Privacy Policy

Version $v*1

@fullXRI inherits the Global Privacy Policy defined by XDI.org, and in addition publishes its own Community Privacy Policy.

Global Privacy Policy

The Global Privacy Policy is specified in Appendix C of the Global Services Specification at http://gss.xdi.org.

Community Privacy Policy

In addition to inheriting the Global Privacy Policy, @fullXRI defines the following Community Privacy Policy:

Collection of Information

@fullXRI collects and reveals only the minimum information possible to provide the desired service.

We collect Personally Information, like names, postal addresses, email addresses, etc., when voluntarily submitted by our visitors. The information you provide is used to fulfill your specific request. This information is only used to fulfill your specific request, unless you give us permission to use it in another manner, for example to add you to one of our mailing lists.

Unless you give us permission, we will not share your Personal Information with third parties except as necessary to fulfill its governance and development responsibilities. The categories of third parties that might receive Personal Information from us for these purposes include our contractors and consultants, the affected i-brokers or Global Service Providers, law enforcement agencies, arbitrators, and parties to litigation. We will not use, sell, rent, or otherwise disclose Personal Information for marketing purposes without your permission.

Web Site

This web site may use cookie and tracking technology depending on the features offered. Cookie and tracking technology are useful for gathering information such as browser type and operating system, tracking the number of visitors to the Site, and understanding how visitors use the Site. Cookies can also help customize the Site for visitors. Personal Information cannot be collected via cookies and other tracking technology, however, if you previously provided Personal Information, cookies may be tied to such information. Aggregate cookie and tracking information may be shared with third parties. We use log files, as most website servers do, to record certain technical information about visits to our website, including the IP address and the DNS name of the access provider (such as your Internet Service Provider), the type of browser used, referring and exit pages, platform type (where available), a date and time stamp, and possibly the number and sequence of pages visited. Unless your IP address or associated DNS name identify you specifically, none of this information reveals who you are, and we do not link it to other data in an effort to discover the identity of a site visitor. @fullXRI staff and consultants use this information solely to administer the site, analyze trends, and track the use of the site in the aggregate so that we can make improvements to better meet user needs. Any log data that we publish, such as the total number of hits or users in a given period, is disclosed only in an aggregate form that does not reveal Personally Information.

Distribution of Information

Distribution of Information: We may share information with governmental agencies or other companies assisting us in fraud prevention or investigation. We may do so when: (1) permitted or required by law; or, (2) trying to protect against or prevent actual or potential fraud or unauthorized transactions; or, (3) investigating fraud which has already taken place. The information is not provided to these companies for marketing purposes.

External Links

@fullXRI websites may contain links to websites operated by other parties. @fullXRI does not control those external websites and cannot be responsible for their privacy practices.

You are free to create a link to this website from another website or document, but you agree to remove any such links upon our request.

Email

Please use discretion in sending email messages to @fullXRI staff or role accounts (such as "postmaster"). @fullXRI will endeavor to store, use, and disclose email only as needed to answer your requests and perform our oversight, administrative, standards-development, and educational functions. But electronic mail is not a reliably secure medium of communication, and @fullXRI cannot guarantee the confidentiality of email messages in transit or stored on the servers of ISPs, employers, or others to whom emails may be manually or automatically routed and who are outside the direct control of @fullXRI. If you feel a message is particularly sensitive, you might consider sending it from a private email account or device, addressing only known individuals, and perhaps protecting the contents by using a strong public key encryption technology such as PGP.

