This site is operated by D. Hughes & Co. To contact the privacy manager by email, please click the orange and white "check" icon located at the top of the left pane on this Web page. Receipt of your email will be acknowledged automatically.

Full contact information for the company is as follows:

D. Hughes & Co.
102 Pickering Way, Suite 200
Exton, PA 19341
484-875-3059

D. Hughes & Co. treats your personal and confidential information as if it were our own. You have the right to expect us to exercise reasonable care in the handling of information which describes who you are and how you pay for things. We have the obligation to define clearly what we do with your information. Our goal in this privacy statement is to set your expectations for what can and should be done, and to win your confidence in our ability to carry out our privacy policy in a way that benefits both parties.

This privacy policy applies when you visit our Web site to browse, to buy something through our Web store, to complete a form or post-class survey, to send us an email, to register for a class, to obtain and use a login to our learning management system, and to join a mailing list.

This privacy policy does not apply to information we collect by other means (including offline) or from other sources.

We may change the terms of this policy at any time, so you are encouraged to review this page from time to time. Your continued use of this site following the posting of changes to this policy means that you accept the changes.

Information We Collect

We require that you provide complete and accurate information about yourself if you purchase or otherwise use the services and products offered through this Web site or through our learning management system. This information includes your full name, employer, job title, mailing addresses, email handles, phone numbers, credit card information, and your IP address.

We use the information collected on this site in the following ways:

- to complete a secure credit card transaction through Elavon-InternetSecure;
- to notify you about the status of your order;
- to respond to inquiries initiated by you;
- to deliver training services and products which you have requested;
- for any other purpose disclosed at the time the information is collected or to which you consent;
- as otherwise specifically described in this policy.

We share your information only with Elavon-InternetSecure for the sole purpose of allowing our online merchant gateway to process a credit card transaction for you.

A "cookie" is a small piece of information that many Web sites use to help make online e-commerce easier. This information is stored on your computer's hard drive. We do not store personally identifiable information in your cookie. Cookies are used if you elect to be "remembered" by the system in order to improve your shopping experience.

We use reasonable safeguards to protect personally identifiable information we collect on this Web site from unauthorized access, use, modification or disclosure. However, due to the design of the Internet and other factors outside of our control, we cannot guarantee that communication between you and the servers hosting our sites will be free from unauthorized access by third parties.

We do not store credit card numbers. All credit card transactions are through a secure socket layer (SSL) protocol which is authenticated by a GeoTrust certificate. Please visit the store lobby to access the GeoTrust smart icon which provides our security certificate serial number and validity period.

We apply up-to-date anti-virus filters to all pages and downloadable files on our Web site.

Our hosted servers implement permission level access protocol. All passwords are classified as 'strong' and are changed as needed. Session control variables are configured to disable administrator access hacks and client-level access to our server code areas and databases. Administrator scripts for our online store are isolated in opaquely named subdirectories.

Physical access to the computers, backup media, and hardcopy records in our facility is on a need-to-know basis enforced by face-to-face confirmation by our business manager. Records destruction is governed by a standard operating procedure which stipulates physical destruction of electronic media and shredding of paper records prior to disposal.

We reserve the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect our rights or to comply with a judicial proceeding, court order, or legal process served on our Web site.