Privacy

Privacy Policy for Elevate Security

This Privacy Policy was last updated on May 1, 2018.

We at Elevate Security, Inc. respect the privacy of your personal information, and as such make every effort to ensure your information is protected and remains private. As the owner and operator of www.elevatesecurity.com and any mobile application which we may make available to you now, or in the future (“Elevate Security”, “we”, “our” or “us”) we have provided this Privacy Policy to explain how we collect, use, share and protect information about the users of our website and any mobile application (collectively referred to as “user” or “you”). We will not rent, sell, lease or barter your personal information, data or email address to anyone unless you grant us explicit permission for this information to be shared, such as with a third party service provider or a sponsor.

This Privacy Policy will inform you about the types of personal data we collect, the purposes for which we use the data and the ways in which the data is handled. Furthermore, this Privacy Policy will satisfy the obligation of transparency under the EU General Data Protection Regulation 2016/679 (“GDPR”) and the laws implementing GDPR. For the purpose of this Privacy Policy the controller of personal data is Elevate Security, Inc. and our contact details are set out in the Contact section at the end of this Privacy Policy.

For purposes of this Privacy Policy, “Your Information” means information about you, which may be of a confidential or sensitive nature and may include personally identifiable information (“PII”) and/or financial information. PII means individually identifiable information that would allow us to determine the actual identity of a specific living person, while sensitive data may include information, comments, content and other information that you voluntarily provide.

Elevate Security collects information about you when you use our website (“Website” or “Site”), any mobile application (“App”) which we may make available to you now, or in the future that allows you to access our services, and other online products and services (collectively, the “Services”) and through other interactions and communications you have with us. The term Services includes, collectively, various applications, websites, widgets, email notifications and other mediums, or portions of such mediums, through which you have accessed this Privacy Policy.

We may change this Privacy Policy from time to time. If we decide to change this Privacy Policy, we will inform you by posting the revised Privacy Policy on the Site and in the App. Those changes will go into effect on the “Last updated” date shown at the end of this Privacy Policy. By continuing to use the Site or Services, you consent to the revised Privacy Policy. We encourage you to periodically review the Privacy Policy for the latest information on our privacy practices.

BY ACCESSING OR USING OUR SERVICES, YOU CONSENT TO THE COLLECTION, TRANSFER, MANIPULATION, STORAGE, DISCLOSURE AND OTHER USES OF YOUR INFORMATION (COLLECTIVELY, “USE OF YOUR INFORMATION”) AS DESCRIBED IN THIS PRIVACY POLICY. IF YOU DO NOT AGREE WITH OR CONSENT TO THIS PRIVACY POLICY YOU MAY NOT ACCESS OR USE OUR SERVICES.

1. Information Provided By You

We collect information you provide directly to us, such as when you request information, request a demonstration of our Services, create or modify your personal account, request Services, complete an Elevate Security form or application, contact customer support, make a purchase or otherwise communicate with us. This information may include, without limitation: name, company name, company address, title or position with your company, date of birth, e-mail address, phone number or other personal information you choose to provide.

2. Information Collected Through Your Use of Our Services

The following are situations in which you may provide Your Information to us:

    1. When you fill out forms or fields through our Services;
    2. When you register for an account with our Service;
    3. When you order services or products from, or through our Service;
    4. When you provide the names and other identifying information for company employees;
    5. When you sign up for any newsletters or other materials through our Services;
    6. When you provide information to us through a third-party application, service or Website;
    7. When you communicate with us or request information about us or our products or Services, whether via email or other means;
    8. When you participate in online surveys;
    9. When you participate in any of our marketing initiatives, including, contests, events, or promotions; and
    10. When you participate in forums, reviews or provide user generated content or other submissions.

We also automatically collect information via the Website or App through the use of various technologies, including, but not limited to cookies and pixel tags (explained below). We may collect your IP address, browsing behavior and device IDs. This information is used by us in order to enable us to better understand how our Services are being used by visitors and allows us to administer and customize the Services to improve your overall user experience.

