SecureW2 Privacy Policy
Last Updated: [**09/06/2024]
This Privacy Policy (the “Policy”) explains how SecureW2, Inc. and its affiliates and subsidiaries (“SecureW2”, “we”, “our” or “us”) collect, store, use, disclose and otherwise process information about you in the course of our business, including through our websites that link to this Notice (such as, www.SecureW2.com) (the “Sites”), our SaaS-based services (the “Service”) and through other means such as our partner’s activities. It also sets out more information about your privacy rights.
We encourage you to review the Policy and revisit it often, in case we make any changes to it. If you can’t find what you are looking for in this Policy, please let us know by emailing us at privacy@securew2.com.
Definitions
To make this Policy concise and to avoid repetition, we will use the following terms (these terms will apply whether used in singular or plural and upper case or lower case):
- “Customer” means any organization or business that is a client of SecureW2’s, has purchased SecureW2’s Products, and has authorized its users to engage on the SecureW2 platform.
- “Personal Information” means any information that can be used to identify you.
- “Products” means SecureW2 products, modules, platforms, solutions or services provided by Us to our Customers (including demos and trials). Our Products form a complete platform for certificate-driven security. SecureW2’s platform enables our Customers to issue, manage, and authenticate digital certificates. We will use the term “Products” in this policy to refer to the individual or multiple components that make up the SecureW2 offering.
- “We” “Us” “Our” or “SecureW2” means SecureW2, Inc., located at 2208 NW Market St, Seattle, WA 98107, USA and our affiliated or group companies.
- “Websites” means securew2.com and cloudradius.com and any linked web pages hosted by us.
- “You” or “Your” means you (the person reading this), your organization, or the individual whose Personal Information is being processed.
Scope of this Policy and SecureW2’s Role
The Policy explains how we process your Personal Information when you connect with SecureW2, engage with the SecureW2 team or use SecureW2’s Products or Websites. This Policy applies to the Personal Information collected during the course of SecureW2’s relationship with you, through your use of the Websites, or in relation to your interest, purchase, registration, login, and usage of our Products. For the purposes of this Privacy Policy, SecureW2 is the controller, because we are responsible for deciding how your Personal Information is processed.
This Policy does not apply to Personal Information SecureW2 processes on behalf of our Customers. In those instances, our Customers are the controllers of the Personal Information and their privacy policies (rather than this Policy) will apply to the Personal Information they upload or store in our Products, as well as any Personal Information they may process from public sources through their use of SecureW2’s Products. You can find more information on how we support our Customers, including Personal Information we may process at their instruction, in the section called “SecureW2 as a Service Provider and Processor,” below.
Personal Information Collected by SecureW2
The Personal Information we collect depends on your interaction and engagement with SecureW2’s Websites or Products, as well as the business context through which it was collected. It comes from three basic sources:
Personal Information You Provide: When you interact with our Websites or Products or our personnel, we collect the Personal Information that you provide to us. This includes the Personal Information you provide on our Websites in order to get more information about SecureW2’s Products, to subscribe to our content, to attend our events, or for any other purpose determined by you. Personal Information you may provide includes, but is not limited to:
- Contact Information, such as your name and email address, when you subscribe to our newsletters, use or purchase our Products, request a demo, register for a webinar, or seek to download SecureW2 content;
- Relationship Management Information, such as details about payment and billing, including direct debit details, billing contacts, and payment cadence;
- Employment Information, such as the company you work for, your role at that company, company industry information, company contact information and business address;
- Commercial Records, such as records of Products being considered or purchased and information obtained through the sales process;
- Geographic Location Data, so that we can tailor our communications, language, obligations and services to your region;
- Communication Preferences regarding marketing content, areas of interest, records of consent, or other correspondence; and
- Communication Data, which may include records of calls or any other communications, language, obligations which may be used for training, monitoring and improvement purposes.
