These Rules of Use apply to your use of the enclosed CRYPTOCard token, card or other device (your Device), your secret Personal Identification Number (your PIN) and your use of the CRYPTOCard Managed Authentication Service (the Service).
You should use your Device and you’re PIN to identify yourself to any systems or service secured by CRYPTOCard in accordance with these Rules, the guidelines in the accompanying User Welcome Guide and which may be communicated to you from time to time by CRYPTOCard, and any written agreements between yourself and your organisation and your organisation and CRYPTOCard.
It is important that you take proper care of your Device, keep it safe and secure at all times and guard against loss, damage and theft.
Your PIN must remain secret to you at all times. No other person ever needs to know this PIN and you should not disclose it to anyone. This includes your colleagues and systems administrators at your company and also personnel who are, or claim to be representatives of CRYPTOCard or a Partner of CRYPTOCard. You should be extremely suspicious of anyone who ever tells you at they need to know your PIN, and you should report any such incident to your CRYPTOCard Administrator immediately.
The privacy of your Device and the confidentiality of your PIN are crucial to the verification of your on-line identity and the security of your information and the networked system(s) which may be accessed using your identity.
If your Device is lost, damaged or stolen, or if you believe that the confidentiality of your secret PIN has been compromised in any way, you should report these incidents immediately to your CRYPTOCard Administrator or to the CRYPTOCard Helpdesk at mas@cryptocard.com. Upon receiving the notice, the CRYPTOCard Administrator will then disable your Device or allow you to change your PIN, so as to ensure that no third party may misuse them.
If you do not report these incidents immediately, there is the risk that your on-line identity may be stolen by someone else. Any activities they carry out using your identity will compromise the security and integrity of your information and systems. You may be held legally responsible for activities that are perpetrated using your identity.
You must not give away, sell, rent or lend your Device even to someone you believe to be an authorised user of the Authentication Service.
You must not mistreat, damage or open your Device or try to reverse-engineer, decompile, disassemble, translate, copy, and alter the Device (or any of its components).
If you lose or break your Device you may be charged a replacement fee by the organisation which supplied your Service.
Should your Service account be terminated for any reason, or if you have no further need to use the Service, you must contact your Administrator immediately to disable your Device and then follow instructions from your Administrator to have it safely returned.
In order for CRYPTOCard to provide the Service, it will be necessary to acquire some personal data. CRYPTOCard will only use such personal data as is necessary to provide the Service. CRYPTOCard will comply with its obligations under the Data Protection Act 1998 and, in particular, will ensure that all processing of personal data carried out by it in relation to the provision of any Service complies with the eight data protection principles set out in the Data Protection Act 1998. If in the process of providing the Service CRYPTOCard is required to another party outside of CRYPTOCard, CRYPTOCard will ensure that you provide permission in advance and the party will also comply with its obligations under the Data Protection Act 1998 and the eight data protection principles set out in the Data Protection Act 1998. Should your Service account has been terminated for any reason, CRYPTOCard will delete all personal data, except when it is necessary for CRYPTOCard to retain a copy for archival purposes or in order to ensure that CRYPTOCard can comply with any obligations under the Service contract that survive its termination. Once these requirements have ended, the personal data will be deleted from all records.
