Cushion Source® Security & Privacy Policy

We know security is a concern to you, and our approach will help give you a greater peace of mind. A security policy is what it means to be secure for a system, organization or other entity. For an organization like ours, it addresses the constraints on behavior of its regular ethical visitors, as well as constraints imposed on adversaries like hackers and Internet thieves. For systems, our security policy addresses constraints on functions and flow among them, constraints on access by external systems and adversaries including programs and access to data by people.

Because Cushion Source®'s security policy is a high level definition of secure consistent behavior, it is meaningless to claim an entity is "secure" without knowing what "secure" means. The bottom line is simple - what is shared with our company, stays in our company through multiple secure levels.

Virus Prevention Policy

The willful introduction of computer viruses or disruptive/destructive programs into Cushion Source®'s environment is prohibited, and violators may be subject to prosecution. All desktop systems that connect to Cushion Source® network must be protected with an approved, licensed anti-virus software product that it is kept updated according to the vendor's recommendations. All servers and workstations that connect to the network and that are vulnerable to virus or worm attack must be protected with an approved, licensed anti-virus software product that it is kept updated according to the vendor's recommendations. Headers of all incoming data including electronic mail must be scanned for viruses by the email server where such products exist and are financially feasible to implement. Outgoing electronic mail should be scanned where such capabilities exist. Where feasible, system or network administrators should inform users when a virus has been detected. Virus scanning logs must be maintained whenever email is centrally scanned for viruses.

Intrusion Detection Policy

Intruder detection must be implemented on all servers and workstations containing data classified as high risk. Operating system and application software logging processes must be enabled on all host and server systems. Where possible, alarm and alert functions, as well as logging and monitoring systems must be enabled. Server, firewall, and critical system logs should be reviewed frequently. Where possible, automated review should be enabled and alerts should be transmitted to the administrator when a serious security intrusion is detected. Intrusion tools should be installed where appropriate and checked on a regular basis.

Internet Security Policy

All connections to the Internet must go through a properly secured connection point to ensure Cushion Source®'s network is protected when the data is classified high risk. All connections to the Internet should go through a properly secured connection point to ensure the network is protected when the data is classified confidential.

System Security Policy

All systems connected to the Internet should have a supported version of the operating system installed. All systems connected to the Internet must be current with security patches. System integrity checks of host and server systems housing high risk Cushion Source® data should be performed.

Acceptable Use Policy

Cushion Source® must have a policy on appropriate and acceptable use that includes these requirements: Cushion Source® computer resources must be used in a manner that complies with OCG, Inc. policies and State and Federal laws and regulations. It is against Cushion Source® policy to install or run software requiring a license on any Cushion Source® computer without a valid license. Use of the Cushion Source®'s computing and networking infrastructure by Cushion Source® employees unrelated to their positions must be limited in both time and resources and must not interfere in any way with Cushion Source® functions or the employee's duties. Use of Cushion Source® resources for personal profit is not permitted except as addressed under other OCG, Inc. policies. Decryption of external or internal passwords is not permitted, except by authorized staff performing security reviews or investigations. Use of network sniffers shall be restricted to system administrators who must use such tools to solve network problems. Auditors or security officers in the performance of their duties may also use them. They must not be used to monitor or track any individual's network activity except under special authorization as defined by campus policy that protects the privacy of information in electronic form.

Privacy Policy

Cushion Source® recognizes that privacy is important. This Privacy Policy applies to all of the products, services, and websites owned and offered by OCG, LLC (parent company). Cushion Source® adheres to the US Safe Harbor Privacy Principles of Notice, Choice, Onward Transfer, Security, Data Integrity, Access and Enforcement.

If you have any questions about this Privacy Policy, please feel free to write to us at:

Information we collect and how we use it: We offer a number of services that do not require you to register for an account or provide any personal information to us, such as Cushion Source® articles and information on the products and services we sell. In order to provide our full range of services, we may collect the following types of information:

