Privacy Policy

INTRODUCTION

We at Trust365, a trading name of Trustify Ltd (“we”, “us” or “the Company”) are committed to protect the privacy of our customers who are licensed to use our software (“Software”) on their internal network (“Client(s)”), as well as authorized end users who have access to any of the data resources monitored by our Software on the Client’s behalf (“End Users”).

Please note that the term “you” shall refer to Clients and End Users, as applicable.

Our privacy policy (“Privacy Policy“) will help you understand what information we collect when you use our Software, which scans, encrypts, observes, reviews and monitors your personal files and emails for backup and restoration purposes (the foregoing actions enabled by means of the Software shall be hereinafter referred to as “Services”). It also sets out our use of Cookies.

When providing our Services, we may act in one of two distinct roles:

1. as a “data controller” that has a direct contractual relationship with the individuals who provide their information to the Company (e.g. Clients who purchase our Software);

2. as a “data processor” when processing User Data (as defined below, under “What type of information we collect”) and acting under the sole direction of our Clients. In this case, Client must ensure that all End Users have been informed of, and have given their consent to Company’s use and the process of any information, as detailed in this Privacy Policy.

The Privacy Policy is a part of our End User License Agreements https://www.trust365.com/EULA and is incorporated herein by references.

We encourage Clients and End Users to read the Privacy Policy carefully and use it to make informed decisions.

What type of information we collect

We collect two types of data and information from our users.

1. The first type of information is un-identified and non-identifiable information pertaining to a user(s), which may be made available or gathered via your use of the Services (“Non-personal Information”). We are not aware of the identity of the user from which the Non-personal Information was collected.

Non-personal Information which is being collected may include usernames and passwords, directory names, server names, file names, configurations, other software you use, event logs and browsing events.

We may also collect clickstream data, aggregated usage information and technical information transmitted by your device, including certain software and hardware information (e.g. the type of browser and operating system your device uses, language preference, access time and the domain name of the website from which you linked to the Services; etc.), in order to enhance the functionality of our Services.

We may anonymize or de-identify the information collected by the Services or via other means so that the information cannot, on its own, personally identify you. Our use and disclosure of such aggregated or de-identified information is not subject to any restrictions under this Privacy Policy, and we may disclose it to others without limitation and for any purpose.

2. The second type of information is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual (“Personal Information”).

We may collect the following types of Personal Information when using our Services:

· Registration: If a Client decides to open an account and register to our Services, the Client will be asked to provide Personal Information to us. The Personal information we collect through the registration process includes your full name, phone number, physical address, and e-mail address.

In addition, as part of the registration process, you may be required (depending on the specific product you wish to use or purchase as part of the Services) to provide us, or our third party service providers, additional information, including your billing information. Such information may include your phone number, credit card number, etc.

· Stored information: After Client installs our Software on its (or its End User’s) devices(s), we will be able to scan and encrypt files and email content which are scanned and processed via our Software. As part of the scanning process, we may have access to various types of Personal Information, which are stored on the applicable device(s) (“User Data”), including, but not limited to:

o The content of emails;

o Names and email addresses of senders/ recipients of emails;

o Photographs, images, and videos;

o Device identifiers – such as the Internet Protocol (IP) address and other types of unique device identifiers; and

o Personal documents.

User Data which is collected and processed by us may also include sensitive data, which may reveal your ethnic origin, health data, religion, sexual orientation, etc. (e.g. “Sensitive Information”).

We will only use and process such information for the sole purpose of providing you with our Services. By allowing us access to your Sensitive Information, you explicitly consent to the collection and use of your Sensitive Information in accordance with this Privacy Policy.

Please note that the User Data is exclusively controlled by the Client, meaning that the Client maintains ownership of their related information and determines their own policies regarding the access permission and retention of such User Data.

You also acknowledge that part of this User Data may include Personal Information which relates to other individuals. You warrant that you have all the required authorizations, consents, and approvals from these individuals to allow us to access and process such information.

· Device Information: We may also collect Personal Information from your or your End Users’ devices. Such information includes IP address and other information which relates to user activity through the Services. We also use tracking technologies (e.g. local storage, pixels, etc.) as part of our Services in order to identify recipients who receive emails from the relevant End Users.

· Voluntary information: We collect information which you provide us voluntarily. For example, when you respond to communications from us, communicate with us via email or share additional information about yourself through your use of the Services. We may also collect your feedback, suggestions, complaints, and reports sent to us.

To the extent that the Company processes Personal Information, such processing is based on the consent of the data subject or where such processing is necessary for the performance of a contractor for the fulfilment of a legitimate interest pursued by the Company.


How we use the information we collect

In addition to the purposes listed above, the information we collect, which may include your Personal Information, is used for the following purposes:

· To set up a Client’s account;

· To process Client’s payments with regard to the Services;

· To provide our Services to our Clients and End Users (e.g. scan, back up and encrypt your email content and User Data; etc.);

· To identify and authenticate your access to the Services;

· To identify recipients who receive emails from relevant End Users;

· To communicate with you and to keep you informed of our latest updates,
products, and services;

· To perform research or to conduct anonymous analytics in order to improve and customize our Services to your needs and interests;

· To support and troubleshoot our Services and to respond to your queries;

· To investigate violations and enforce our policies, and as required by law, regulation or other governmental authority, or to comply with a subpoena or similar legal process or respond to a government request; and


With whom we share the information we collect

We do not rent, sell, or share your Personal Information with third parties except as described in this Privacy Policy.

