Welcome to the Privacy Resource Center

The following information is being made available for your education and reference purposes. We hope you find it helpful and informative as privacy and data security are important to all of us. Here’s what you can learn about in this Resource Center:

1. General Security Practices
2. Cookies
3. Interest-Based and Online Behavioral Marketing
4. Bluetooth beacons
5. Mobile Devices and Location Services
6. Scams
7. Identity Theft
8. Canadian specific resources
9. European specific resources

 

1. General Security Practices.

It is a good general practice when using any website to take the following pre-cautions:

• Protect your username and password. Never share them with others and use different and complex passwords for each account. Consider using a commercially available Password Locker or Vault to generate and store your passwords.
• Keep your Anti-Virus software up to date.
• Apply Software security patches by going to the vendor’s website.
• Lock your computer screen when you leave it.
• Be prepared and be aware, particularly of phishing attacks. Learn more about data security and phishing attacks in Section 6 below and at the FTC’s Identity Theft and Data Security website.
• If applicable, enable encryption on your computer’s hard disk. Apple® computers come with encryption turned on. You need to enable Microsoft Windows' encryption called Bitlocker.
• Use multi-factor authentication services where available. These are services that add another layer of security. In addition to your password, “something you know”, these services require “something you have”, often a unique id that is present to you on your phone or another device.
• When shopping or providing sensitive information, make sure the website is using secure connections indicated by “HTTPS” versus “HTTP” in the URL.
• Understand how websites will use your data and the choices that are available to you by reading the site’s privacy statement.

Other public online safety resources:

• Stay Safe Online Shopping (National Cyber Security Alliance)
• You Are Here (FTC)
• How to Shop Online More Safely (AARP)
• Safeshopping.org (American Bar Association)
• Tips for Shopping Safely Online (Better Business Bureau)

 

2. Cookies:

Cookies are pieces of information that are transferred from Web sites to your computer’s hard drive and they may serve a variety of purposes. Web beacons, flash cookies and other similar technologies may also be used for these purposes. For example, cookies “remember” you when you return to a web site and make your experience more user-friendly. Cookies identify which web pages are visited and how often. Cookies are also used to allow companies to better understand how their Web sites are used to improve their services.

Types of Cookies, how they are used and 
The potential impact if disabled.

Cookie Type	Purpose	Potential impact if disabled
Session Cookies	Used to support website functionality	Access to website content and features may be limited
Preference Cookies	Used to remember user preferences from one visit to the next	Preference will need to be reset on each visit to the website. This may also disable the ability have websites “remember” you at time of login
Advertising Cookies	Used to serve you advertisements that may be relevant to you and your interests	Access to website content and features may be limited
Security Cookies	Used as a component of a website’s general security and user authentication processes	Access to website and features may be limited

 

How to disable or delete cookies

If you want to prevent your browser from accepting cookies, if you want to be informed whenever a cookie is stored on your computer or if you want to delete cookies from your computer, please make the necessary changes in your Internet browser settings, typically under the sections “Help” or “Internet Options”. See links below:

• Internet Explorer: //windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-9
• FireFox: https://support.mozilla.org/en-US/kb/delete-cookies-remove-info-websites-stored
• Chrome: https://support.google.com/chrome/answer/95647
• Safari: https://www.apple.com/legal/privacy/en-ww/cookies/

If you disable or delete cookies in your Internet browser settings, you might not be able to access important functions or features, you will be required to re-enter your log-in details and your use of the Website may be limited.

Please note that if you clear all cookies on your browser, or use a different browser or computer, you will need to complete the opt-out procedure again.

To opt out from flash cookies, please click here: //www.adobe.com/privacy/opt-out.html.
 

3. Interest-Based and Online Behavioral Marketing

Advertising Brokers

Cookies enable companies to market products and services and deliver targeted advertising to you. You can opt-out of receiving personalized ads from third party advertisers and ad networks using the opt-out features at Digital Advertising Alliance or the Network Advertising Initiative . AdChoices, indicated by the  icon is an example of a service some websites offer to assist in managing Interest-Based advertising choices.

If your browsers are configured to reject cookies when you visit these pages, or if you subsequently erase your cookies, use a different device or change web browsers, your opt-out may become ineffective and may need to be repeated.

Website Analytics

Websites use tools to track and manage website traffic. Google Analytics is a commonly used tool for this purpose. Individuals may opt out of Google Analytics tracking by visiting https://tools.google.com/dlpage/gaoptout.

Note: If your browsers are configured to reject cookies, or if you subsequently erase your cookies, use a different device or change web browsers, opt-out elections may become ineffective and may need to be repeated.
 

4. Bluetooth beacons

Bluetooth beacons transmit a low-power signal that can be received within short distances by nearby Bluetooth-enabled mobile devices and recognized by apps a smartphone user has downloaded. Beacons only broadcast signals, and don’t collect any data. With the user’s permission, an app on a device can use the beacon’s signals to know when the mobile device is close to the beacon.

 

5. Mobile Devices and Location Services

Mobile devices offer access to many features including applications developed for specifically for mobile devices and direct access to the internet via browsers. These devices also provide additional services including location services which broadcast your location and notifications services that allow you to receive messages. You can disable the GPS locator or push notifications on your mobile device via your device settings.

Learn more about mobile devices and location services .

 

6. Scams (If it sounds too good to be true, it probably is a scam)

Phishing: When scammers send legitimate-looking emails to illegitimately gather personal and financial information. The emails look just like a legitimate email including use of the company logos. If the customer falls for the bait, the thief could get credit card numbers, PINs, account passwords, expiration dates, credit card/bank account numbers and even Social Security numbers. Don’t click on links in emails unless you’ve requested the email or somehow otherwise know it is real. Learn more about phishing.

Vishing: Vishing is like "phishing" but uses done using a phone (baiting people by voice instead of email. Scammers pose as a known retailer or bank. They often call saying they need to verify information on file asking the individual to provide their personal information.

Don’t provide sensitive information over the phone when asked, instead contact the company directly at a number you find on a statement of on their website. Don’t call a number you are provided over the phone. Learn more about vishing.

Smishing: In these scammers use text messages, called "SMS" messages, instead of emails or phone calls. They have been seen with messages of winning a contest. Learn more about smishing.

 

7. Identity Theft

Steps to consider in protecting yourself against fraud and identity theft:

1. Learn more about Identify Theft and visit the FTC Identity Theft Resources.

2. Review your account statements regularly. Carefully review your bank, credit card, and other account statements every month to ensure that all of your account activity is valid. Report any questionable charges promptly and in writing to the card or account issuer.

3. Review your credit report from time to time. Obtain and review your credit report periodically to ensure that all your information is correct. You can obtain a free credit report once per year by visiting http://www.annualcreditreport.com or by calling 877-322-8228. Carefully reviewing your credit report can help you spot problems and address them quickly. If you have any questions about your credit report or notice any inaccuracies, contact the relevant consumer reporting agency promptly at the telephone number listed on the report.

4. Create a fraud alert. Consider placing a fraud alert on your credit file. The fraud alert prompts creditors to contact you before opening any new accounts or increasing credit limits on your existing accounts. You can place a fraud alert on your credit file by contacting one of three consumer reporting agencies listed below. You need to contact only one of the three agencies in order to create the alert; the agency you contact is required by law to contact the other two. You will receive confirmation letters in the mail and then will be able to order a credit report from each of the three agencies, free of charge. The fraud alert will remain in your credit file for at least 90 days.

Equifax P.O. Box 740241 Atlanta, GA 30374 800-525-6285  www.equifax.com

Experian P.O. Box 9532 Allen, TX 75013 888-397-3742  www.experian.com

TransUnion P.O. Box 6790 Fullerton, CA 92834 800-680-7289  www.transunion.com

8. Canadian specific resources:

• Digital Advertising Association (Canada)
• Canadian Standard Association (CSA) Model Code for the Protection of Personal Information

 

9. European Union specific resources:

Effective as of May 25, 2018 the EU General Data Protection Regulation (GDPR) will replace the currently applicable EU Data Protection Directive and it will override existing EU national privacy laws. The GDPR will require new or additional obligations on all companies that handle EU citizens’ personal data, regardless of where the companies themselves are located. These regulations will only apply to Staples’ the following affiliated companies: Makr, Marke Creative and to a certain extent, Staples Promotional Products.

GDPR affords EU and EA citizens additional protections. For example, you can request from us the following information:

• whether and why we have your personal information;
• how we got your personal information;
• what we have done with your personal information;
• to whom we have communicated your personal information;
• where your personal information has been stored, processed or transferred;
• how long we will retain your personal information, or how that retention period will be determined; and
• the safeguards in place to protect your information when it is transferred to third parties or third countries.

For more information on GDPR, see: Official text of the EU General Data Protection Regulation (GDPR)

 

Legal Disclaimer - This website is provided for informational purposes only and should not be considered as a contractual commitment or legal advice.

What has changed:

May 25, 2018

Initial version of the Information Security and Privacy Resource Center