Privacy policy for the Phorm services
Effective Date: 13 February 2008

Customer Privacy

Best Privacy Practices

No Personal Information

How Well Am I Protected?

Privacy Impact Report

You Can Choose

Phorm Service

Phorm, Inc. provides the Phorm Service for Internet service providers (”ISPs”), advertisers, networks and publishers. The Phorm Service is a patent-pending technology that delivers targeted advertising and consumer services to ISP customers (“users”) on behalf of Phorm, our partner ISPs and affiliated websites.

At Phorm, consumer privacy is of paramount importance. Phorm has spent years designing a system that is industry leading in terms of consumer privacy protection. This document details how the Phorm Service works and how non-personally identifiable information (described below) may be used to make the internet safer and more relevant for consumers. The Phorm Service is designed to provide consumers with a safer and more relevant Internet, and Phorm fully believes in giving consumers choice. To that end, Phorm offers consumers a simple mechanism for them to switch the Phorm Service on or off, which we explain below.

What information does Phorm Service collect?

The Phorm Service is designed to avoid collection of any Personally Identifiable Information of the user (“PII”), namely information that can be directly associated with that specific person or entity, e.g. a name, a postal address, a phone number, or an email. Phorm Service uses only Non-Personally Identifiable Information (“non-PII”), such as search terms, URLs and keywords. Phorm Service does not store or retain this information. This information is used to understand broad categories of that consumer’s interests; the Phorm Service matches this with existing advertising categories (“category match”), then immediately discards this information. It is important for consumers to know that even the limited retained category match information cannot be used to identify any specific person or entity. By way of example, Phorm Service will retain only information about general categories of interest associated with a randomly generated ID (category matches) such as “ID #45678 is interested in IPODs.”

Phorm Service also uses “cookies,” a small text file stored on the hard drive of a user’s computer to enable Phorm and other Web entities to anonymously identify repeat users. The Phorm cookie is ‘blind’ to users’ identities, because Phorm only use a randomly generated ID number to identify the cookie associated with the computer. Phorm Service uses cookies to communicate with its servers in order to limit how often ads are displayed, and to help to decide which ads to display. The cookies used by Phorm Service contain no PII.

How is the Phorm Service designed to not collect PII?

Phorm takes several steps in designing the Phorm Service to not collect any PII. For example, Phorm Service:

• Does not collect any information on secure (HTTPS) pages
• Does not collect information that users enter in web form fields such as registration pages.
• Ignores words or phrases containing the "@" symbol to ensure that we do not collect email addresses.
• Ignores numbers longer than three digits, to prevent the collection of credit card numbers, phone numbers, social security numbers, or other numbers-based PII.
• Does not store IP addresses.

If any PII were collected, Phorm would be legally obliged to use any information in line with the applicable laws concerning protection of such information.

How do you use the information you collect?

Phorm Service may use the information it gathers to give users warnings and alerts about websites they may be visiting, and to provide information about goods and services that may interest them, based on the websites they are visiting and the search terms they are using.

For example, visits to a travel website suggest an interest in the topic ‘travel’. Phorm Service records those category matches in order to place ads that may be of interest to that user. After making a category match, all of the information (which contains no PII) leading to the category match is purged from the Phorm system.

This is an important point: because Phorm Service does not permanently store the non-PII or IP addresses, it is incapable of identifying any specific person or entity.

Do you share information with third parties?

Phorm may share aggregated advertising category match information to provide statistics to partner ISPs, prospective clients and business partners. We will not disclose any randomly generated ID associated with a cookie to any third party, which means that none of this shared information can be used to identify individual users.

For example, Phorm may tell a merchant that our network contains 50,000 users who have visited a travel website URL in the past six months, but cannot disclose which randomly generated IDs have visited that URL, because that information is simply not stored.

If legally required to do so, Phorm will disclose to a third party any information it does have, but as stated above our the Phorm Service is designed not to collect or retain any such information.

How can users opt-out of Phorm Service?

The Phorm Service website provides users with a simple opt-out form. Users who opt-out will receive an opted-out cookie that prevents Phorm Service from using any information at all from the specific browser associated with that computer.

If a user deletes their opt-out cookie, then the opt-out status, which is contained in the cookie, is lost, and the user will be opted-back into the Phorm Service. The reason that Phorm employs a cookie-based opt-out is to ensure that such opt-out is effective no matter where a consumer may take his or her computer and is in other ways more protective of a consumer’s identity. If you delete your cookies and still would like to be opted-out of the Phorm Service, please return to the website and opt-out again. (This is an industry standard practice, as described on the NAI site, www.networkadvertising.org).

In addition, users may be able to prevent cookies from any website from being installed on their computer by readjusting their browser settings. For more information on cookies and how to disable them, users should consult the Help section of their browser. Alternatively, users can consult the information provided by the Interactive Advertising Bureau at www.allaboutcookies.org.

What does this privacy policy not cover?

This privacy policy applies to the Phorm Service only and does not apply to other features or services provided by Phorm’s partner ISPs or other third parties. To better understand the privacy practices of your ISP or another third party, we encourage you to review their privacy policy and user agreements.

Can I find out what PII Phorm Service keeps about me?

The Phorm Service is designed to avoid the collection and storage of PII, however you have the right to request a copy of any information that Phorm may have about you and to have any inaccuracies corrected. A reasonable fee may be charged for information requests, and we reserve the right to request such evidence as we consider reasonably necessary in the circumstances to prove your identity We will use reasonable efforts to supply, correct or delete any information about you that Phorm may have.

For more information, please contact:

The Data Protection Officer
222 Liberty House
London W1B 5TR

What are Phorm’s security practices?

‘Non-personal information’ contains nothing that could identify you personally. We may aggregate non-personal information and share it with our affiliated companies and third parties. This is to provide statistics that enable us to analyse web site usage, and to improve our services.

Changes to Webwise’s website privacy policy

Phorm has implemented security measures to protect information collected on this website from loss, misuse, unauthorised access, disclosure, alteration or destruction. Our employees are made aware of and must comply with these procedures.

Please keep in mind, however, that the Internet is not a 100% secure medium. Therefore, it is theoretically possible that somebody could defeat our security measures. However, as stated above none of the information could identify you or any other individual.

We sometimes use third-party contractors to perform tasks that might otherwise be done by our employees. These contractors, however, are contractually bound to adhere to this privacy policy, and they are subject to similar restrictions as our employees.

If you use your computer and usual browser in a country other than your home country to log on to the Internet via one of our partner ISPs in that other country, the data that Phorm holds in its system that is associated with that cookie may be automatically transferred to Phorm's systems in that other country.

Changes to our privacy policy

The Phorm privacy policy may be updated from time to time, and the most current versions can be found at http://www.phorm.com/user_privacy