The AT Secretariat considers data security and protection a serious matter. In the current version of the AT Contacts Database, we have taken measures to provide the highest standard of security available. Please take a moment to read the following important information:
Data Collection and Storage
All data we receive from you is collected, stored and used exclusively: to provide your contact information to other Treaty Party officials; for online registration to the ATCM; and, if applicable, to populate the public contact lists in the AT Secretariat’s website. The AT Secretariat will never share your personal data with any other organization. At any time and with effect for the future, you may object to this data collection and data storage and request your Party Contact Administrator to remove it. You can also request the AT Secretariat to provide you with a full report of all information stored about you in our databases.
All data transmitted from the browser to our servers is encrypted and thus protected by a Secure Socket Layer (SSL/TLS) 256 bit key. However, remember that your computer or mobile device is beyond the reach of the AT Secretariat’s security systems. It is up to you as the user to obtain information on information technology security precautions and to take associated measures on your internet connected devices, such as the following:
- Use password protection for your desktop and mobile user profile. Create separate user profiles if you need to share your devices with other people. Most applications and websites (including our Contacts Database) will now “remember” you on your personal device, so this recommendation is increasingly important.
- Do not share your passwords with other persons. Most applications and websites (including our Contacts Database) allow you to create a separate profile with the same permissions if you need to give access to someone else.
- Use passwords that are easy to remember (for you), but hard to guess (for others). You don’t need to change them very often unless you feel they might have been compromised. Unfortunately, you will have to manage several passwords since it is not safe to use the same password in different websites.
- Avoid entering login information or personal data such as credit card information on a shared computer. If you absolutely must, be sure to use the logout function when you have finished.
- Do not click on links included in unsolicited email or application messages. Do not open any attached file that was not explicitly requested by you or whose source you cannot validate. Be cautious and take a moment before reacting to any unsolicited email or application message.
- Do not Google search for sites you use often and that require to enter sensitive data. Instead, type the address in your browser and save it to your bookmarks.
When you are about to enter your login, payment or other personal data in a website, take a moment to check the following information at the top of your browser window:
- Is the domain the expected one in the website address (URL)? Most browsers now highlight the domain for clarity;
- Is the connection secure? If it is, the beginning of the website address should start with https (not http) and a padlock/key icon should be shown too. You should be able to obtain more information clicking or expanding the secure icon.
- The AT Secretariat will never send you an email requesting your password or containing a link to any section of the Contacts Database (except for the password recovery email). In case of any question on these matters, please contact the AT Secretariat.
Secure Socket Layer (SSL/TLS) is a protocol for secure data transmission in the internet. All modern web browsers support this protocol. SSL/TLS uses public key infrastructure by which data is encoded by a publicly accessible key at one end and can then only be decoded by a specific private key at the other end. Therefore anyone intercepting network traffic in transit from your computer or device to our servers would only access illegible encrypted data. Most browsers indicate by means of a key or a padlock icon whether the connection is secured or unsecured.