA also has recognized the U.S. Safe Harbor as providing adequate data protection (OJ L 45, 15.2.2001, p.47). Consistent with its commitment to protect personal privacy, Visto adheres to the Safe Harbor Principles.

The Safe Harbor Privacy Principles apply to all personal information received by Visto in the United States from the European Economic Area, in any written format including electronic and paper.

Collection and use of PII data at Visto
Visto collects PII for limited purposes only: to provide a limited number of reports (such as provisioning, usage and billing reports) to the carrier for whom the owner of the PII data is a subscriber in accordance with the agreements between Visto and such carrier. These carriers remain subject to their obligations of confidentiality to you. Because of the nature of our product, we must collect personal information from users during the registration process and ongoing use of the product, including:

  • first and last names
  • an email address
  • a password
  • the applicable wireless phone number

The PII data we collect is kept securely at our NOC. We do not share, sell, or lease personal information about our customers to any third-parties other than your carrier whether for their marketing use or any other reason. Except for the reports Visto provides to your carrier described above, Visto will only release information about you if you direct us to do so, if we are required by law to do so, or in other legally limited circumstances (for example, to protect your account from fraud).

Collection of non-personally identifying information
We may also collect non-personally identifying information about your visits to our sites in order to proactively analyze, measure the use and improve the quality of Visto mobile applications. This type of information may be recorded into the server log files when you visit our sites. Access to this data is restricted to our NOC personnel who are administering our servers under a very strict security policy. Except as required for Visto’s service operation, administration, business and billing purposes, Personally Identifiable Information captured in log files is not linked back to the user profile.

This information may include the domain names, Internet Protocol (IP) addresses, the pages you browse, the number of visits and average time spent on the site. This helps us to better manage and develop our sites, to provide you with a more enjoyable, customized service and experience in the future, and to help us develop and deliver better products and services tailored to your individual interests and needs.

Traffic patterns: We may analyze aggregated traffic patterns throughout our site. However, we do not correlate this information with any PII data about individual users.

Session records: We may also gather data on connection information, including the timing and size of all packets sent over our telecommunications circuits during a session. The gathered information is used only to ensure the highest quality experience using Visto mobile application.

Cookies: We capture cookies in the log file. A cookie is a small data file that certain Web sites write to your hard drive when you access our sites using PCUI (Browser). We use cookies to track user traffic patterns and enable a persistent login from a WAP phone. Visto's PCUI and WAP interfaces do not require that you accept cookies. However, the device sync interface does require cookies in order to work properly.

Data Integrity and Security of Collected Information
The Visto NOC maintains strict physical, electronic and administrative safeguards to protect your personal information from unauthorized or inappropriate access. We will take reasonable steps to ensure that all data collected is accurate, complete and timely for the purposes for which they are to be used. We restrict access to information about you to those Visto employees who need to know the information for the purposes described herein. Employees who misuse personal information are subject to severe disciplinary action.

We have taken reasonable precautions to protect against misuse, theft, loss, unauthorized access, disclosure, alteration or destruction of your personal information. We use industry-standard-encryption to enhance the security of data transmissions. We have also implemented a number of commercially available technologies to guard against unauthorized access to any PII data that is stored electronically at the Visto NOC. These security measures have been integrated into the design, implementation, and day-to-day operations of the NOC as part of our continuing commitment to the security of electronic content as well as the electronic transmission of information.

Secure Data Transmission
When you subscribe to our service (directly or through any of our co-branded sites) or when you synchronize your data with the service, the Visto client application software first establishes a "secure session" with our NOC using Secure Socket Layer (SSL). The SSL technology protects information using both server authentication and data encryption to help ensure that data is safe, secure, and available only to you. The NOC then uses this "secure session" as you access your mobile account. First you enter your account ID and password, which is irreversibly scrambled and authenticated. The scrambled version of your password is used for authentication and cannot be unscrambled by anyone with access to our servers at the NOC, ensuring there is no unauthorized access to your account or your data. After your encrypted password is confirmed by the NOC and your account is validated, we use a strong encryption technology to encrypt your personal data while transmitting them to your mobile device. These safeguards help prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of data.

Retention of Collected PII Data
The information collected through our web sites is retained in accordance with the records retention and disposition requirements of our Agreements with the carriers. In general, the web server logs are retained for one year and then destroyed. Conversely, service usage information, including your PII data that you submit through registration process may be retained in our off-site storage facility up to five years. Detailed information concerning the record retention schedules may be obtained through the contact listed below in this policy.

Doing your bit
While we strive to protect your personal information, we also urge you to take every precaution to protect your personal data when you are on the Internet or using the Visto service from your mobile device. We suggest that you make certain that you are using a secure browser. It's also important for you to take security precautions that will ensure your information is kept under wraps.

