The Worst Cell Phone Bill in Americatm WirelessGus can save $1,493.11
Login:   forgot password?    join now



View A Sample Report
Validas Privacy Policy

Last Updated: Monday August 20, 2008
TRUSTe Privacy Seal

VALIDAS VALUES YOUR PRIVACY
Validas, Inc is a licensee of the TRUSTe Web Privacy Seal Program. TRUSTe is an independent, non-profit organization whose mission is to build user’s trust and confidence in the Internet by promoting the use of fair information practices. This privacy statement covers the Web site www.myvalidas.com. Because this Web site wants to demonstrate its commitment to your privacy, it has agreed to disclose its information practices and have its privacy practices reviewed for compliance by TRUSTe.

If you have questions or concerns regarding this statement, you should first contact Todd Dunphy at If you do not receive acknowledgement of your inquiry or your inquiry has not been satisfactorily addressed, you should contact TRUSTe at http://www.truste.org/consumers/watchdog_complaint.php. TRUSTe will then serve as a liaison with us to resolve your concerns.

VALIDAS, Inc. recognizes the importance of protecting the privacy of all information provided by visitors and users of our web site, subscribers to our newsletters, registrants for our events, recipients of our e-mail newsletters and all other customers of our products and services. We created this policy with a sincere respect for our customers' right to privacy and to guide our relationships with our customers. This Privacy Statement discloses the privacy practices for all products and services owned by Validas, Inc. A current list of our publications, web sites, online webcasts, newsletters and trade shows can be found at www.myvalidas.com

