Privacy, Security, and Compliance

Privacy Policy

Lean about how we handle the information on our website.

Security

We are committed to making sure that your information remains confidential and. Here you can learn more about that process

Compliance

Get access to our compliance documentation.

Privacy Policy

What Information do we collect?

We collect information when you fill out a form.

When ordering or registering on our site, as appropriate, you may be asked to enter your: name, e-mail addresses, mailing address, phone number.

What do we use your information for?

Your information helps us to more effectively respond to your customer service requests and support needs.

To send periodic emails

The email address you provide for order processing, may be used to send you information and updates pertaining to your order, in addition to receiving occasional company news, updates, related product or service information, etc.

Note: If at any time you would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email.

How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.

We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Database to be only accessed by those authorized with special access rights to our systems, and are required to keep the information confidential.

After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be kept on file for more than 60 days.

Do we use cookies?

We do not use cookies.

Do we disclose any information to outside parties?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Third party links

Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Childrens Online Privacy Protection Act Compliance

We are in compliance with the requirements of COPPA (Childrens Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.

Online Privacy Policy Only

This online privacy policy applies only to information collected through our website and not to information collected offline.

Your Consent

By using our site, you consent to our privacy policy.

Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page.

Security

Collaborative, Integrated Approach for Confidence and Peace of Mind

The financial services marketplace is characterized by increasingly sophisticated security breaches, heightened regulatory oversight and complex compliance requirements. That’s why Harland Clarke is committed to securing the confidential information that your financial institution and your account holders entrust to us.

Security is a core competency for us and our integrated approach, comprised of several critical elements, considers every point of potential risk.

In-house Oversight, Visibility and Control

Careful oversight of our security function takes place in-house and is an integral part of both our corporate culture and our day-to-day business. Additionally, we have visibility and control over the entire supply chain in terms of data protection – from other Harland Clarke Holdings Corporation companies with which we collaborate, to every vendor we engage.

Documented Information Security Management Program

Our program combines physical and logical control measures and uses a risk-based, layered security model to provide end-to-end protection of confidential information. Controls are consistent with the comprehensive requirements defined in ISO/IEC 27002:2013, an information security standard published by the International Standards Organization.

PCI Certification

Harland Clarke Card Services maintains Payment Card Industry Data Security Standard (PCI DSS) certification. Solutionary®, a third-party Qualified Security Assessor, conducts the periodic assessments required for this certification.

Audits and Assessments

As a critical security vendor, we understand the need to ensure compliance and regulatory requirements are met. Our external auditor performs both SOC1 and SOC2 Type 2 audits, and these reports are available to our clients upon request. We also conduct ongoing vulnerability assessment and penetration test scanning, and offer onsite reviews for clients who are required to validate our control frameworks.

Annual Disaster Recovery Test

We conduct an annual assessment of critical systems recoverability throughout our facilities and maintain a disaster recovery plan. In addition, executive management annually reviews and makes critical updates to our corporate business continuity plan.

Integrated Security Strategy

Our collaborative approach links the four elements of security — physical security, information security, business continuity and compliance — to provide a greater understanding of the implications of security practices across our organization.
If you are an existing client, please contact your Harland Clarke account executive to receive compliance documentation.

All marks are the property of their respective owners.

Compliance

Harland Clarke understands your compliance expectations and visibility requirements. As a trusted adviser to your financial institution, we help you meet your vendor compliance requirements, including SSAE 16 audits and due diligence responses, among others.

Access to Harland Clarke’s compliance documentation is for our existing clients only. Please contact your Harland Clarke account executive to receive the following:

  • SSAE 16 Report
  • IT Disaster Recovery Exercise Report
  • Penetration Test Executive Report
  • Current Harland Clarke Privacy Statement (Signed)
  • FACTA Compliance Statement
  • Harland Clarke Holdings Corp. Information Security Program Statement
  • Harland Clarke Information Security Policy Quick Reference Sheet
  • Harland Clarke Sensitive Information Security Statement