Personal Information We Get When You Use Our Products: When you engage with our Websites or Products, we may also collect Personal Information automatically. This includes, but is not limited to:
- Usage Information, such as how you interact with our services, what pages you visit, what pages directed you to our Website, the date and time of your visit, which features and tools you access, access times, and what actions you took in our Products or Websites;
- Device Information, such as your hardware and software, operating system, unique identifiers, including unique device identifiers, and IP addresses;
- Location Information; and
- Information collected via Cookies and Similar Technologies.
Personal Information We Get From Third Parties: SecureW2 may also receive Personal Information about you from other individuals, organizations, users, affiliates, or third parties. This includes, but is not limited to:
- Third Party Applications that are integrated into SecureW2 that may provide us with account and usage information from the third party application or information we need to verify you or your identity or location for legal or regulatory or other reasons such as fraud prevention;
- SecureW2’s Authorized Resellers, partners, or third party service providers who may provide us with contact information or commercial information, or who support us with advertising functions;
- Another entity in the event of a merger or acquisition who may provide us with commercial information and services purchased; and
- Public Sources, including public forums, information made publicly available on social media networks or other websites, or government entities that maintain public records, from which we may get any information that is made publicly available in accordance with the terms and policies of those underlying sites (Please remember that any Personal Information you choose to make publicly visible can be seen by anyone).
For details on what Personal Information SecureW2 may collect on behalf of our Customers, please review the section called “SecureW2 as a Service Provider and Processor,” below.
How SecureW2 Uses Personal Information
We process your Personal Information to provide you with a unique and valuable SecureW2 experience, including:
- Providing, operating, and delivering our Products and Websites, including creating and maintaining your accounts and fulfilling your requests for resources and support;
- Communicating with you, including responding to your inquiries about SecureW2’s Products or Websites, following up on your requests for information, webinars, or events, sending you marketing content (where you have permitted us to do so), and sending you service messages about your SecureW2 Products, or responding to support inquiries;
- Managing our Customer relationships, including servicing your account, managing your commercial contracts, and facilitating billing;
- Monitoring and enhancing the safety and security of our Websites and Products to address suspicious behavior, fraud, legal compliance, repairing and addressing bugs, and maintaining the integrity of our Products and Websites;
- For our own business purpose, such as analyzing performance trends and usage to enhance our Products and Websites, personalizing and improving your experience with our Products and Websites, marketing our Products, performing internal research to develop new Products, services or features, quality assurance, and for the maintenance of SecureW2’s business records;
- Meeting our legal or regulatory compliance obligations and enforcing violations of our Terms of Use and other Policies or in the event of a corporate transaction such as a merger, sale, or acquisition; and
- Any other legitimate business purposes (always balancing our interests against yours), or where you have given your consent.
We may combine your Personal Information with information we have obtained from other sources, such as your use of (or connection with) multiple Products, to provide a unified, seamless, and valuable digital experience. We may also combine and enhance your Personal Information with information obtained from third party sources that are permitted to share that information with us.
Our processing of Personal Information includes both manual (human) and automated (computerized) methods, which support each other. Our automated methods include artificial intelligence (AI) and machine learning (ML). However, we do not make automated decisions that could have a significant legal impact on you without human intervention.
How SecureW2 Shares Personal Information
Our policy is to not give, sell, or otherwise distribute the Personal Information we collect to third parties outside of SecureW2, other than those listed below, except with your express consent, where the third party is a service provider for us or our Products or Websites, or where this is necessary and in accordance with applicable law.
The circumstances in which your Personal Information may be shared include:
- Affiliates: We may share your Personal Information with SecureW2 affiliates so that they can help provide SecureW2’s Products and Websites, service your account, or troubleshoot concerns or support legitimate business operations;
- Authorized Parties: We share your Personal Information with authorized third party vendors and service providers which support the delivery of our Websites and Products (e.g., by providing technical infrastructure services, data processing, or analytics), enable our marketing activities (e.g., event sponsors or email vendors), parties who support our business operations, as well as SecureW2’s professional advisors or auditors;
- Social Networks and Integrated Applications: We share Personal Information with social networks and integrated applications Customers have chosen to authenticate and connect with SecureW2;
- Legal Purposes: We may disclose Personal Information in response to legal demands such as subpoenas, court orders, law enforcement requests, legal claims or government inquiries, to detect fraud, or to protect the rights, interests, safety, and security of SecureW2 (including our Websites, Products, or Services, affiliates, owners, and users) or the public, to the extent we are legally required to.