• Information you provide – When you sign up for a Cushion Source® account or other Cushion Source® service or promotion that requires registration, we ask you for personal information (such as your name, email address and an account password). For certain services, we also may request credit card or other payment account information which we maintain in encrypted form on secure servers. We may combine the information you submit under your account with information from other Cushion Source® services or third parties in order to provide you with a better experience and to improve the quality of our services. For certain services, we may give you the opportunity to opt out of combining such information.
• Cookies – When you visit Cushion Source®, we send one or more cookies – a small file containing a string of characters – to your computer or other device that uniquely identifies your browser. We use cookies to improve the quality of our service to you, our valued customer, including for storing user preferences, improving search results, and tracking user trends, such as how people shop on each of our websites.
• Log information – When you access Cushion Source® website, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.
• Consent To Our Communication With You By E-Mail – By establishing a registered account with us, and/or each time you make a purchase through our site, you grant permission for Cushion Source® or OCG, LLC to contact you at your e-mail address. To stop receiving our monthly newsletters, promotional/marketing, or special announcement e-mails follow the opt-out procedures set forth at the bottom of each email sent to you by our company.
• Other sites – This Privacy Policy applies to Cushion Source® website, products, and services only. We do not exercise control over external links from our site to other third-party sites. These other sites may place their own cookies or other files on your computer, collect data or solicit personal information from you no related to Cushion Source®.

Cushion Source® only processes personal information for the purposes described in this Privacy Policy and/or the supplementary privacy notices for specific services. In addition to the above, such purposes include:

• Providing our products & services, including the display of customized content and product presentations;
• Auditing, research and analysis in order to maintain, protect and improve our products & services;
• Ensuring the technical functioning of our website;
• Protecting the rights or property of Cushion Source® or our users; and
• Developing new services.

Cushion Source® processes personal information on our servers in the United States of America.

Choices for Personal Information

When you sign up as a registered user on Cushion Source® that requires registration, we ask you to provide personal information. If we use this information in a manner different than the purpose for which it was collected, then we will ask for your consent prior to such use.

If we propose to use personal information for any purposes other than those described in this Privacy Policy and/or in the specific service privacy notices, we will offer you an effective way to opt out of the use of personal information for those other purposes. We will not collect or use sensitive information for purposes other than those described in this Privacy Policy and/or in the supplementary service privacy notices, unless we have obtained your prior consent.

Most browsers are initially set up to accept cookies, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some Cushion Source® features, products, and services may not function properly if your cookies are disabled. You can decline to submit personal information to any of our services, in which case Cushion Source® may not be able to provide those services to you.

Information Sharing

Cushion Source® only shares personal information with other companies or individuals outside of Cushion Source® in the following limited circumstances:

• We have your prior written consent – electronically via email or registration. We require opt-in consent for the sharing of any sensitive personal information.
• We provide such information to our subsidiaries, affiliated companies or other trusted businesses or persons for the purpose of processing personal information on our behalf. We require that these parties agree to process such information based on our instructions and in compliance with this Privacy Policy and any other appropriate confidentiality and security measures.
• We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against harm to the rights, property or safety of Cushion Source®, its users or the public as required or permitted by law.

If Cushion Source® becomes involved in a merger, acquisition, or any form of sale of some or all of its assets, we will ensure the confidentiality of any personal information involved in such transactions and provide notice before personal information is transferred and becomes subject to a different privacy policy.

Please contact us at the address below for any additional questions about the management or use of personal data.

Information Security

We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data.

We restrict access to personal information to Cushion Source® employees, suppliers, manufacturers, and agents who need to know that information in order to fulfill your order or to develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.

Data Integrity

Cushion Source® processes personal information only for the purposes for which it was collected and in accordance with this Privacy Policy or any applicable service-specific privacy notice. We review our data collection, storage and processing practices to ensure that we only collect, store and process the personal information needed to provide or improve our services or as otherwise permitted under this Policy. We take reasonable steps to ensure that the personal information we process is accurate, complete, and current, but we depend on our users to update or correct their personal information whenever necessary.

Accessing and updating personal information When you use Cushion Source® website, we make good faith efforts to provide you with access to your personal information and either to correct this data if it is inaccurate or to delete such data at your request if it is not otherwise required to be retained by law or for legitimate business purposes. We ask our online customers to identify themselves and the information requested to be accessed, corrected or removed before processing orders.

Enforcement

Cushion Source® regularly reviews its compliance with this Privacy Policy. Please feel free to direct any questions or concerns regarding this Privacy Policy or Cushion Source®’s treatment of personal information by writing to us at:

When we receive formal written complaints at this address, it is Cushion Source®’s policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between Cushion Source® and an individual.

Changes to Our Privacy Policy

Please note that this Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent, and we expect most such changes will be minor. Regardless, we will post any Privacy Policy changes on this page and, if the changes are significant, we will provide a more prominent notice (including, for certain services, email notification of Privacy Policy changes). If you have any additional questions or concerns about this Privacy Policy, please feel free to contact us any time through this web site or at: