Data Protection Practices for the Internet
Driven by requests from customers, D&B delivers products and services through the Internet faster and more efficiently than ever before. Many of the measurable benefits derived from D&B products and services are a result of the ability to freely move information. Dun & Bradstreet recognizes that the free flow of information must be balanced against an individual's privacy interests. The company also believes the adoption of balanced data protection practices for the Internet makes good business sense. Therefore, D&B subscribes to the practices described below.

D&B Data Collection Practices Browsing a Web Site
Generally, a visitor to a D&B Web site does not have to reveal any individually identifiable information such as name, address or telephone number. On most sites, D&B does not require that a visitor provide individually identifiable information nor do we collect any through the use of technology. Some nonindividually identifiable information is collected by Web site servers such as what browser is being used (e.g., Netscape) or the domain name from which a visitor entered the site (e.g., www.your company.com or www.your university.edu).

Use of Internet Technology
There is technology available today, such as "cookies" or "JavaScript", that can be used to provide a Web site visitor with a more customized interaction with the site. Currently, D&B is analyzing if the benefits which can be delivered by these technologies will outweigh any potential data protection concerns. To better serve our customers, D&B may implement the use of these or other advanced Internet technologies.

D&B Data Collection and User Choice Options

Ordering Products or Services & Customer Registrations
Some pages within D&B sites require provision of individually identifiable information to order a product or to register with D&B. When this information is requested, you will know because you will be asked to complete a form and return it to us. The data requested may include your name, mailing and e-mail addresses, telephone and fax numbers.

D&B collects this individually identifiable information to complete business transactions, deliver products and services, administer individual accounts, provide customer support and meet government regulatory requirements such as sales tax collection. D&B does not store the information on its Web servers nor does the company sell or otherwise share the information externally. D&B does, however, from time to time compile online transaction and registration information for internal analyses such as researching and identifying market segments and needs. When users register for D&B Internet Access as worldwide credit card customers, they can choose whether to receive updates about D&B's products and services.

In some instances, D&B also collects credit card information for billing purposes. Generally D&B uses security techniques, including encryption and secure servers, to protect against unauthorized access to transmitted information used for billing purposes. D&B does not store, use or share credit card information for any other purpose.

D&B D-U-N-SŪ Number Registration
D&B provides businesses the opportunity to apply for a D&B D-U-N-SŪ Number online. The information submitted to obtain the D&B D-U-N-S Number becomes a part of the D&B database, which is the core of all of the company's high quality business information products and services. Being listed in the D&B database offers benefits to businesses including identification and recognition in the marketplace. Information in the database is licensed to third parties who offer businesses useful products and services. Companies included in the D&B database may opt to be excluded from lists licensed for marketing purposes.

Confidentiality and Security Safeguards
D&B takes technical, contractual, administrative and physical steps to protect against unauthorized access to and disclosure of individually identifiable information. If, during their employment, D&B associates acquire confidential or proprietary information belonging to D&B or its customers, such information will be handled in confidence and may not be disclosed to unauthorized third parties. D&B associates are also responsible for the internal security of such information. On some D&B sites, technology is used to further secure the information.

Updates to D&B's Data Protection Practices for the Internet
The practices outlined above represent current (as of March 1998) data protection practices. To keep up with the rapidly evolving Internet environment, D&B will from time to time review and revise these practices and communicate any updates.

Dun & Bradstreet (Australia) Pty. Ltd. (Incorporated in Victoria) ACN 006399677