3. Information Collected From Other Sources

We may also receive information from other sources and combine that with information we collect through our Services. For example if you choose to link, create, or log in to your Elevate Security account with a social media service such as LinkedIn, or if you engage with a separate App or Website that uses our API, or whose API we use, we may receive information about you or your connections from that Site or App. This includes, without limitation, profile information, profile picture, gender, user name, user ID associated with your social media account, age range, language, country, friends list, and any other information you permit the social network to share with third parties. The data we receive is dependent upon your privacy settings with the social network.

4. Information Third Parties Provide

We may collect information about you from sources other than you, such as from social media websites, blogs, other users and our business partners.

5. Log Files, Cookies and Anonymous Identifiers

  1. We collect information about how you interact with our Services, preferences expressed, and settings chosen. We gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We may combine this automatically collected log information with other information we collect about you. We do this to improve services we offer you, to improve marketing, analytics, or App/Site functionality, and to document your consent to receiving services, products or communications from us or our partners. If we link such information with PII in a manner that identifies a particular individual, then we will treat all such information as PII for purposes of this Privacy Policy.
  2. Technologies such as cookies (a small file placed on your device), pixel tags, web beacons, touch heatmaps, scripts and similar technologies that create and maintain unique identifiers are used by us and our partners, affiliates, advertisers, analytics teams, or service providers. These technologies are used in analyzing trends, administering the Site, tracking user’s movements around the Site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.
  3. We use cookies to help us know that you are logged on, provide you with features based on your preferences, understand when you are interacting with our Services, and compile other information regarding use of our Services.
  4. Third parties with whom we partner to provide certain features on our Site, or to display advertising based upon your Web browsing activity, may use cookies to collect and store information.
  5. Our website may use remarketing services, such as Google AdWords and Facebook Remarketing Campaigns, to advertise on third party websites to previous visitors to our Site. It could mean that we advertise to previous visitors who haven’t completed a task on our site. This could be in the form of an advertisement on the Google search results page, a site in the Google Display Network, or somewhere on Facebook. Third-party vendors, including Google and Facebook, use cookies to serve ads based on your past visits to our Website. Any data collected will be used in accordance with our own privacy policy, as well as Google & Facebook privacy policies.
  6. You can control the use of cookies at the individual browser level. If you reject cookies, you may still use our Site, but your ability to use some features or areas of our Site may be limited.
  7. Elevate Security cannot control the use of cookies by third parties (or the resulting information), and use of third party cookies is not covered by this policy.


6. Device Information

When you use our Services through your computer, mobile phone or other device, we may collect information regarding and related to your device, such as device type, operating system version, the request type, the content of your request and basic usage information about your use of our Services, such as date and time. In addition, we may collect information regarding application-level events and associate that with your account to provide customer service. We may also collect and store information locally on your device using mechanisms such as browser web storage and application data caches.

7. Location Information

When you use the Services we may collect your precise location data. We may also derive your approximate location from your IP address.

8. Children’s Privacy

Our Services are intended for users who are at least the age of majority in their state of residence. Furthermore, Elevate Security does not knowingly collect personally identifiable information (PII) from persons under the age of 13. If you are under the age of 13, please do not provide us with information of any kind whatsoever. If you have reason to believe that we may have accidentally received information from a child under the age of 13, please contact us immediately at support@elevatesecurity.com. If we become aware that we have inadvertently received Personal Information from a person under the age of 13, we will delete such information from our records.

9. Protective Measures We Use

We protect your information using commercially reasonable technical and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centers, and information access authorization controls. In the event that any information under our control is compromised as a result of a breach of security, we will take reasonable steps to investigate the situation and where appropriate, notify those individuals whose information may have been compromised and take other steps, in accordance with any applicable laws and regulations.

