PRIVACY & SECURITY POLICY

PRIVACY & SECURITY POLICY

Privacy and security issues are of paramount importance to First American Registry, Inc. ("FAR"). This Privacy & Security Policy describes how FAR uses and protects information it collects or maintains. FAR requests that you read this Privacy & Security Policy frequently, as changes may occur from time to time.

FAR's Commitment to Data Security

FAR’s order environment features several of the most widely accepted and endorsed security methods to ensure that transactions, ordering and fulfillment are safe and that all exchanges of information remain confidential, except as described below.

The primary measures of security employed within the FAR environment are the use of SSL (Secure Socket Layer) encryption and third-party firewall filtering technologies. In addition, every session by a FAR member requires a unique membership number and password before access to the system is permitted. Finally, ICSA (International Computer Security Association) certification requires that we constantly monitor the FARsystem in accordance with our security policy and management practices.

Netscape's Secure Socket Layer (SSL) is the standard technology for secure, Web-based communications. All traffic between FAR customers and the Web server is encrypted with a unique "session key." SSL is built into server hardware, and requires a "digital ID" in order to be functional. These layers of protection virtually guarantee that unauthorized parties cannot view information. With SSL and this digital ID in place, the FAR site protects communications between the Web server and a FAR user. Firewall filtering is a set of related programs that protect the resources of a private network from users from other networks. The firewall acts as a defense barrier between the FAR server and the Internet, granting access and information only to those who are authorized to do so. In addition to these measures, each transaction is password-protected as an integral part of FAR membership. A private password works in conjunction with a unique membership number the same way that an ATM password protects your card from unauthorized use. Online transactions within the FAR environment can only be performed by users with legitimate membership numbers and passwords. ICSA certification of the FAR site ensures that an independent agency has investigated the standards and practices represented in the site and deemed the site worthy of its seal of approval. ICSA Web certification reduces Web site risks and liability for both the operator and visitor by providing, verifying, and improving the use of baseline security standards. The certification is comprised of on-site evaluation, remote testing and spot checking, using an evolving set of industry-endorsed standards and practices. This certification uniquely demonstrates FAR's efforts to protect customer information and data integrity. While we make every effort to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party "hackers" from illegally obtaining information.

User Information FAR Collects and How it is Used

FAR collects information in different ways from Visitors and Members who access the various parts of our services and the network of web sites accessible through our service ("Services"). We use this information primarily to provide you a customized experience as you use our Services. We may disclose user information in some circumstances, such as when we believe disclosure is required by law or in other circumstances as described below. All consumer report information is protected by law and primarily governed by the federal Fair Credit Reporting Act. For more information, please visit

Any person who knowingly and willfully obtains information on a consumer from a consumer reporting agency under false pretenses shall be fined under title 18, United States Code, imprisoned for not more than 2 years, or both.

Registration

Members are asked to provide certain user information when they sign-up for our Services, including name, address, and telephone number. The user information collected from Members during the registration process is used to manage each Member's account. FAR on occasion does share this information with vendors or other third parties, in order to enhance, develop or provide existing or new services.

Responses to Email Inquiries

When Visitors or Members send email inquiries to FAR, the return email address is used to answer the email inquiry we receive and to provide Service Notifications or other marketing materials.

Voluntary User Surveys

We may periodically conduct user surveys. We encourage users to participate in these surveys because they provide us with important information that helps us improve the types of services we offer and how they are provided to you. Participation in our customer surveys is always voluntary. Aggregated information may be shared with third parties in particular circumstances.

Other Circumstances

Generally, it is FAR's policy not to use or share user information about Visitors of Members in ways unrelated to the ones described above. However, FAR may disclose user information about Visitors or Members, or information regarding your use of the Services or web sites accessible through our Services, for any reason, in our sole discretion, if we believe that it is reasonable to do so, including, but not limited to: 1) satisfying any federal, state or local law, rule or regulation; 2) in order to bring action against someone who may be violating our Acceptable Use Policy or other user policies; and 3) to market, operate, or enhance the Services provided.

"Cookies" and How FAR Uses Them

A "cookie" is a small data file that can be placed on your hard drive when you visit certain web sites. FAR may use cookies to collect, store, and sometimes track information for statistical purposes to improve the products and services we provide and to manage our networks. If you are a Member, we will use a cookie to save your settings and to provide customizable and personalized services.

How to Access or Modify Your Information

FAR offers Members the opportunity to access or modify information provided during registration. To access or modify such information, contact our Customer Service Department at 800.999.4010.

Where to Direct Questions About FAR's Privacy and Security Policy

If you have any questions about this Privacy Policy or the practices described herein, you may contact:

Corporate Services

First American Registry, Inc.

11140 Rockville Pike, PMB 1200

Rockville, MD 20852

webmaster@registrynet.com

Revisions to This Policy

FAR reserves the right to revise, amend, or modify this policy and our other policies and agreements at any time and in any manner.

Rev. 08/01/2000