Frequently Asked Questions
SECURITY
  1. How have you instituted audit trails to know who is accessing data within your organization?
    Logging is enabled on the database server and the database itself to provide a trail of who accesses the database and what was done while the user accessed the database.
  2. How will you know who is accessing data outside of your organization?
    All logins to the database server and the database are logged. All database transactions are also logged within the database. Currently only Validas’ CTO has access to the database server and the database itself. Support technicians at Rackspace, Validas' server host provider, http://www.rackspace.com/information/legal/privacystatement.php , also have administrative access to the server that hosts the Validas Database for maintenance and support reasons. Rackspace representatives do not have access to the actual Validas database located on the server.
  3. What is your password methodology and how will you ensure and verify your customers if their password is lost?
    We do not require or have any password requirements. The reason we do not have any password requirements is because we do not show or allow a user to access any personal information that we store in our database. The website does not allow any users to access any personal information we associate with a user’s username within our database. The association is only within the database for our programs internal usage. We also do not allow the user to change their password. Should we decide at a later date to offer access to user information we will require users update/register using strong passwords which must include an uppercase, lowercase, and a symbol or number in the password. The password will be checked upon creating or when a user updates their password.
  4. Will you use multi-factor authentication, user name, password, answering questions?
    We only use username and password for authentication. We do not have profiles or show the user any information we store or collect about a user. A user account is only created to register a mobile number with that user account so we can ensure users do not abuse our service and only upload a bill that is associated with the user’s login username.
  5. What security mechanisms will cover transmission within and outside your organization to third parties? And the data at rest on your server and the servers of your partners?
    A Cisco firewall protects our Web server and Database server from the outside internet. The firewall does not allow access at all to any external traffic to the database server. Only http, and https access is granted to the web servers to the outside world. No customer data is stored on the web servers. Any external transmission of data to third parties will be secured by a 128 bit SSL certificate.
  6. How will access to sensitive data be revoked if employees change jobs?
    If a user that has access to the database server changes jobs the users login to the database as well as the database server itself will all be removed the same day the employee leaves Validas. All other accounts that remain and have access to the database server and the database will also be required to change their passwords that same day to ensure no other logins are compromised.
  7. How often will your passwords be changed?
    Access to the server that contains the Validas database requires passwords be changed every 90 days and that passwords cannot be the same as the previous 6 passwords. The passwords are also required to be strong passwords containing an uppercase, lowercase, and a symbol or number in the password.
  8. What restrictions are in place to control the merging of the sensitive data with unprotected data?
    We consider all our data sensitive and take every precaution to avoid displaying that data unless it is the user that requests their data. We currently do not have a process in place to control the merging of data other than what requirements the user has to view the data and what we are willing to store/display to the user.
  9. What mechanism is in place that allows customers to access their information in order to verify that the data is accurate?
    We do not allow the customer to access any of the information we store within our database.
DATA FLOWS
  1. How will the information from your customers be received? How will it be protected in transit?
    The bill will be protected using an SSL certificate from Comodo, http://www.instantssl.com for secure communication between the client’s computer and Validas’ servers. Will it be encrypted? Yes, the entire upload transaction will be encrypted with 128 bit encryption. How will it be protected when it is on your website? The user’s bill is saved to a secure folder on our web server. The bill is stored until it is deleted by an automated process. Only the computer account that runs the website, the CEO, CTO and President of Validas have access to the folder that stores the bills. All other users are denied access to this folder. Web site users do not have access to this folder.
  2. What collected customer information will be moving intra-departmentally or intra-personally or through to outsourced organizations?
    Validas will not be moving customer information outside of the Validas database. We will not sell or offer personal information to any third party organizations.
  3. Who in your organization will have access to the sensitive information?
    Only the Chief Technology Officer, CEO and President will have access to the customer information stored within the Validas database.
  4. Will there be audit trails of accesses to a customer's wireless billing statement and other data?
    The only audit trails of access to a customer’s wireless bill will be a record of who logged into the database, what changes were made by that person and when the user logged into the database server. With regards to the customer’s wireless billing statement, Validas will not be retaining the customer’s wireless bill. The customer’s bill will be deleted from our servers immediately after Validas is done processing the user’s bill.
  5. Will the services be entirely automated and no person will see the customers' wireless invoice?
    Yes, the process is entirely automated and no one will see the customer’s wireless invoice.
  6. Exactly what information will be moving from Validas to third parties? (Merchant accounts?)
    If a customer chooses to pay Validas by credit card, Validas will provide a form for the customer to fill in their credit card information and the customer’s name, address, city, state, and zip code. Validas does not store any of this information and only uses it to pass along to PayPal and Google Checkout. If the customer chooses to pay via PayPal Express Checkout or Google Checkout the user will be transferred to the respective website and the users credit card information and personal information will be provided directly on PayPal or Google’s website and not on Validas’ website.
  7. What information will Validas be receiving from third parties?
    Validas will be receiving carrier plan information, credit card processing results and the user’s wireless bill.
WHO WILL BE COLLECTING INFORMATION?
  1. Under what circumstances will you be collecting information?
    We collect information when a user uploads their bill, when signing up for our service, when paying for our service, when a user opts to provide additional feedback about our website/services we provide, and when a user opts to provide their email address for notifications. We also collect information to provide users specific marketing according to data retrieved from your bill; again we do not share or sell your personal information unless as described in this privacy statement.
  2. Exactly what information do you need to execute your service?
    We collect information from the user’s bill to validate the user’s bill and provide recommendations for potential savings. We also require billing information for payment of our service. We do not store any billing or credit card information.
  3. Will you be collecting information that you don't need to perform the services?
    The information we collect that we do not need to perform our services include customer feedback, customer posted stories/blogs entries, and wireless bills of carriers that we don’t service yet (opt in).
  4. How is each class of data going to be used?
    All data collected is only going to be used to generate historical reports for only the user to view. We will not be outsourcing any of our operations nor will we be selling any of our customer’s information that we collect. Some of the more personal information is also encrypted before we store it. Only our program can decrypt the data once the user requests to view the encrypted data.
  5. Will you be deleting the billing statement after the bill is uploaded?
    Yes, an automated process automatically deletes the bill shortly after it is uploaded. How will the documents be protected when at rest? The bill is stored in a secure folder behind our firewalls.
INFORMATION SHARING
  1. What organizations will you share or transfer customer information, i.e. Merchant accounts, credit card processors?
    We will be sharing customer credit card information and the customers billing address with PayPal and Google. We will not be providing any other customer information with any other third parties.
  2. How will you accept payment?
    We will accept payment via Visa, MasterCard, Discover, AMEX, PayPal and Google Checkout.
  3. Who will be your merchant account processor? How will they be compliant with FCT standards, etc.?
    Our merchant account is setup with PayPal. PayPal’s privacy policy can be found here: http://www.paypal.com/cgi-bin/webscr?cmd=p/gen/ua/policy_privacy-outside
  4. What choices are available to your customers regarding the control of collection, use and distribution of their personal information?
    We do not allow the user any control. We will not distribute any private information to any third parties. Also the user must opt-in for our service and by doing so they consent to the collection of any data we need to provide our service.
  5. How will you guaranty that the information that your customers provide to you for the purpose of credit card transactions for your service or the Validas billing statement only be used for the purpose for which it was collected?
    We do not store any credit card information or our customers billing address information so we will never use that information for anything other than charging them immediately after the information is entered into our payment form.
  6. Will you guarantee that customer information will be protected if Validas is purchased by another company?
    Validas cannot guarantee that customer information will be protected if Validas is purchased by another company due to the purchasing companies potential policies that may be in place at the time of purchase of Validas. That being said Validas will follow this entire policy while Validas owns itself.
Expanded Privacy Policies

COLLECTION AND USE OF YOUR INFORMATION
VALIDAS, INC collects information from our website users, subscribers and other customers. In this section of our Privacy Statement, we describe the type of information we collect and how we use it to provide better services to our customers.

Registration and Ordering
When signing up for services you will be asked to register. During registration, you will be required to give contact information (such as name, e-mail address, mailing address and phone number). For internal purposes, we use this information to communicate with you and provide requested services, and, for our website visitors, to provide a more personalized experience on our sites. We use such information to improve our services to you.

For our services that require payment (products and subscriptions), we also collect credit card information (such as account name, number, address, expiration date and the code on the back of your credit card), which is used for our or our agent's billing purposes only, and is not ever otherwise shared except for processing with our bank.

Referral Information
If you choose to use our referral service to tell a friend about our site, we will ask you for your friend’s name and email address. We will automatically send your friend a one-time email inviting him or her to visit the site. Validas stores [or does not store] this information for the sole purpose of sending this one-time email [and tracking the success of our referral program]. Your friend may contact us at to request that we remove this information from our database.

E-mail Newsletters
If users wish to subscribe to our e-mail newsletters, we ask for contact information (such as name, e-mail address) We use this information in the same manner as we use contact information in the registration and ordering process described above. Recipients of our newsletters can unsubscribe using the instructions listed at the end of the e-mail newsletter or by emailing us at

Surveys and Contests
From time to time we invite web site users and other customers to provide information via surveys or contests. Participation in these surveys or contests is completely voluntary and the website user or other customer therefore has a choice whether to disclose requested contact information (such as name and mailing address).

In addition to the other uses set forth in this policy, contact information collected in connection with surveys and contests is used to notify the winners and award prizes and to monitor or improve the use of, and satisfaction with our website or products or service. Subject to your preferences (as described in the "Permission" section below), such information may be shared with third party sponsors of such surveys or contests.

Interactive Features
At some of our sites, we offer interactive and community features such as discussion boards. Please note that all personal information sent or posted via such features becomes public information. We are not responsible for what is posted however we reserve the right to delete any offensive, hurtful or objectionable postings when we are made aware of such discussions.

Communications with Us
We have features where our customers can submit information to us (such as our feedback forms). Where such submissions include requests for service, support or information, we may forward them to our agents, as needed, to best respond to the specific request. In addition, we may retain e-mails and other information sent to us for our internal administrative purposes to help us to serve you and other better. Please note that letters to the editor and blogging may be made public.

Communications from Us: Service Updates, Special Offers
In order to best serve you, our customer, we may send updates that contain important information about our products and services. For example, we send new members a welcoming message, and verify password and username for our password-protected portions of our web site. We may also communicate with a customer to provide requested services and for account-related issues via e-mail, phone or regular mail. In addition to such service and product-essential messages, we offer our customers the option to receive information about our company, related products, services and special deals. Users, however, can choose not to receive these communications from us, as set forth in the "Permission" section below.

Automatic Data Collection Clarification
Our web site, from time to time has features that automatically collect information from customers, to deliver content specific to customers' interests and to honor their preferences. This information assists us in creating products and services that will serve the needs of our customers. We do not share that information with anyone outside of our company except those vendors who assist us in our products and services. Contractually they may not share your information with others.