  • If you use a password and passcode keep them secret and don't write them down in any way that someone might be able to understand.
  • Regularly change your security details and don't use words or codes that might be known to others.
  • If you use a shared computer or mobile device remember to clear the cache after use.
  • Never leave your computer or mobile device unattended when it's switched on.
  • Use anti-virus software to protect your computer from viruses and programs such as 'Trojan Horse' or spyware. And with new viruses constantly being identified, be sure to keep your anti-virus software regularly updated.
  • Don't accept email attachments from people you don't know.

Products and services are available which can help give you privacy protection while navigating the Web. See www.privacyalliance.org/resources/rulesntools.shtml for an overview of many privacy-related tools.

Third Party Sites
Visto's web sites may contain links to other sites. When you click on one of these links you are being transferred to a web site operated by someone other than Visto, and the operator of that web site may have a different privacy policy. Visto does not share your personal information with these web sites and is not responsible for their individual privacy practices. We encourage you to investigate the privacy policies of these operators.

Co-Branded Sites and Services
When you use a co-branded service within our web sites, or register or otherwise provide information on a co-branded site, you grant Visto permission to pass the information collected back to that service or site partner. Their use of your information is subject to their applicable privacy policies. For example, if you are a subscriber through carrier XYZ, who has a branded web site hosted by Visto, we will provide back the reports described herein to carrier XYZ.

Security Checks
For web site security purposes and to ensure that this service remains available 24x7 to all Visto customers, we employ various commercial software tools to monitor network traffic, identify unauthorized attempts to upload or change information, or otherwise cause damage. Unauthorized attempts to alter the content of our web sites are strictly prohibited and may be punishable under the Computer Fraud and Abuse Act of 1986 and the National Information Infrastructure Protection Act.

How do we communicate and manage the event of a breach of security
By security breach we mean an event where the behavior of our production system deviates from the security requirements. Any breach of security is regarded by Visto as the highest severity event under its contracts with your wireless operator. Visto will report all such incidents to the affected wireless operators immediately in accordance with our internal incident handling procedure. At the same time, you agree to notify Visto immediately of any unauthorized use of your personal data. Visto will not be liable for any loss or damages that you may incur as a result of someone else using your password or account, either with or without your knowledge.

Children’s Privacy
We do not structure our web sites to attract children. Accordingly, we do not intentionally collect personal information from anyone whom we know to be under 13 years of age.

How You Can Access or Correct Your Information
You can access all your PII data that we collect online and maintain them in accordance to the procedures of our NOC security policy. We use this procedure to better safeguard your information. You can review, update your information, or correct factual errors in your PII data by accessing your mobile account through your wireless operator portal or directly contacting your wireless operator representative. Please follow the login procedure provided to you by your carrier. In order to protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections.

What procedures do we follow for resolving a complain
All complains regarding privacy should be immediately reported via e-mail to vistoprivacy@visto.com. You will receive an acknowledgement within next 7 business days indicating receipt of your complain along with a response to the merits of your complaint or a notice that we have redirected your complaint to BBB Online Privacy Dispute Resolution Intake Center for faster and more effective resolution of your inquiry. By participating in the Council of Better Business Bureau's BBBOnLine Privacy Program we have made a commitment to meet the programs' strict requirements regarding how we treat your information and have it verified by BBBOnLine. Further information about this program is available at www.bbbonline.org.

Legal Disclosures
We may disclose some PII data if required to do so by the US law or in the good-faith belief that such action is necessary to prevent injury or property damage. We may attempt to notify you when we are making such a disclosure, but we may not do so in an emergency or when we are prohibited by either law or court order from giving such notice.

Exclusion of Liability
While we have taken all reasonable steps to ensure the accuracy and completeness of the information on this web site, we give no warranty and make no representation regarding the accuracy or completeness of the content of our site. Consequently, we accept no liability for any losses or damages (whether direct, indirect, special, consequential or otherwise) arising out of errors or omissions contained in the sites that we operate. Also, we accept no liability in respect of losses or damages arising out of changes made to the content of our sites by unauthorized third parties.

Contacting Us
We welcome comments and questions on this Privacy Policy. As stated above, we are dedicated to protecting your privacy, and we will make every reasonable effort to keep your information secure. Questions regarding our policy should be directed via e-mail to vistoprivacy@visto.com. Additionally you may make your request by writing to:

Visto at Visto Corporation
Attn: Information Security Officer 275 Shoreline Drive, Suite 300 Redwood Shores, CA 94065 USA.

Changes to this Policy
By registering to use Visto services, you consent to the collection and use of your information as we have outlined in this Privacy Policy. Visto reserves the right to amend or modify this Privacy Policy Statement at any time and in response to changes in applicable data protection and privacy legislation. When we do, we will post those changes on this page so that you are always aware of the information we collect, how we use it, and under what circumstances we disclose it. We will post a prominent notice on this page for thirty (30) calendar days prior to the implementation of any material changes to this Privacy Policy. Please check this Privacy Policy periodically to inform yourself of any changes.

Last updated 29 August, 2005

 

© 2005 VISTO, Inc. All Rights Reserved.
Privacy Policy | Legal Notices & Trademarks | Back to Top