SHI Privacy Statement
Information Collection and Use
SHI is the sole owner of the information collected on this site. We will not sell, share, or rent this information to others in ways different from what is disclosed in this statement. SHI collects information from our users at several different points on our website.
We collect information about you in various ways, including the following:
Information Automatically Collected
When you visit our website, some information about your visit is automatically collected by SHI's systems. For example, when you visit our website your computer's or mobile device's operating system, application software, Internet Protocol (IP) address, access times, browser type and language, peripherals, and the websites you visited before our website are logged automatically. We also collect information about your usage and activity on our website, including information about your orders, purchases, and cart activity. Limitations to this may apply to some customers who have contracted for special confidentiality.
- User identity, in the form of identifiers recognized internal to our system.
- User authentication status, so we know if the user is currently logged in or not (being logged in is a distinct concept from thinking we know who the user is).
- An identifier for which server is handling this session, to facilitate interactive reports.
- A token identifying the user's session which is used to prevent XSS attacks
SHI only uses these cookies to facilitate the operation of the site; they are not and will not be used for any other purpose, and no data related to those will be made available to any third party now or in the future.
In order to use certain features of this website, a user must be granted a username and password to allow them to access various content customized for their use. This profile includes the name of the company on behalf of whom such users are accessing the SHI site, name, and contact information, including phone number and email address. Certain customers may also opt for the collection of additional information including default shipping addresses, organization codes, or cost centers to facilitate ordering and reporting.
We request information from the user on our order form. Here a user must provide shipping information to indicate where their products are to be shipped, organizational or financial information as required to meet customer reporting requirements, and payment information to indicate how the user will be billed for their purchases. This information is used for billing purposes, reporting, and to fill customer's orders.
We use IP addresses to analyze trends, administer the site, track user's movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.
We will share aggregated demographic information with our partners and advertisers. This is not linked to any personal information that can identify any individual person.
We use outside companies to ship orders, marketing assistance, postal and email delivery, customer service, and data analysis, and we use a credit card processing company to bill users for goods and services. These companies do not retain, share, store or use personally identifiable information for any secondary purposes.
These parties are not allowed to use personally identifiable information, except for the purpose of providing these services.
This website contains links to other sites. Please be aware that SHI is not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every website that collects personally identifiable information. This privacy statement applies solely to information collected by this website.
This website takes every precaution to protect our users' information. When users submit sensitive information via the website, your information is protected both online and off-line.
All access to our site is, by default, encrypted and protected. SHI supports TLS 1.1 and TLS 1.2 encryption, and recommends use of TLS 1.2 encryption. On our site the lock icon near the address bar of web browsers such as Firefox and Microsoft Internet Explorer becomes locked, as opposed to un-locked, or open, when you are just 'surfing' elsewhere.
While we use encryption to protect sensitive information in transit to the customer, as described above, we also take steps to protect user information outside of our web-site as well.. All such customer data is stored in database servers that cannot route traffic outside our internal network, and that have no access to the public internet. Physical access to our servers is restricted; the servers are located in a datacenter that is only accessible to designated IT staff and is properly locked and off-limits to visitors.
All user passwords are stored using a one-way hash function. It is impossible for us to see what these passwords are; we can only verify that the hash value of what the user has entered matches the stored value. As a result we are unable to retrieve lost passwords under any circumstances. To facilitate the verification of user's identity by our employees, we also store a verification question and answer entered by the user. This information is encrypted to protect against theft, but is revealed selectively to SHI employees when such verification is necessary.
Notification of Changes
This Privacy Statement discloses the treatment of any personal data revealed by our users on the SHI.com web sites. The treatment of any non-personal data is discussed in the site's Terms and Conditions.