For example, we use "cookies," a piece of data stored on your hard drive containing information about you as the user. Cookies benefit you by requiring login only once, thereby saving time while on our web site. If you reject the cookies, you may be limited in the use of some areas of our web site. For example, you may not be able to participate in contests. Additionally, we may note some of the pages the you visit on our web sites and via our email newsletters through the use of pixel tags (also called clear gifs) and web beacons. The use of cookies, pixels and web beacons enable us to track and target the interests of our users to enhance the experience on our sites and via our email newsletters. We do not share that information with third party marketers.

In addition, some of our business affiliates use cookies on our web sites, in ads or promotions. However, we have no access to or control over these business affiliates' cookies; we urge you to read their privacy policies for information.

We also use an email delivery and marketing company to send emails (including newsletters) for which you have registered (or otherwise agreed to receive). Cookies may be used in such email messages to help us measure the effectiveness of our advertising and how customers use our web sites and other products and services.

For our internal purposes only, we gather date, time, browser type, navigation history and IP address of all visitors to our web sites. We use this information for our internal security audit log, trend analysis and system administration, and to gather broad information about our user base.

We may combine information supplied by a customer at registration with web site usage data to learn more about users and their preferences in the content of the site. We may use this information to tailor services to your interests or to contact you. We do not disclose this information to third parties.

WITH WHOM YOUR INFORMATION IS SHARED
Other than with respect to our partners, and others who help us provide services (those who have a need to know such as (credit card processors) we do not share your information without your permission except if required by law. All sharing other than required by law or a court order is subject to the customer's preferences (as described in the "Permission" section below).

Other than as set forth above, we do not share personally identifiable information with other companies; apart from those acting as our agents in providing our product(s)/service(s), and which agree to use it only for that purpose and to keep the information secure and confidential.

If our company is merged or sold or if entities purchase our assets, products, sites or operations, they will be service you and have to use personal information. They will be subject to our privacy policies by agreement. If they choose to change the policies, they will need to provide notice to you in their own Privacy Policies.

We will disclose information we maintain when required to do so by law, for example, in response to a court order or a subpoena or other legal obligation, in response to a law enforcement agency's request, or in special cases when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference with (either intentionally or unintentionally) our company or the rights or property of our valued customers.

You should also be aware that courts of equity, such as U.S. Bankruptcy Courts, might have the authority under certain circumstances to permit personal information to be shared or transferred to third parties without permission. We may share aggregate information, which is not personally identifiable, with others.

CORRECTION/UPDATING PERSONAL INFORMATION
If information which you have submitted to us changes, or if you no longer desire our product(s)/service(s), we provide a way to correct or update your personal data: you may either contact Customer Support for the applicable product or service or, to change your preferences, complete the "Feedback" page as described in the "Permission" section below. If you find it easier, you may also send us an email at

PERMISSION
For those customers that are California residents, you may have additional rights, as described in the "Your California Privacy Rights" section below.

Please note that we will endeavor to implement your permission requests within a reasonable time, although for a time you may continue to receive mailings, etc., transmitted based on information released prior to the implementation of your request. In addition, please note that even after such request is implemented, you will continue to receive information directly related to the product or service for which you registered (or which you otherwise agreed to receive), so you always are kept informed.

YOUR CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83 permits those customers that are California residents to request that Validas, Inc. not share your personal information with third parties for their direct marketing use. To make such a request, write us at:
Validas, Inc.
7519 Chalk Hill Road
Missouri City, TX 77459

SECURITY
We use reasonable precautions to protect information about our customers while it is stored on our servers or in transit to our vendors processing on our behalf. Sensitive information that is transmitted to us online (such as credit card number) is encrypted and is transmitted to us securely. In addition, access to all of our customers' information, not just the sensitive information mentioned above, is restricted. Only employees who need the information to perform a specific job (for example, a billing clerk or a customer service representative) are granted access to personally identifiable information. Finally, the servers on which we store personally identifiable information are kept in a secure environment.

LINKS
Our web sites contain links to other sites. Validas, Inc. is not responsible for the privacy practices or content of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each web site to which we may link that may collect personally identifiable information.

CHILDREN
Validas, Inc. website is not directed at individuals less than thirteen years of age, and we do not intend to collect any personally-identifiable information from such individuals.

NOTIFICATION and CHANGES
If we change our Privacy Policy, we will notify all current users of our service by e-mail and post those changes on this page so previous and future users are aware of what information we collect, how we use it and under which circumstances, if any, we disclose it. Please check this policy frequently to keep abreast of any changes.