- Business Transfers: We may share Personal Information with third parties in connection with corporate transactions, such as sales, mergers, or consolidations;
- With Your Consent and Instruction: We will also share you Personal Information where you have consented to such sharing, or as otherwise authorized by our Customers (e.g., with third party service providers that our Customers integrate into their SecureW2 platform)
Where we share your Personal Information, as legally required, we either (i) enter into written agreements with recipients who process Personal Information on behalf of SecureW2 which contain data protection obligations that are no less protective than those in this Policy or our Data Processing Addendum; or (ii) ensure that any transfer of Personal Information to a third party who will be using the information for their own purposes is conducted in compliance with applicable data protection law.
How SecureW2 Secures Personal Information
The security of your Personal Information is of paramount importance to us. SecureW2 uses industry standard technical, organizational, and administrative security measures to protect any information (including Personal Information) we hold in our records from loss, misuse and unauthorized access, disclosure, alteration, and destruction. We will also take all reasonable precautions to ensure that our staff and employees who have access to Personal Information have received adequate training. All employees who are permitted to handle Personal Information are subject to statutory or contractual confidentiality obligations, and may only get access to Personal Information in accordance with SecureW2’s access control policies. SecureW2 keeps your Personal Information until it is no longer necessary for the purpose for which it was collected, for legitimate business purposes, or to comply with our legal obligations. You can request deletion of your Personal Information through the mechanism referenced in the section of this Policy called “Your Rights and Choices,” below.
Your Rights and Choices
In accordance with applicable data protection law, you can exercise certain rights over your Personal Information, such as obtaining a copy of the Personal Information held about you, requesting deletion of your Personal Information, opting out of future communications, or withdrawing consent for processing (where relevant). To exercise your rights, you can email us at privacy@securew2.com. You can also unsubscribe from emails using the “unsubscribe” link at the bottom of SecureW2 email communications.
There are instances where we may ask for Personal Information to enhance your user experience or provide you with the most relevant content. Where Personal Information is not required and your provision of it is optional, you can choose not to share it, but it may mean that certain features on our Products or Websites may not be available to you. There are other instances, however, where we require Personal Information in order to enable access to certain Product features or Products, or provide other services you have requested. For example, to create, authenticate, and log into your SecureW2 account, we will need your email address. You can decline to provide Personal Information if you’d prefer not to, or request deletion of that data, but that may mean we cannot have a relationship with you or you can’t use some of SecureW2’s services, including our Products and Websites. We are happy to discuss this with you to find a solution if possible.
In addition to the rights and choices listed above, you may also have the right to lodge a complaint with a supervisory authority in your state or country of residence. In the United States, SecureW2 is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and, depending on your state of residence, you may also be able to submit complaints with your state Attorney General’s office. If you are visiting from the EU, you can lodge a complaint with the supervisory authority in your country of residence. Visitors from the United Kingdom may direct their complaints to the Information Commissioner’s Office and visitors from Switzerland may contact the Swiss Federal Data Protection and Information Commissioner. If you reside in a different country and need information about exercising your rights, please email privacy@securew2.com and we will do our best to help.
Retention and disposal of Personal Data
Securew2 retains your data for as long as necessary to provide you with the requested services, address any disputes or issues, or for legitimate business purposes such as data analysis, improving our services, or preventing fraud. This also includes any legal, accounting, or reporting requirements.
We will also retain data for a specific purpose, and for a reasonable period as mentioned in the Notice to fulfill specific purposes (activities, marketing, promotions, etc.). If you wish to opt out of our marketing communication, we will retain some personal data on a list and use it to suppress sending information in the future. This data will not be used to send you any further marketing promotions, unless you explicitly consent to receive them.
In all cases, we will take reasonable steps to ensure your personal data is deleted or destroyed without any further notice or liability. If you have any questions about our retention of data policy, please email us at privacy@securew2.com
International Transfers of Personal Information
In providing our Websites and Products, the Personal Information that we collect may be processed, stored, and used in the United States and other jurisdictions. These transfers are necessary so that we can operate and provide our Websites and Products, and so that we can fix, analyze, and improve our Websites and Products.
The data protection laws of the countries to which we send Personal Information may vary from those in your country of residence. When we transfer Personal Information outside of your country of residence, where required by law, we carry out transfer impact assessments and ensure that there is an adequate transfer mechanism in place, such as standard contractual clauses. We also make sure that any recipients of your Personal Information, especially third party recipients, have an adequate transfer mechanism in place as well. This is to ensure an equivalent level of protection of your Personal is provided in those countries.
Additionally, SecureW2 is liable if any third parties to which we disclose personal information fail to meet the applicable legal obligations for which SecureW2 is responsible and such failure results in damages, unless we can prove that we are not responsible for the events giving rise to the damages.
Minors
SecureW2 does not direct any of our business practices, Products, or Websites, directly or indirectly, towards children. We are committed to respecting the privacy of children online and ensuring that SecureW2 is compliant with the Children’s Online Privacy Protection Act (COPPA) and other all applicable laws. If we learn that the Personal Information of a child under the age of thirteen is stored on our platform, we will promptly delete that information or notify our Customers.
Cookies and Similar Technologies
SecureW2 uses cookies (small text files containing a string of alphanumeric characters that we put on your computer or device) and other similar tracking technologies (like web beacons, pixels, tags, and scripts) to uniquely identify your browser and to gather information about how you interact with the Websites (collectively, “Cookies”).
Which Cookies Does SecureW2 Use?
We use Cookies to provide, protect, and improve our Websites. For example, we may use the cookies on your browser to recognize you from a prior visit to our Websites or to provide you with offers that may be of interest to you. Alternatively, we may use cookies or other technologies, like pixels which are embedded on Websites and content, to track user interactions, and to improve and develop our marketing and advertising efforts. Specifically, SecureW2 uses:
- Strictly Necessary Cookies, which are essential for our Websites to work as intended. Without these cookies, we would not be able to provide you with the Websites, like enabling content based on your device or remembering your language choices;
- Functional Cookies, which monitor performance of our Websites and are used to enhance your browsing experience. For example, our functional Cookies enable you to communicate with us via live chat;
- Marketing and Analytics Cookies, which help us understand user behavior on our Websites so that we can provide you with a more relevant or personalized experience with the content on our Websites. For example, we may collect information about which pages you visit so we can present you with more relevant information; and
- Advertising Cookies to help personalize and measure advertising on our Websites and other third party websites. For example, we may use our advertising cookies after you visit our Websites to serve you with a personalized ad based on the pages you visited.
Some of these Cookies belong to SecureW2, but other third parties also use cookies on SecureW2’s Websites to provide and service our Websites, marketing activities, and advertisements. For example, third party cookies can help us tailor ads off of our Websites, or measure the effectiveness of our advertising and marketing campaigns.
Your cookie preferences are based on your consent. You can manage your cookie preferences in the following ways:
- Emailing us at privacy@securew2.com and requesting us to delete your cookies
- Controlling cookies on your browser, which you can learn about here;
- Opting out of receipt of future email newsletters; and/or
Note that if you use multiple browsers on your device, you will need to instruct each browser separately on your cookie preferences. Limiting cookies is subject to each browser’s settings and limitations, and some features of our Websites may not work if you decline the use of cookies.
You can find more information about the cookies and similar technologies we use, by clicking “Cookie Preferences” in the footer of our Website.
SecureW2 as a Service Provider and Processor
SecureW2’s Products are intended for use by our Customers to manage their customer experience. In order to provide our Products, SecureW2 allows our Customers to, for example:
- Add, upload, or store Personal Information about their employees, purchasers, customers, contacts, or users in our Products;
In all these instances, SecureW2’s Customers are controllers of the Personal Information because they decide how or why your Personal Information is processed. SecureW2 is engaged as a service provider and processor to provide the Products and help our Customers achieve their objectives. When our Customers process Personal Information through our Products, they are responsible for ensuring that they do so in compliance with the law, including providing their customers and users with transparent notices. Our Customers are also responsible for validating any integrations they enable through our Products, as well as ensuring that their use of publicly available personal information complies with the terms of the social media networks or websites the personal information is obtained from.
