Last Revised: 02/26/2018
This policy describes:
- How and why we collect your personal data;
- How we use and safeguard your personal data;
- When and with whom we share your personal data; and
- The choices you can make about how we collect, use, and share your personal data.
We wish to remind you that content you post to the Service, including responses to survey questions, are not anonymous and may be viewable by members of your organization. Please exercise appropriate discretion as needed.
II. Policy Scope
III. Information We Collect
We may collect personal data for the purposes set forth in Section IV. below, including for example to deliver the Service to you and to help improve your experience on the Service. We strive to limit the amount of personal data collected to support the intended purpose of the collection. The following are some examples of the ways with which we may collect information from you:
(i) Information You Provide to Us Directly:
When you use the Service, we may collect information that you provide to us directly. For example, we collect information in the following circumstances:
We may collect personal data from users who register to use the Service. During registration, a user may be required to submit his/her contact information (such as valid email address, name and phone number). We also create a username and password for your account in the Service.
We may collect personal data when you respond to online surveys in the Service.
- Communications with Us
We may collect personal data when you communicate with us, for example via the Service or by email. Moreover, a record of any correspondence may be kept.
(ii) Data Collected Automatically:
We may automatically collect the following information from users of the Service that in certain circumstances may constitute personal data:
- Cookies and Web Beacons
Another type of cookie, called a “session” cookie, is used to identify a particular visit to the Service. Session cookies used by the Service expire after you close your browser.
We may also use web “beacons” to allow us to know for example if you visited a certain page or opened an email from us.
- Log Files and Information about Your Device
When you visit the Service, we collect information about your device, such as the IP (“internet protocol”) address connected to your computer (or the proxy server you use to access the World Wide Web), your computer operating system, the type of browser you are using, mobile device operating system (if you are accessing the Service using a mobile device), as well as the name of your ISP (“internet service provider”) or your mobile carrier. We use this information to analyze overall trends to help improve the Service. We do not share with third parties, the linkage between your IP address and your information on the Service, unless required by law to do so.
- Analytics Service Providers
IV. How We Use Your Information
We use the personal data to provide our consulting services, including the Service, and to support our core business functions. These include service fulfillment, internal business processes, authentication, and legal functions. Some examples include:
- To register and service your account;
- To help us improve and customize our service offerings;
- To communicate with you;
- To prevent and investigate fraud and other misuses;
- For market research;
- For electronic direct marketing, in accordance with applicable law;
- To audit and analyze the Service; and
- To protect the security or integrity of the Service and our business.
V. Ways We Share Your Information with Third Parties
We do not sell or rent personal data to third parties. We only disclose personal data under the following limited circumstances:
- Service Providers
We may disclose or otherwise make available personal data to service providers that help with our business operations, such as third-party software support and development firms. Personal data may be stored and processed by our service providers in the United States or other locations where the service providers maintain facilities. We require our service providers to keep personal data confidential and secure. In addition, our service providers may not use or disclose personal data for any purpose other than providing the services on our behalf.
- Legal Requirements and Protection of Our Company and Others
We may disclose personal data when required by subpoena or other legal process or request by public authorities, or if we have a good faith belief that disclosure is necessary to:
- Investigate, prevent or take action regarding suspected or actual illegal activities or to assist government enforcement agencies or other public authorities;
- Exercise or protect the rights, property or personal safety of Secure Digital Solutions, LLC, our users, employees, agents, or others.
- Business Transfers
We may disclose personal data to other companies in our group, including our subsidiaries and affiliates, and as part of reorganization or a sale of the assets or stock of Secure Digital Solutions, LLC, or its subsidiaries or divisions or a corporate merger, consolidation, or restructuring. Moreover, we may disclose information in connection with bankruptcy proceedings, or other corporate reorganization. Any third party to which Secure Digital Solutions, LLC transfers or sells the Service or assets or stock related to it will have the right to continue to use the personal data that you provide to us.Moreover, we may disclose information to third parties in an aggregate format that does not constitute personal data and does not allow the identification of individual users.
VI. Your Rights and Choices
- Discretion for Information Disclosures regarding the Surveys in the Service
The purpose of the Service is to encourage candid and sometimes sensitive survey responses regarding your organization’s information security controls and processes. We do not control or otherwise censor your responses to survey questions. Additionally, responses to survey questions are not anonymous and may be viewable by members of your organization. As such, we recommend that users exercise appropriate discretion as needed.
- Accessing and Updating Your Information
We take reasonable steps to keep personal data held by us accurate and complete. You have the right to know what data we hold about you, and the right to have incomplete, incorrect, outdated, or unnecessary personal data corrected, deleted, or updated. You can access or update your user account in the following ways:
- If you have an account on the Service, log into <https://<your-subdomain.trustmapp.com> your account. Once you do, you will be able to enter and update your own contact information under the user settings option.
- Email TrustMAPP Support directly at [TrustMAPP|at|trustsds|dot|com].
- Contact SDS Technical Support at 952-544-0234
You may to access the data you enter into the Service as long as it resides on our servers. If your account has been deactivated, you may contact us (contact information below) to request a copy of your data, if such data is retained by us in accordance with the relevant agreement and/or applicable laws.
- Opting-Out of Email Communications
You may not opt-out of Service-related email communications from us as these communications are necessary for the provision of the Service offering.However, you have the right to opt out of receiving electronic direct marketing from us. All electronic direct marketing communications that you may receive from us, such as marketing e-mail messages and SMS-messages, give you an option of not receiving such communications from us in the future. If you have any additional questions about electronic direct marketing received from us, please contact us at [privacy|at|trustsds|dot|com].
- Closing Your Account
You may close your Service account by contacting [TrustMAPPSales|at|trustsds|dot|com]. If you close your Service account, we will terminate online access to your personal data, but we will retain this information for recordkeeping purposes and as required by law.
VII. Children and Minors
We do not knowingly collect personal information from children under the age of 13. Children may not use the Service, and we request that children under the age of 13 not submit any personal information to the Service, including on the site.
VIII. Information Security
Access to your data on the Service is password-protected and the site utilizes 256-bit SSL (“secure sockets layer”) encryption to reduce the risk that others are able to view information passing between our web servers and your browser. When you enter a secure portion of the site, an image of a closed lock or a solid key should appear in the bottom or URL address bar of your browser window as an indicator of SSL encryption.
We implement administrative, technical and physical safeguards to protect the content you post on the Service. However, since the Internet is not a completely secure environment, we cannot ensure or warrant the security of any information you transmit to us. There are no guarantees that information cannot or will not be accessed, disclosed, altered, or destroyed by breach of any of our administrative, technical or physical controls. Moreover, it is your responsibility to protect the security of your login information (username and password).
IX. International Transfers of Personal Data
The Service is hosted on servers located in the United States. Moreover, personal data may be stored and processed by our service providers in the United States or other locations where the service providers maintain facilities. By using the Service you consent to that personal data about you may be processed outside your own country and you acknowledge that the laws applicable to the protection of personal data in such countries may be different from those applicable in your home country. In particular, if you are located within the European Union, you consent to your personal data being transferred outside of the European Union.
XI. How to Contact Us
Or, by post:
Secure Digital Solutions, LLC
Attn: Privacy Officer
5353 Gamble Drive
Saint Louis Park, MN 55416