10. The Legal Basis For Collection and Processing Your Personal Information

The legal basis upon which we rely for the collection and processing your Personal Information under the GDPR are the following:

  1. When signing up and creating an account to use our Services, you must give explicit consent allowing Elevate Security to provide you with our Services and generally to process your information in accordance with this Privacy Policy; and to the transfer of your personal data to other jurisdictions including, without limitation, the United States;
  2. It is necessary for entering into, or performing, the obligations of a contract between you and Elevate Security, including, without limitation, the Elevate Security Master Service Agreement, and any addendums or statements of work attached thereto;
  3. It is necessary for our legitimate interests in the proper administration of our website and business; analyzing the use of the website and our Services; assuring the security of our website and Services; maintaining back-ups of our databases; and communicating with you.
  4. It is necessary for our legitimate interests in the protection and assertion of our legal rights, and the legal rights of others, including you;
  5. It is necessary for our compliance with certain legal provisions which may require us to process your personal data. By way of example, and without limitation, we may be required by law to disclose your personal data to law enforcement or a regulatory agency.

11. How We Use Information We Collect

Our primary purpose in collecting, holding, using and disclosing your Information is for our legitimate business purposes and to provide you with a safe, smooth, efficient, and customized experience. We will not rent, sell, lease or barter your information to anyone unless you grant us explicit permission for this information to be shared.

We will use this information in order to:

  1. Provide users with our Services and customer support including, but not limited to, confirming emails related to our services, providing instructions, reminders, confirmations, requests for information and transactions.
  2. Contact you and provide you with information.
  3. Analyze, improve and manage our Services and operations.
  4. Resolve problems and disputes, and engage in other legal and security matters.
  5. Enforce our Elevate Security Master Service Agreement and any addendum or statement of work attached thereto.

Additionally, we may use the information we collect about you to:

  1. Send you communications we think will be of interest to you, including information about services, products, promotions, news, and events of Elevate Security and other companies, where permissible and according to local applicable laws.
  2. Display advertising, including advertising that is targeted to you or other users based on your location, interests, as well as your Elevate Security activities.
  3. Verify your identity and prevent impersonation, spam or other unauthorized or illegal activity including, without limitation, infringement of intellectual property rights of third parties.
  4. We may transfer the information described in this Privacy Policy to, and process and store it in, the United States and other countries, some of which may have less protective data protection laws than the region in which you reside. Where this is the case, we will take appropriate measures to protect your personal information in accordance with this Privacy Policy.

12. How We Share Information We Collect

a. We may share the information we collect about you as described in this Privacy Policy or as described at the time of collection or sharing, including as follows:

  1. With third party Service Providers to enable them to provide the Services you request or that we require to provide our Services, including, without limitation, an independent third party email services provider.
  2. With the general public if you submit content in a public forum, such as your reviews, comments or other features of our Services that are viewable by the general public;
  3. With third parties with whom you choose to let us share information, for example other Websites or Apps that integrate with our API or Services, or those with an API or Service with which we integrate.
  4. With Elevate Security subsidiaries and affiliated entities that provide services or conduct data processing on our behalf, or for data verification, data centralization and/or logistics purposes;
  5. With affiliated entities that provide payment processing services on our behalf;
  6. With vendors, consultants, marketing partners, and other service providers who need access to such information to carry out work on our behalf;
  7. In response to a request for information by a competent authority if we believe disclosure is in accordance with, or is otherwise required by, any applicable law, regulation, or legal process;
  8. With law enforcement officials, government authorities, or other third parties if we believe your actions are inconsistent with any user agreements, policies, or to protect the rights, property, or safety of Elevate Security or others;
  9. In connection with, or during negotiations of, any merger, sale of company assets, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or into another company;
  10. If we otherwise notify you and you consent to the sharing; and
  11. In an aggregated and/or de-identified form which cannot reasonably be used to identify you. We only use such data in the aggregate form and our analytical services do not record any personal information.

b. We may disclose Your Information:

  1. To any person who, in our reasonable judgment, is authorized to receive Your Information as your agent, including as a result of your business dealings with that person (for example, your attorney);
  2. To our third-party vendors and service providers so that they may provide support for our internal and business operations, including for the processing of payments, handling of data processing, data verification, data storage, email services, surveys, research, internal marketing, delivery of promotional, marketing and transaction materials, and our Services maintenance and security. These companies are authorized to use Your Information only as necessary to provide these services to us and are contractually obligated to keep Your Information confidential;
  3. To third parties when you engage in certain activities through our Services that are sponsored by them, such as purchasing products or services offered by a third party, electing to receive information or communications from a third party, or electing to participate in contests, sweepstakes, games or other programs sponsored, in whole or in part, by a third party. When we disclose Your Information to these third parties as a result of your actions to engage them, Your Information will become subject to the information use and sharing practices of the third party, and the third party will not be restricted by this Privacy Policy with respect to its use and further sharing of Your Information;
  4. As required by law or ordered by a court, regulatory, or administrative agency;
  5. As we deem necessary, in our sole discretion, if we believe that you are violating any applicable law, rule or regulation, or are otherwise interfering with another’s rights or property, including, without limitation, our rights or property;
  6. If requested by authorities in the event of any act of terrorism or instance of local, regional or national emergency;
  7. To enforce our Elevate Security Master Service Agreement and any addendum or statement of work attached thereto, this Privacy Policy, and any other applicable agreements and policies;
  8. To enforce or protect our rights.

13. Sharing Information With Law Enforcement

  1. Elevate Security is committed to cooperating with law enforcement while respecting each individual’s right to privacy. If Elevate Security receives a request for user account information from a government agency investigating criminal activity, we will review the request to be certain that it satisfies all legal requirements before releasing information to the requesting agency.
  2. Furthermore, under 18 U.S.C. §§ 2702(b)(8) and 2702(c)(4) (Voluntary Disclosure Of Customer Communications or Records), Elevate Security may disclose user account information to law enforcement, without a subpoena, court order, or search warrant, in response to a valid emergency when we believe that doing so is necessary to prevent death or serious physical harm to someone. Elevate Security will not release more information than it prudently believes is necessary to prevent harm in an emergency situation.

14. Analytic Services Provided By Others

We may allow others to provide audience measurement and analytics services for us, to serve advertisements on our behalf across the Internet, and to track and report on the performance of those advertisements. These entities may use cookies, web beacons, software development kits (SDKs), and other technologies to identify your device when you visit our Site and use our Services, as well as when you visit other online sites and services.

15. Links to Third-Party Websites

  1. Our Services, as well as the email messages sent with respect to our Services, may contain links or access to websites operated by third parties that are beyond our control. Links or access to third parties from our Services are not an endorsement by us of such third parties, or their websites, applications, products, services, or practices. We are not responsible for the privacy policy, terms and conditions, practices or the content of such third parties. These third-parties may send their own cookies to you and independently collect data.
  2. If you visit or access a third-party Website, application or other property that is linked or accessed from our Services, we encourage you to read any privacy policies and terms and conditions of that third party before providing any personally identifiable information. If you have a question about the terms and conditions, privacy policy, practices or contents of a third party, please contact the third party directly.

16. Do Not Track Settings

Some web browsers may give you the ability to enable a “do not track” feature that sends signals to the websites you visit, indicating that you do not want your online activities tracked. This is different than blocking or deleting cookies, as browsers with a “do not track” feature enabled may still accept cookies. There is currently no industry standard for how companies should respond to “do not track” signals, although one may develop in the future. We do not respond to “do not track” signals at this time; if we do so in the future, we will describe how in this Privacy Policy.