Where SecureW2 is a service provider and processor for our Customers, our Customer’s privacy policies, rather than this one, will be applicable to the Personal Information processed, and we direct individuals to review those policies if they have any questions around how their data is obtained or processed within the SecureW2 Products.
SecureW2’s processing activity as a service provider and processor is governed by the contracts we have with our Customers, including our Master Services Agreement and Data Processing Addendum (DPA) which includes limits on our processing and defines how we secure and protect the Personal Information we process for our Customers.
If you have any questions about how the businesses you engage with process your Personal Information, you should contact them directly.
Supplementary Notice for Users in the EEA and UK
This Supplemental Privacy Notice for Users in the European Economic Area (EEA) and UK (the “EEA/UK Notice”) supplements the information included in our Policy and applies to visitors, users, and individuals from the EEA and UK. The EEA/UK Notice provides you with more information on the types of Personal Information we collect and the purposes for which we use that data. All terms used in this EEA/UK Notice have the same meaning as set out in the EU General Data Protection Regulation and the UK General Data Protection Regulation (collectively, the “GDPR”).
If we transfer your personal information out of the European Economic Area or Switzerland and are required to apply additional safeguards to your personal information under European data protection legislation, we will do so. Such safeguards may include applying the newly modernized EU Standard Contractual Clauses, as of June 4th 2021, for the transfer of personal data to third countries described here, or for transfers to third parties in the United States.
Legal Basis for Processing
SecureW2 is committed to the fair, transparent and lawful processing of your Personal Information and relies on a variety of legal bases for collecting and using Personal Information, including:
- As necessary to perform our contractual obligations to you, or take steps at your request before we enter into a contract with you;
- Where the processing is in our legitimate interest and is not overridden by your rights and freedoms;
- Where we have obtained your consent to do so. When we rely on consent, you may withdraw your consent at any time (though withdrawal of consent does not impact the lawfulness of processing based on consent prior to its withdrawal); or
- Where we have a legal obligation to process Personal Information.
Where we rely on legitimate interests to process your Personal Information, those interests are generally to maintain our relationships with you, operate our business and platform, to provide you with the SecureW2 Websites, Products, and services, to communicate with you, to respond to your questions or inquiries, to improve our platform, Websites, and Products, and to detect or prevent illegal activities.
Purpose of Processing: Providing and Improving Our Services
- Types of Personal Information: Contact Information, Commercial Records, Employment Information, Communication Preferences and Data, Location and Geographic Information, Usage Information, Device Information, Information Collected Via Cookies or Similar Technologies, Social Media Information, Information from Third Party Applications, Information from a Merger or Acquisition, Public Information
- Legal Basis: Contractual Necessity; Legitimate Interests to operate, maintain, and provide our services
Purpose of Processing: Analyzing Your Use of the Services
- Types of Personal Information: Location and Geographic Information, Usage Information, Device Information, Information Collected Via Cookies or Similar Technologies, Social Media Information, Information from Third Party Applications, Information from a Merger or Acquisition, Public Information.
- Legal Basis: Legitimate Interests to operate, maintain, and provide our services, Consent.
Purpose of Processing: Communicating With You In Relation to SecureW2’s Products
- Types of Personal Information: Contact Information, Commercial Records, Employment Information, Communication Preferences and Data
- Legal Basis: Contractual Necessity; Legitimate Interests to respond to your requests for information; Consent; Compliance with Legal Obligations
Purpose of Processing: Communicating With You Through Marketing Communications
- Types of Personal Information: Contact Information, Commercial Records, Employment Information, Communication Preferences and Data
- Legal Basis: Legitimate Interests to respond to your requests for information; Consent
Purpose of Processing: Promoting the Safety and Security of our Services
- Types of Personal Information: Contact Information, Commercial Records, Communication Preferences and Data, Location Information, Usage Information, Information Collected Via Cookies or Similar Technologies
- Legal Basis: Legitimate Interests to ensure the safety of our Products, Websites, and services; Compliance with Legal Obligations
Exercising Your Rights
Under applicable laws, you may have the right to access, rectify, port, or erase your Personal Information, as well as the right to restrict processing or object to certain processing of your Personal Information. To exercise your rights, you can either:
- Submit a request on our GDPR Data Subject Rights Requests Form; or
- Email us at privacy@securew2.com
You also have the right to opt out of marketing communications you receive at any time by clicking the ‘unsubscribe’ link in the marketing emails you receive. We respond to all requests we receive in accordance with applicable data protection law.
