We, at Trustify Ltd (“we”, “us” or “the Company”) are committed to protect the privacy of our customers who are licensed to use our software (“Software”) on their internal network (“Client(s)”), as well as authorized end users who have access to any of the data resources monitored by our Software on the Client’s behalf (“End Users”).
Please note that the term “you” shall refer to Clients and End Users, as applicable.
When providing our Services, we may act in one of two distinct roles:
- as a “data controller” that has a direct contractual relationship with the individuals who provide their information to the Company (e.g. Clients who purchase our Software);
What type of information we collect
We collect two types of data and information from our users.
The first type of information is un-identified and non-identifiable information pertaining to a user(s), which may be made available or gathered via your use of the Services (“Non-personal Information”). We are not aware of the identity of the user from which the Non-personal Information was collected.
Non-personal Information which is being collected may include usernames and passwords, directory names, server names, file names, configurations, other software you use, event logs and browsing events.
We may also collect clickstream data, aggregated usage information and technical information transmitted by your device, including certain software and hardware information (e.g. the type of browser and operating system your device uses, language preference, access time and the domain name of the website from which you linked to the Services; etc.), in order to enhance the functionality of our Services.
The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Information”). We may collect the following types of Personal Information when using our Services:
- Registration: If a Client decides to open an account and register to our Services, the Client will be asked to provide Personal Information to us. The Personal information we collect through the registration process includes your full name, phone number, physical address, and e-mail address.
In addition, as part of the registration process, you may be required (depending on the specific product you wish to use or purchase as part of the Services) to provide us, or our third party service providers, additional information, including your billing information. Such information may include your phone number, credit card number, etc.
- Stored information: After Client installs our Software on its (or its End User’s) devices(s), we will be able to scan and encrypt files and email content which are scanned and processed via our Software. As part of the scanning process, we may have access to various types of Personal Information, which are stored on the applicable device(s) (“User Data”), including, but not limited to:
- The content of emails;
- Names and email addresses of senders/ recipients of emails;
- Photographs, images, and videos;
- Device identifiers – such as the Internet Protocol (IP) address and other types of unique device identifiers; and
- Personal documents.
User Data which is collected and processed by us may also include sensitive data, which may reveal your ethnic origin, health data, religion, sexual orientation, etc. (e.g. “Sensitive Information”).
Please note that the User Data is exclusively controlled by the Client, meaning that the Client maintains ownership of their related information and determines their own policies regarding the access permission and retention of such User Data.
You also acknowledge that part of this User Data may include Personal Information which relates to other individuals. You warrant that you have all the required authorizations, consents, and approvals from these individuals to allow us to access and process such information.
- Device Information: We may also collect Personal Information from your or your End Users’ devices. Such information includes IP address and other information which relates to user activity through the Services. We also use tracking technologies (e.g. local storage, pixels, etc.) as part of our Services in order to identify recipients who receive emails from the relevant End Users.
- Voluntary information: We collect information which you provide us voluntarily. For example, when you respond to communications from us, communicate with us via email or share additional information about yourself through your use of the Services. We may also collect your feedback, suggestions, complaints, and reports sent to us.
To the extent that the Company processes Personal Information, such processing is based on the consent of the data subject or where such processing is necessary for the performance of a contractor for the fulfillment of a legitimate interest pursued by the Company.
How we use the information we collect
In addition to the purposes listed above, the information we collect, which may include your Personal Information, is used for the following purposes:
- To set up a Client’s account;
- To process Client’s payments with regard to the Services;
- To provide our Services to our Clients and End Users (e.g. scan, back up and encrypt your email content and User Data; etc.);
- To identify and authenticate your access to the Services;
- To identify recipients who receive emails from relevant End Users;
- To communicate with you and to keep you informed of our latest updates, products, and services;
- To perform research or to conduct anonymous analytics in order to improve and customize our Services to your needs and interests;
- To support and troubleshoot our Services and to respond to your queries;
- To investigate violations and enforce our policies, and as required by law, regulation or other governmental authority, or to comply with a subpoena or similar legal process or respond to a government request; and
With whom we share the information we collect
In addition to the different uses listed above, we may transfer or disclose Personal Information to our subsidiaries, affiliated companies, and subcontractors. In addition, Personal Information may be disclosed to other trusted third-party service providers or partners for: (i) storing or processing Personal Information on our behalf (e.g. cloud computing service providers); (ii) assisting us with our business operations, providing our Services and improving it; and (iii) performing research, technical diagnostics and analytics with regard to the Services.
