As part of the Comodo pledge
to our customers, we recognise and respect your right to privacy.
privacy practices employed in the provision of Comodo's products,
services and website.
Questions relating to this policy
statement should be directed towards the Comodo support team
Postal: Comodo TrustLogo Support, PO Box 229, Bradford, BD7
policies stated within the Subscriber Agreement (and associated
product Schedules), Relying Party Agreement and Comodo Certification
Practice Statement (CPS). Please refer to these documents
for the practices employed by Comodo for the issuing, management
and revocation of certificate based products.
Comodo do not collect any information
on customers without consent. As part of the service offerings,
customers will be prompted for information when enrolling
for a certificate, downloading a product or requesting further
information. No information is collected about a customer
if just browsing the website.
When enrolling for a certificate,
customers will be required to provide certain information
as per the requirements for the certificate product type.
The exact informational requirements are set out in the relevant
Subscriber Agreement and associated schedules and listed in
the Comodo CPS. Some of the submitted details will be displayed
within the certificate and as a result will be publicly available.
Details that will become public are clearly stated as 'public'
in the enrolment process, Subscriber Agreement and associated
When downloading a Comodo product,
such as the TrustToolbar Plug-in, you will be required to
submit personal information as specified on the download page.
This information will be used by Comodo to contact the customer
about the services on our site for which they have expressed
interest, including product updates and associated promotional
material. It also aids Comodo in providing improved global
services by collating general demographic information. Please
refer to the opt-out policy described later in this policy
Comodo provides the ability to request further information
or ask questions to the support team by displaying email links
throughout the website. If a customer elects to use such links
they may be requested to provide additional information depending
on the nature of the contact. Typically, such additional information
may include further contact details, and in the case of technical
support, additional information about the customer's PC configuration
may be required to aid a prompt a accurate response to the
A cookie is a piece of data stored
on a computer's hard disk containing information about the
internal marketing campaigns and within the use of the Referrer
programs. Such cookies contain no personally identifiable
not exercise any access or control of such cookies.
Comodo use log files comprising
of IP addresses to analyse trends, administer the site, track
movements throughout the site, calculate the number of document
and file downloads, and gather broad demographic information
for aggregate use. IP addresses are not linked to personally
Comodo will share aggregated demographic information with
our partners. This is not linked to any personal information
that can identify any individual person.
The Comodo website contains links to external websites. Comodo
is not responsible for the privacy practices of such other
sites. This privacy statement applies solely to information
collected by this website. Comodo have no control over the
accuracy of information displayed by such websites.
This website takes every precaution
to protect our customer's information. When customers submit
sensitive information via the website, such information is
protected both online and off-line.
During certificate enrolment,
where sensitive information is required, the transmission
of information is encrypted and protected using Secure Sockets
Layer (SSL). This includes the submission of any payment information
such as credit card details.
Comodo use SSL encryption to
protect sensitive information online and do everything in
our power to protect user-information off-line. All of our
customer's information, not just the sensitive information
mentioned above, is restricted in our offices. Only employees
who need the information to perform a specific job (for example
billing administration or the development team) are granted
access to personally identifiable information. Our employees
must use password-protected screen-savers when they leave
their desk. When they return, they must re-enter their password
to re-gain access to customer information. Furthermore, ALL
employees are kept up-to-date on our security and privacy
practices. Every quarter, as well as any time new policies
are added, our employees are notified and/or reminded about
the importance we place on privacy, and what they can do to
ensure our customers' information is protected. The servers
that we store personally identifiable information on are kept
in a secure environment, behind a locked cage. The cryptographic
keys used to issue certificates are maintained in the secure
environment of FIPS-140 level 4 accredited IBM 4758 crypto
In order for Comodo to properly
fulfil its obligation to our customers, it is necessary for
us to supplement the information we receive with information
from 3rd party sources.
For example, prior to the issuance
of some certificate types Comodo may use the WHOIS database,
Government sourced companies house database or Dun & Bradstreet
company lookup information to validate the accuracy of supplied
data. This is an integral aspect of the service provided by
Established customers will occasionally
receive information on products, services, special deals,
and a newsletter. Out of respect for the privacy of our customers
we present the option not to receive these types of communications.
We also send the user service announcement updates. Customers
are not able to unsubscribe from service announcements, which
may contain important security information about the service.
If a customer's personally identifiable
information or certificate specific information changes they
may update the original information provided. Changes can
be made by logging into the Members area and using the services
provided in the Manage Account section.
Customers are given the opportunity to 'opt-out' of having
information used for purposes not directly related to the
Comodo service offering at the point where the information
is requested. For example, all certificate enrolment and product
downloads has an 'opt-out' mechanism so customers who buy
a product from us, but would prefer not to receive any marketing
material, can request to have their email address kept off
of our lists.
If customers no longer wish
to receive our newsletter or promotional materials from our
partners, they may opt-out of receiving these communications
by emailing Comodo at firstname.lastname@example.org
Customers of our site are always
notified when their information is being collected by any
outside parties. We do this so our customers can make an informed
choice as to whether they should proceed with services that
require an outside party, or not.
Access to all issued certificates
is provided through the Comodo public repository. Because
of the nature of the service provided, there may be circumstances
under which a certificate is revoked (cancelled). Furthermore,
as the lifetime of all certificates is finite (lasting usually
1 year), certificates will expire.
Comodo still provides public
access to both revoked and expired certificates to ensure
a party relying on the certificate may still be able to retrieve
the certificate and verify a signature made with the certificate.
Such certificates are flagged as revoked or expired within
By using our Web site, customers
consent to the collection and use of this information by Comodo
Limited. If any subsequent changes are made to our privacy
policy, we will post those changes on the policy update page
so that customers are always aware of what information is
collected, how it is used and under what circumstances it
may be disclosed.