17. International Privacy Practices

In order to provide our Services to you, we may send and store your personal information outside of the country where you reside or are located, including to the United States. Accordingly, if you reside or are located outside of the United States, your personal information may be transferred outside of the country where you reside or are located, including countries that may not, or do not, provide the same level of protection for your personal information. We are committed to protecting the privacy and confidentiality of personal information when it is transferred. If you reside or are located within the European Economic Area and such transfers occur, we take appropriate steps to provide the same level of protection for the processing carried out in any such countries as you would have within the European Economic Area to the extent feasible under applicable law. By using and accessing our Services, users who reside or are located in countries outside of the United States agree and consent to the transfer to and processing of personal information on servers located outside of the country where they reside, and assume the risk that the protection of such information may be different and may be less protective than those required under the laws of their residence or location.

18. Account Information

You may correct your account information at any time by logging into your online account. If you wish to cancel your account, please email us at support@elevatesecurity.com Please note that in some cases we may retain certain information about you as required by law, or for legitimate business purposes to the extent permitted by law. For instance, if you have a standing credit or debit on your account, or if we believe you have committed fraud or breached our Elevate Security Master Service Agreement and any addendum or statement of work attached thereto, we may seek to resolve the issue before deleting your information.

19. Promotional Information Opt Out

You may opt out of receiving promotional messages from us by following the instructions in those messages. If you opt out, we may still send you non-promotional communications, such as those about your account, about Services you have requested, or our ongoing business relations.

20. Your Access and Rights to Your Personal Information

You have certain rights in relation to Personal Information we hold about you. You can exercise any of the following rights by contacting us using any of the methods in the Contact section below.

  1. Right to Access. You have the right to access information held about you for the purpose of viewing and in certain cases updating or deleting such information. Furthermore, if you prefer that Elevate Security does not share certain information as described in this Privacy Policy, you can direct Elevate Security not to share that information. We will comply with an individual’s requests regarding access, correction, sharing and/or deletion of the personal data we store in accordance with applicable law. To make changes to your account affecting your personal information contact us at the email address in our Contact section below. For any deletion, non-sharing or update request, we will make the changes as soon as practicable, however this information may stay in our backup files. If we cannot make the changes you want, we will let you know and explain why.
  2. Right of Correction or Completion. If personal information we hold about you is not accurate, out of date or incomplete, you have a right to have the data corrected or completed.
  3. Right of Deletion. In certain circumstances, you have the right to request that personal information we hold about you is deleted. If we cannot delete the information you want, we will let you know and explain why.
  4. Right to Object To or Restrict Processing. In certain circumstances, you have the right to object to our processing of your personal information. For example, you have the right to object to use of your personal information for direct marketing purposes. Similarly, you have the right to object to use of your personal information if we are processing your information on the basis of our legitimate interests and there are no compelling legitimate grounds for our processing which supersede your rights and interests. You may also have the right to restrict our use of your personal information, such as in circumstances where you have challenged the accuracy of the information and during the period where we are verifying its accuracy.
  5. Withdrawal of Consent. If you have given your consent to us to process and share your Personal Information after we have requested it, you have the right to withdraw your consent at any time.

21. Your California Privacy Rights

  1. California Civil Code Section 1798.83 entitles California residents to request information concerning whether a business has disclosed Personal Information to any third parties for their direct marketing purposes. California residents may request and obtain from us once a year, free of charge, information about the personal information, if any, we disclosed to third parties for direct marketing purposes within the immediately preceding calendar year. If applicable, this information would include a list of the categories of personal information that was shared and the names and addresses of all third parties with which we shared information within the immediately preceding calendar year.
  2. If you are a California resident and would like to make such a request, please submit your request in writing to: support@elevatesecurity.com

22. Our Information Retention Policy

Unless you request that we delete certain information, we retain the information we collect for as long as your account is active or as needed to provide you services. Following termination or deactivation of your account, we will retain information for at least 3 years and may retain the information for as long as needed for our business and legal purposes unless explicitly requested or contractually required to delete earlier.

Contact Us

If you have any questions or if you would like to contact us about our processing of your personal information, including exercising your rights as outlined above, please contact us using the methods below. When you contact us, we will ask you to verify your identity.

Email: support@elevatesecurity.com