I-Names and I-Numbers

A key purpose of XRI technology is to allow i-name or i-number registrants to control the sharing of their contact details and other Personal Information with others. XDI.org and OASIS have developed standards and specifications to enable this privacy-enhancing technology, but it is implemented through i-brokers or other XDI service providers that have their own commercial relations with i-name and i-number registrants. XDI.org is the community governance authority for a set of global i-name and i-number registries offered to the public as XDI Global Services. These global public registries are operated by contractors to XDI.org called Global Service Providers. Neither XDI.org nor Global Service Providers collect registration information directly from global i-name or i-number registrants. These registrations are performed by i-brokers accredited by a Global Service Provider to i-broker accreditation standards determined by XDI.org. When you register a global i-name or i-number with us as an accredited i-broker, you will be asked to provide the information that you want listed in the global public registry, such as a pointer to your current i-broker and an account authentication credential such as a password. You may also be asked to provide certain information that will not be listed in the global public registry but will be stored only by us as your i-broker, such as your true identity and (where applicable) affiliation, your contact and payment details, and possibly other relevant information that would allow us to confirm your identity when you make any requests to change, transfer, or terminate your registration, directory listing, or other services.

Notice regarding children

Our websites and email discussion lists are not designed for children, and we do not monitor postings or communications among participants in discussion groups for content that would be inappropriate for minors. We do not encourage the registration of i-names by minors without the permission and participation of a parent or legal guardian, established to the satisfaction of the relevant @fullXRI. We will not knowingly communicate with a child under the age of 13 without parental permission.

Code of Fair Information Practices

@fullXRI honors the following Code of Fair Information Practices:

1. Purpose and collection limitation: Personal Information should be collected by fair and lawful means, preferably with the knowledge of the individual, and it should be used and disclosed only for legitimate, announced purposes.
2. Data quality and accuracy: The personal Information collected should be relevant, complete, and not excessive for the intended purpose. The information should come from reliable sources. The information should be kept as accurate and up-to-date as needed for the intended purposes, and it should be retained no longer than needed for those purposes.
3. Notice and awareness: Individuals normally have a right to know when Personal Information about them is being collected, stored, used, or disclosed to others. They should be told what kinds of information are collected, who has access to it, how it will be used, how it will be protected, and what options they have with regard to its collection and use.
4. Choice and consent: Individuals should be given choices, wherever feasible, as to what Personal Information is collected and how it is used. To illustrate, there are legal and business requirements as to what information must be collected, stored, and disclosed to banks or intermediaries when they order a service and pay for it by credit card, but further use of some of those personal details (for example, to create a marketing mailing list) should be subject to an opt-in or opt-out choice by the individual.
5. Access and objection: Individuals should be given a reasonable opportunity (a) to review the information that has been collected about them, (b) to challenge its accuracy or completeness, and (c) to object to its further processing.
6. Security: The Personal Information should be protected at all times by appropriate technical and organizational security safeguards to prevent loss or misuse, destruction or alteration of the data, or unauthorized access or disclosure. (Note that OASIS standards and XDI.org Global Services Specifications may prescribe particular security measures for certain XRI or XDI functions, but this general principle applies in all cases where Personal Information is handled.)
7. Accountability, enforcement, and recourse: Organizations that handle Personal Information should appoint responsible persons to develop privacy and security policies, train relevant staff and contractors, and take appropriate steps to ensure that their privacy and security policies are effective and enforced. They should provide contact points for questions and complaints by individuals and ensure that there is some practical form of recourse and redress for persons injured by privacy lapses or abuses.

Contacting us about Personal Information

Please go to our website at http://www.fullxri.com to make change, transfer, or termination requests with respect to your i-name registration and global public registry entries. To review, correct, or ask for the deletion of any Personal Information that we may have, please contact us at @fullXRI/(+contact), or email us at support@fullxri.com. We may ask for additional information to verify your identity and to facilitate our search for relevant data, which we will do to the extent it is indexed or reasonably searchable by name or i-name.

Please also contact us to report any privacy policy concerns or suspected violations. We will correct any errors on our part, notify third parties that obtained relevant data from us concerning any necessary corrections or deletions, and try to reach a reasonable accommodation with you with respect to any unusual privacy concerns you might have

Conformance

@fullXRI assures that this Privacy Policy is in conformance with the XDI.org Global Privacy Policy.