Organization Information:

RSA Security, Inc.
174 Middlesex Turnpike
Bedford, Massachusetts 01730
Phone: 781-515-5000
Fax: 508-293-7189
http://www.rsa.com

Contact Information:

Contact Office: RSA Security, Inc.
Contact Name: Christopher R. Dollase, Senior Counsel
Phone: 781-515-5507 Fax: 508-293-7189 Email: chris.dollase@rsa.com

Corporate Officer Information:

Corporate Officer: Paul T. Dacier, Executive Vice President
Phone: 508-435-1000 Fax: 508-293-7189 Email: dacier_paul@emc.com

Safe Harbor Information:

Signed up to safe harbor 07/02/2008 12:28:26 PM
Next certification 07/02/2010
EU/EEA Countries From Which Personal Information Is Received: Austria, Belgium, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, Switzerland, United Kingdom
Industry Sector: Computer & Peripherals - (CPT)
Personal Information Received From the EU: RSA may collect or receive and process certain personal information from:

1. RSA’s customers, RSA’s customer’s clients, business partners, or as a result of the performance by RSA of certain data processing services on behalf of its customers.

The types of information include:

(a) information voluntarily provided by customers or business partners; and

(b) information received from, and/or in relation to, certain natural persons in the performance by RSA of those data processing services on behalf of its customers (which natural persons are referred to herein as “End Users”).

This information may include name, address, phone number, e-mail address, user IDs and password, contact preferences, billing and transaction information, and credit card and other financial information.

2. RSA’s employees and candidates for employment (human resources data) in connection with implementation and administration of its human resources programs and functions.

RSA will not sell, trade or lease any personal information described under (1) and (2) above to others or use the data for purposes other than that for which the data was collected, received, or otherwise processed by RSA.

RSA contracts with third party service providers and suppliers in connection with: (i) the delivery of customer solutions (including data processing services provided by RSA to its customers); and (ii) implementation and administration of human resources programs. RSA may share personal information about customers, business partners, End Users, employees and applicants for employment with its service providers and suppliers for the sole purpose and only to the extent needed to provide the service or support for which the personal data was provided. Third parties receiving personal information from RSA are expected to apply the same level of privacy protection as RSA and are prohibited from using the data for any purpose other than providing the service or support required by RSA.

RSA's policy on the treatment of personal data is based upon adherence to the U.S. Department of Commerce's safe harbor privacy principles.
Privacy Policy Effective: June 27, 2008
Location: http://www.rsa.com/node.aspx?id=2470
Regulated by: Federal Trade Commission
Privacy Programs: Not applicable.
Verification: Self-Assessment
Dispute Resolution: EU Data Protection Authorities - For unresolved issues involving human resources data being transferred from EU member to the U.S. JAMS - For unresolved issues involving personal data (other than human resources data) being transferred from EU member countries to the U.S.
Personal Data Covered: All
Human Resource Data Covered: Yes

Do you agree to cooperate and comply with the European Data Protection Authorities? Yes

Certification Status: Current
Compliance Status:

Safe Harbor Overview | Safe Harbor Documents | Workbook | Safe Harbor List
Information Required for Certification | Certification Form