You also have the right to complain to a data protection authority about our collection and use of your Personal Information, which you can do with either the relevant supervisory authority in the EEA or the Information Commissioner’s Office in the UK.
Supplementary Privacy Notice for California Residents
This Supplemental Privacy Notice for California Residents (the “CA Notice”) supplements the information included in our Policy and applies solely to visitors, users, and individuals who reside in the State of California. All terms used in this CA Notice have the same meaning as set out in the California Consumer Privacy Act of 2018 (CCPA) and California Privacy Rights Act (CPRA).
SecureW2’s Information Practices
To provide you with our Websites and Products, we process information about you which may include Personal Information, as defined under California law. You can learn more about what kind of information we collect and how we use it in our Privacy Policy, above, but the following is a summary of the California specific categories of Personal Information we collect and, depending on our Websites or Products, how we use it or share it:
Categories of Personal Information
- Identifiers
- Commercial Information
- Internet or other electronic network activity information
- Location related information
- Audio or Visual information
Examples of how SecureW2 uses Personal Information
- To provide our Websites, Products, and services to you;
- To personalize our Products and Services to you, where relevant;
- To communicate with you; and
- To promote the safety and security of our Products and Websites
Parties with Whom the Categories of Personal Information May Be Shared
- SecureW2 Affiliates;
- SecureW2 Customers;
- Service Providers;
- New Owners in the event of a change of ownership or control of all or part of our Products or assets; and
- Law Enforcement or other third parties in connection with legal requests, as needed to comply with applicable law, or to prevent harm
Your Rights and Choices
California residents have specific rights regarding their Personal Information, including the right to request disclosure about our collection, use, and disclosure of your Personal Information. Depending on the nature of your request, our response may provide you with information about:
- The specific pieces of Personal Information we collected about you, including, under certain circumstances, in a portable format.
- The categories of Personal Information we collected about you.
- The categories of sources for the Personal Information we collected about you.
- The categories of your Personal Information that we disclosed for a business purpose.
- The categories of third parties with whom we disclosed that personal information for a business purpose.
- Our business or commercial purpose for collecting or disclosing that Personal Information.
CA residents may also request deletion of their Personal Information. The CCPA also provides a right to opt out of the sale of your Personal information. At this time, we do not sell your Personal information.
Exercising Your Rights
To exercise your rights, you can either:
- Submit a request on our CCPA Consumer Rights Request Form; or
- Email us at privacy@securew2.com
You also have the right to opt out of marketing communications you receive at any time by clicking the ‘unsubscribe’ link in the marketing emails you receive.
Only you or someone legally authorized by you can make a consumer request on your behalf. If we do not receive enough information through your request to authenticate you, we may request additional information so that we can ensure you are who you say you are. We will only use the information you provide us in a consumer request to verify your identity. We respond to all requests we receive in accordance with California’s regulatory timelines.
Updates to this Policy
We may update this Policy from time to time. Where appropriate or required by law, we will notify you about the new Policy by posting appropriate notice on our website. We encourage you to periodically review this Policy to stay informed about our Personal Information processing practices. We will revise the date at the top of this Policy when such changes are made so you know when the Policy was last modified.
Contact SecureW2
If you have any questions about this Policy, or if you wish to exercise your rights under applicable data protection laws, please feel free to contact us by:
- Sending us an email at privacy@securew2.com
- Writing to us at SecureW2, Inc., ATTN: Privacy, 2208 NW Market St, Seattle, WA 98107, USA