Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Privacy Policy, Data Retention?

This is the closest to a Privacy Policy I could find:
12. Service Data. Verisign uses the Service Data to provide the Service and for internal business and analysis purposes. You understand that through your use of the Service, you consent to the collection and use of information deemed to be PII under the laws of an applicable jurisdiction including the transfer of such PII to the United States and/or other countries for storage, processing and use by Verisign. If you are an entity, you understand that it is your obligation to inform your individual users that through their use of the Service, they consent to the collection and use of information deemed to be PII under the laws of an applicable jurisdiction, including the transfer of such PII to the United States and/or other countries for storage, processing and use by Verisign. Verisign will not sell, distribute any PII collected as a result of performing the Service. Verisign will not permanently store the PII and will retain such PII for no longer than is necessary.
Questions:
  • "[N]o longer than is necessary," is that for "internal business and analysis purposes" or ...? Please clarify!
  • What, specifically, is considered "PII" by Verisign?
  • How, specifically, is "such PII" "not retain[ed]"? Is it "anonymized", "deleted from live server", or ...?

Comments

  • Hello dns - thank you for your inquiry. Allow us to review this further and will let you know once we have an update on your questions.
  • edited October 2015
    "Verisign will not sell, distribute any PII collected as a result of performing the Service."

    The two verbs "sell" and "distribute" are separated with a comma - was that intentional? It seems like an "or" would be appropriate here, but I don't know if this construction yields some different meaning in a legal context. (Maybe someone lopped off a third verb and forgot revise the sentence?)

    Also, why the use of the word "distribute" as opposed to "share" or "disclose"? The latter words are more common when discussing the transference or transport of PII. This sentence seems to imply that Verisign would not distribute PII to third parties, but it isn't explicitly stated. Wouldn't doing so grant greater assurance to users? Transparency and clarity go a long ways in engendering trust.

    Lastly, but most importantly - Hi @knixon! (I CAN HAZ BADGEZ?)
  • Hello sjordan,

    Thank you for your feedback. We have passed this to the relevant team for further review.
  • Hello dns,

    In addition to the updated Verisign Public DNS Terms of Service, we also received feedback on the questions you had provided to us earlier (please see below):
    • "[N]o longer than is necessary," is that for "internal business and analysis purposes" or ...? Please clarify!
      Answer: "Please see updated Verisign Public DNS Terms of Service."

    • What, specifically, is considered "PII" by Verisign?
      Answer: "PII is defined by the local jurisdiction."

    • How, specifically, is "such PII" "not retain[ed]"? Is it "anonymized", "deleted from live server", or ...?
      Answer: "Verisign does not disclose operational processes and procedures for security purposes."
Sign In or Register to comment.