In addition to the different uses listed above, we may transfer or disclose Personal Information to affiliated companies and subcontractors. In addition, Personal Information may be disclosed to other trusted third-party service providers or partners for:

i. storing or processing Personal Information on our behalf (e.g. cloud computing service providers);

ii. assisting us with our business operations, providing our Services and improving it; and

iii. performing research, technical diagnostics and analytics with regard to the Services.

We may disclose Personal Information or any information you submitted via the Services, if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to

i. comply with any applicable law, regulation, legal process or governmental request;

ii. enforce our policies (including our Agreement), including investigations of potential violations thereof;

iii. investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues;

iv. to establish or exercise our rights to defend against legal claims;

v. prevent harm to the rights, property or safety of us, our users, yourself or any third party; or

vi. for the purpose of collaborating with law enforcement agencies and/or in case we find it necessary in order to enforce intellectual property or other legal rights.

Privacy rights

You may request to:

1. Receive confirmation as to whether or not personal information concerning you is being processed, and access your stored personal information, together with supplementary information.

2. Receive a copy of personal information you directly volunteer to us in a structured, commonly used and machine-readable format.

3. Request rectification of your personal information that is in our control.

4. Request erasure of your personal information.

5. Object to the processing of personal information by us.

6. Request to restrict processing of your personal information by us.

7. Lodge a complaint with supervisory authority.

However, please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements.

If you wish to exercise any of the aforementioned rights or receive more information, please contact our data protection officer, Steve Boland, steve.boland@trustify.com.

We may rectify, replenish or remove incomplete or inaccurate information, at any time and at our own discretion.

However, if you are an End User of our Client, please contact the Client directly. Likewise, if you have any questions or requests regarding the handling of your User Data, please direct all inquiries to the relevant Client, which has the control over your information and the ways by which such information is collected and processed.

Retention

We will retain your personal information for as long as necessary to provide our Services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined to take into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Under applicable regulations, we will keep records containing client personal data, account opening documents, communications and anything else as required by applicable laws and regulations.

We value your privacy and control over your Personal Information, and therefore you may, at any time, request to change and update it by emailing us at office@trustify.com.

You can also request that we will correct errors or that we will erase your Personal Information (except for data that we are required to keep under applicable laws) by emailing us at office@trustify.com.

However, if you are an End User of our Client, please contact the Client who interacts with us directly. Likewise, if you have any questions or requests regarding the handling of your User Data, please direct all inquiries to the applicable Client, which has the control over your information and the ways by which such information is collected and processed.

If you are not satisfied with our response or believe we are collecting or processing your Personal Information not in accordance with the laws, you can complain to the applicable data protection authority.

How do we safeguard and transfer your information?

We take great care in implementing and maintaining the security of the Services and your information.

We employ industry standard procedures and policies to ensure the safety of our users’ information and prevent unauthorized use of any such information. Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse our Services, and we make no warranty, express, implied or otherwise, that we will prevent such access.

Transfer of data outside the EEA

Since we operate globally, it may be necessary to transfer your Personal Information to countries outside the European Union. In such cases, we will transfer your data only to such countries as approved by the European Commission as providing an adequate level of data protection or enter into legal agreements ensuring an adequate level of data protection.

Marketing

We may use Client’s Personal Information, such as Client’s name and email address, ourselves or by using our third-party subcontractors for the purpose of providing Clients with promotional materials and newsletters concerning our Services, which we believe may interest our Clients. Out of respect to your right to privacy, at any time, you may request to unsubscribe.

Cookies are small text files that are placed on your computer or smartphone by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

We use cookies to make our website work and to understand how customers use our services, including the effectiveness of our marketing. Some of these cookies are provided by third party organisations, including our payment partner Stripe. We don’t set cookies to track your use of other sites or to acquire information about you unrelated to our services.

Cookies can be Session cookies (which are deleted when you close your browser) or Permanent cookies(which persist for up to twelve months.) We divide cookies into 3 classes:

· Necessary Cookies – our site won’t work properly without these.

· Functional Cookies – enable us to remember your settings and support services like Live Chat.

· Analytic Cookies – these help us understand how people use our site, which helps us to improve it.

We don’t set cookies to track your browser usage or to target advertising.

The cookies set by this site are:

Cookie

Name

Purpose

Class

Persistence

Authenticate

trustify_launchpad_session

Used to track the authenticated user

Necessary

Persistent

Authenticate

otp_login_verified

Used to track the authenticated user

Necessary

Persistent

Security

XSRF-Token

Prevents cross-site request forgeries

Necessary

Persistent

Find out how to manage cookies on popular browsers:

Google Chrome https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=en

Microsoft Edge https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy

Mozilla Firefox https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences

Microsoft Internet Explorer https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies

Opera https://www.opera.com/help/tutorials/security/privacy/

Apple Safari https://support.apple.com/en-gb/safari

To find information relating to other browsers, visit the browser developer's website.

To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.

Corporate transaction

We may share information, including Personal Information, in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale of an asset or transfer in the operation thereof) of the Company. In the event of the above, the acquiring company or transferee will assume the rights and obligations as described in this Privacy Policy.

Updates or amendments to the Privacy Policy

We may revise this Privacy Policy from time to time, in our sole discretion, and the most current version will always be posted on the website. We encourage you to review this Privacy Policy regularly for any changes.

Your continued use of the Services, following the notification of such amendments, constitutes your acknowledgment and consent of such amendments to the Privacy Policy and your agreement to be bound by the terms of such amendments.

How to contact us

If you have any general questions about the Services or the information that we collect about you and how we use it, please contact us at office@trust365.com.