1. Introduction

At PriviSafe, we treat the protection of personal data with utmost importance, as we do when consulting with our clients.

In the course of operating our business, we process Personal Data in a variety of ways. This Privacy Policy (the “Policy”) addresses the individuals (“Data Subjects”) whose Personal Data we may receive in the course of marketing and selling the services PriviSafe provides to its clients (“Services”), and Data Subjects whose Personal Data we receive in the course of our regulatory outreach activities, including our consultations with supervisory authorities or other regulatory agencies.

This Policy does not apply to Personal Data we process in other contexts, such as Personal Data we process in the course of providing our Services. This Policy also does not apply to the Personal Data of employees, prospective employees, contractors, prospective contractors, suppliers, business owners, directors, and officers of PriviSafe. 

2. Our Role as Data Controller

Within the scope of this Policy, PriviSafe acts as a data controller for the Personal Data we process. This means that we decide how and why Personal Data is collected and further processed.

3. Legal Basis for Processing

We may process your Personal Data on the basis of:

  • your consent;
  • contractual necessity that we entered into with you;
  • our legitimate interests, such as our interest in marketing and selling our Services;
  • our obligation to comply with applicable law; or
  • any other ground, as required or permitted by applicable law.

Where we process your Personal Data based on your consent, you may withdraw your consent at any time. However, this will not affect the lawfulness of our processing before you withdrew your consent. It will also not affect our processing performed on other lawful grounds.

Where we receive your Personal Data as part of providing our Services to you based on a contract, we require certain Personal Data to be able to carry out the contract. Without that necessary Personal Data, we will not be able to provide the Services to you.

4. How we Collect Personal Data

We may collect or otherwise receive your Personal Data when:

  • you provide it to us directly as a client or prospective client, by contacting us via phone, email, mail, a contact form on our website, live chat service, or paying us through our online portal;
  • you click on one of our ads or open one of our emails;
  • we receive it from a data protection authority or another government agency;
  • we obtain it from publicly available sources, such as publicly accessible websites, including social media pages or corporate, government, or professional websites; and
  • when an associate of yours or one of our partners or clients refers you to our Services by providing your Personal Data to us.

5. Categories of Personal Data

We may process the following categories of Personal Data:

  • biographical information, such as first and last name;
  • professional information, such as job title, position, and information about your organization;
  • billing information, such as bank account information and payment card number;
  • contact information, such as email address, postal address, phone number, and fax number;
  • identifiers and device information, such as IP address and associated location, operating system, and device IDs; and
  • your interests, such as whether or not you have opened email(s) we send you, or the particular PriviSafe Services that might be of interest to your organization.

6. Purpose of Processing

We may process your Personal Data for the purposes of:

  • managing our relationship with you;
  • selling our Services to you;
  • responding to your requests or questions;
  • sending you email marketing communications about our business that you have expressed interest in, or which we think may interest you;
  • collecting payments that are due to PriviSafe;
  • enforcing our legal rights;
  • improving our products and services, marketing initiatives, and website performance;
  • tracking visits to our website through cookies and other technologies; and
  • complying with laws and regulations applicable to PriviSafe.

7. Data Retention

When the purposes of processing are satisfied, we will delete the related Personal Data within 12 months.

8. Third Party Data Sharing

We may share Personal Data with our affiliates, as well as with our service providers who process Personal Data on our behalf, and who agree to use the Personal Data only to assist us in providing our Services, or as required by law. Our service providers provide:

  • website and application hosting services;
  • software development services;
  • professional translation services;
  • cloud storage services;
  • email software;
  • team collaboration tools;
  • project management software;
  • video and web conferencing software;
  • VOIP telephone software and services;
  • Internet messaging software;
  • email scheduling, analytics, and tracking software;
  • payment processing software;
  • office productivity software;
  • professional tax/accounting services;
  • customer relationship management software;
  • accounting software;
  • electronic signature software;
  • marketing automation software; and
  • advertising software and services.

Some of these third parties may be located in countries outside of the European Union (EU) or the European Economic Area (EEA). In some cases, the European Commission may not have determined that these countries’ data protection laws provide a level of protection equivalent to European Union law. We will only transfer your Personal Data to third parties in these countries when there are appropriate safeguards in place. These may include the European Commission-approved standard contractual data protection clauses which are available from the European Commission.

9. Cookies

A “cookie” is a small file stored on your device that contains information about your device. For more information about the cookies we use, please refer to our Cookie Policy, which forms a part of this Policy.

10. Security of Data

We have implemented and will maintain technical, administrative, and physical security measures that are reasonably designed to help protect Personal Data from unauthorized processing, such as unauthorized access, disclosure, alteration, or destruction.

11. Your Rights: Access and Review

If we process your or your child’s Personal Data, you may have the right to request access to (or to update, correct, or delete) such Personal Data. You may also have the right to ask that we limit our processing of such Personal Data, as well as the right to object to our processing of such Personal Data. You may also have the right to data portability with respect to such Personal Data.

You may have the right to opt out if your Personal Data is used for any purpose that is materially different from the purpose(s) for which it was originally collected or which you originally authorized. To submit these requests or raise any other questions, please contact us by using the information in the “Contact Us” section below.

12. Privacy of Children

The Services are not directed at, or intended for use by, children under the age of 16.

13. European Economic Area and United Kingdom Supervisory Authority Oversight

If you are a Data Subject whose Personal Data we process, you may also have the right to lodge a complaint with a data protection regulator in one or more of the European Economic Area member states or the United Kingdom (UK).

14. Contact Us

If you have any questions about this Policy or our processing of your Personal Data, please write to us at [email protected] 

We will respond to legitimate inquiries within 30 days of receipt.