We may disclose Personal Information or any information you submitted via the Services, if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies (including our Agreement), including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, our users, yourself or any third party; or (vi) for the purpose of collaborating with law enforcement agencies and/or in case we find it necessary in order to enforce intellectual property or other legal rights.
You may request to:
- Receive confirmation as to whether or not personal information concerning you is being processed, and access your stored personal information, together with supplementary information.
- Receive a copy of personal information you directly volunteer to us in a structured, commonly used and machine-readable format.
- Request rectification of your personal information that is in our control.
- Request erasure of your personal information.
- Object to the processing of personal information by us.
- Request to restrict processing of your personal information by us.
- Lodge a complaint with supervisory authority.
However, please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements.
If you wish to exercise any of the aforementioned rights or receive more information, please contact our data protection officer, Tracie Proudfoot, at firstname.lastname@example.org.
We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our own discretion.
However, if you are an End User of our Client, please contact the Client directly. Likewise, if you have any questions or requests regarding the handling of your User Data, please direct all inquiries to the applicable Client, which has the control over your information and the ways by which such information is collected and processed.
We will retain your personal information for as long as necessary to provide our Services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined to take into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Under applicable regulations, we will keep records containing client personal data, account opening documents, communications and anything else as required by applicable laws and regulations.
We value your privacy and control over your Personal Information, and therefore you may, at any time, request to change and update it by emailing us at email@example.com.
You can also request that we will correct errors or that we will erase your Personal Information (except for data that we are required to keep under applicable laws) by emailing us at firstname.lastname@example.org.
However, if you are an End User of our Client, please contact the Client who interacts with us directly. Likewise, if you have any questions or requests regarding the handling of your User Data, please direct all inquiries to the applicable Client, which has the control over your information and the ways by which such information is collected and processed.
If you are not satisfied with our response or believe we are collecting or processing your Personal Information not in accordance with the laws, you can complain to the applicable data protection authority.
How do we safeguard and transfer your information?
We take great care in implementing and maintaining the security of the Services and your information.
We employ industry standard procedures and policies to ensure the safety of our users’ information and prevent unauthorized use of any such information. Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our Services, and we make no warranty, express, implied or otherwise, that we will prevent such access.
Transfer of data outside the EEA
Since we operate globally, it may be necessary to transfer your Personal Information to countries outside the European Union.
In such cases, we will transfer your data only to such countries as approved by the European Commission as providing an adequate level of data protection or enter into legal agreements ensuring an adequate level of data protection.
We may use Client’s Personal Information, such as Client’s name and email address, ourselves or by using our third-party subcontractors for the purpose of providing Clients with promotional materials and newsletters concerning our Services, which we believe may interest our Clients.
Out of respect to your right to privacy, at any time, you may request to unsubscribe and discontinue receiving marketing offers by sending us a blank message with the word “remove” to email@example.com.
The Services are not designated to individuals under the age of 18. If you are under 18, you should not download or use the Services nor provide any Personal Information to us.
We reserve the right to access and verify any Personal Information collected from you. In the event that we become aware that an individual under the age of 18 has shared any information, we will discard such information. If you have any reason to believe that a minor has shared any information with us, please contact us at firstname.lastname@example.org
How to contact us
If you have any general questions about the Services or the information that we collect about you and how we use it, please contact us at email@example.com
One Lochrin Square,
Call us: +44 (0) 808 196 8365