Everyone Counts, Inc. adheres to the privacy principles of the Safe Harbor Program of the U.S. Dept. of Commerce.
Everyone Counts Safe Harbor is safe harbor compliant. For more information about the Safe Harbor Principles, please visit the U.S. Department of Commerce's website.
(i) Use of Everyone Counts, Inc.
Notice: Everyone Counts collects data for the purpose of identifying users and conducting projects such as elections, polling, surveys, quizzes, questionnaires or similar types of data collection. This information is collected from our users and clients. By participating in an election, users are granting Everyone Counts the right to transfer any data they may submit to our client who commissioned the project. We do not disclose this information beyond our commissioning client. We do not provide any information collected from our clients or our users to third parties.
Everyone Counts collects personal information from two distinct audiences of Internet users. These are Everyone Counts administrator account holders who use Everyone Counts to run online elections, surveys and exams, and Everyone Counts users who in turn are the attendees at Everyone Counts online elections and surveys. Users also have accounts of their own on this system.
Some surveys or ballots are run anonymously; there is no "login" of any kind. However, such projects may request personal information from respondents such as a reply email address.
Parties mentioned in the statement are thus the "administrators," "users" and "providers." Any kind of project such as a ballot, poll, survey, questionnaire or similar made with Everyone Counts is termed a project from here down. The information you provide which may include personal information is termed a "submission." Submissions collected by a project are downloaded by the administrator; this is termed a "download of submissions." Information used on your behalf as part of the process of creating a login account for you as a user is termed an "upload of personal information" from here down.
Everyone Counts providers do not directly moderate (that is oversee, supervise, or otherwise monitor) administrator use of the Everyone Counts system. Administrators are legally bound by a declaration of legal and reasonable use of the Everyone Counts system which includes these privacy requirements.
(ii) Collection of personal details and other information
Choice: As Everyone Counts does not sell or give any information collected to third parties users and clients do not need to opt out of doing so.
Administrators, as required by their projects (including surveys and ballots) may collect personal information by soliciting responses to questions in a project.
Information deemed personal information which may be collected and is covered by this statement includes, but is not limited to, names, street or postal addresses, telephone or FAX numbers, email addresses, digital signatures, membership or other identifying numbers, passwords or other personal codes.
Information which is not inherently personal, but which can be used in combination to determine the identity of a person is also collected (this might include political preferences in combination with disability, age and nationality which together provide a highly accurate indication of a person's identity within a group).
Administrators on the Everyone Counts system are forbidden from collecting financial transaction authority information such as credit card numbers, credit card PIN numbers or other critical information which enables financial transaction authority or privileged security access to any other system. There is no information of this kind stored in the Everyone Counts system. Passwords to administrator and user accounts are kept internally in an encrypted form.
(i) WWW Records
When you access a survey or ballot created on this system we collect usage information in WWW logs. We record the date and time and the name of the project your computer accesses. We collect your computer's IP address, the kind of WWW browser used and any other publicly available information which your system provides our system. In some cases, IP address is not of any use for determining a location in the world due to different IP addresses being used each time you use a dial-up connection, or because your IP address is erased by your institution (gateway) when your connection to us is outside that institution.
For online elections, we provide administrators the ability to set security in such a way as to scramble your IP address before it is recorded in the Everyone Counts system. This is intended to protect voter privacy.
Details of site usage are only made public in summary form.
(iv) Uploaded Personal Information
Administrators may upload spreadsheets of personal information to generate user records on the Everyone Counts system. This is done to create user accounts. Such information might include a student number or staff number to serve as a username, and any other personal information such as DOB, email address etc to serve as a password. The Everyone Counts system can issue passwords, so upload of personal information to create a password is not always required.
Administrators can upload passwords already encrypted. If your institution maintains login accounts you use for accessing computer facilities, if your institution sanctions this kind of use, encrypted passwords can be made to work in Everyone Counts user accounts. This does not mean your password can then be used by anyone else. All passwords are stored in an encrypted format. It is very difficult to derive the actual text of a single password from its encrypted format.
Cookies are small files which are recorded on your computer when you visit our site. The cookie allows Everyone Counts to easily work out when the same computer visits more than once by giving you a unique "tag." There are many kinds of cookies, some of which are written on to your computer and reside there indefinitely. The cookies used by the Everyone Counts system are the simplest possible kind used on the Internet. They are not written onto your computer's hard drive, but sit in the computer memory for the duration of your session on Everyone Counts. When you log out of Everyone Counts or close down your browser, the cookie is erased. These are called session cookies. Using the same computer to visit Everyone Counts to complete an anonymous form twice with session cookies means that it is very difficult or almost impossible to associate the first submission with the second.
(vi) Use of Information Collected
Security: At Everyone Counts we take protecting your information seriously. We take extreme precautions from loss, misuse, and unauthorized access of any personal information.
The personal details you provide to administrators will be held in strictest confidence. Administrators cannot share personal information through the Everyone Counts system, and are advised to download personal information off the Everyone Counts system as soon as is convenient after their project is complete.
Your submission is recorded in two databases on submission. Both are located within the same data center; either the Australian data center Global Village, Melbourne, or Interhouse Docklands, London, England. Data are backed up to permanent media every day and these records are destroyed after six months.
Everyone Counts uses only the most secure commercial data centres. All have human-mediated access control requiring photo ID from registered client representatives. The Australian center requires 24 hour advanced warning and the UK center requires positive face identification in combination with a fob token. The Everyone Counts servers use stripped-down Linux operating systems, firewalls, file change detection and intrusion detection systems. Everyone Counts servers are configured for high availability with either hot-standby or load-balanced arrangements.
We reserve the right to change these privacy guidelines at any time. No changes will come into effect earlier than seven days after the changes are posted.