SOCIAL SAFEGUARD, INC. DBA SAFEGUARD CYBER
Last updated: July 2022
Social Safeguard, Inc. (dba SafeGuard Cyber) is a software-as-a-service provider that empowers customers to achieve digital transformation by using social media, mobile messaging and digital collaboration channels, applications and tools, securely, compliantly and at scale. For more information about SafeGuard Cyber, please visit our website at https://www.safeguardcyber.com.
This Privacy Notice (“Notice”) describes the manner in which SafeGuard Cyber collects, uses, maintains and discloses information from visitors to our website (www.safeguardcyber.com) and social media accounts, event participants, prospective customers or job candidates, situations in which SafeGuard Cyber is a data controller, and from the use of our SafeGuard Cyber Platform, the SafeGuardMe mobile application, and the performance of our services products (collectively, our “Offerings”). For purposes of this Privacy Notice, the terms “user,” “customer,” “you,” and “your” are meant to refer to the individuals about whom we may collect personal information, and at times may be used interchangeably within this Notice.
If you have any questions or concerns about our use of your personal information, please contact us using the contact details provided at the end of this Privacy Notice.
1. DATA COLLECTION AND USE
1.1 Why does SafeGuard Cyber Collect Personal Information?
SafeGuard Cyber processes personal information in the course of running our websites, processing payments, registering visitors to our offices and events, providing support, improving user experience, running our infrastructure, preventing fraud, protecting intellectual property, maintaining network security, protecting customers through the SafeGuard Cyber Platform and SafeGuardMe mobile application, enforcing our legal rights, sending marketing and other communications, processing agreements, complying with our legal obligations, and to achieve other legitimate business interests, as well as situations where you have provided consent. Personal information, such as contact information, is collected from our websites, web portals, Offerings, events, partners, office visitor registration systems, and where you have otherwise provided it directly to SafeGuard Cyber.
1.2 Where Does SafeGuard Cyber Obtain Personal Information?
SafeGuard Cyber’s websites provide Internet-based access for users to learn about SafeGuard Cyber and our Offerings, and also to communicate with SafeGuard Cyber. Safeguard Cyber web portals that may exist within our Offerings provide customers with Internet-based access to the SafeGuard Cyber Platform and our Offerings. When an individual uses our Websites, Platform or Offerings, SafeGuard Cyber gathers information, some of which may be considered personal information in your jurisdiction. Information collected and used by SafeGuard Cyber may include, among other things, the Internet Protocol (IP) address, browser information, the type of device and operating system, the Internet service provider used and other similar information. For customers and other users who are required to login to gain access to a particular SafeGuard Cyber website, Platform or other Offering, we collect usernames, passwords and other login credentials that are used for the purpose of authentication and verifying user authorization.
SafeGuard Cyber Platform and Offerings: The information, including personal information, collected and processed during the normal operation of the SafeGuard Cyber Platform and our Offerings is covered in Section 3 of this Privacy Notice. It includes information provided by customers, individuals, third-party service providers and partners, as well as information from publicly available sources.
SafeGuard Cyber Websites and Social Media Accounts: We may use the information, including personal information, that we collect from visitors to our website or our official social media accounts for a number of reasons, including: (i) operating, securing, supporting, personalizing and improving our websites and/or social media accounts, (ii) providing you with requested information and Offerings, (iii) operating our blog and podcast, (iv) communicating through social media and other channels, (v) running surveys, contests or similar activities, (vi) sending periodic emails and other electronic messages, (vii) recruiting new employees, (viii) analyzing trends, and (ix) carrying out digital marketing and advertising.
Email Communications and Other Information: SafeGuard Cyber collects the email addresses of those who communicate with us via email, contact information of Users that communicate through other channels (such as phone number and physical address), information on what pages Users visit on the SafeGuard Cyber websites, IP addresses of those accessing the SafeGuard Cyber websites, information volunteered by the user (such as survey information), and information collected from users of the Platform and our Offerings. This also includes information on the senders and recipients of communications sent using SafeGuard Cyber Services (including Mail and Messages), by the User of the Service and the people they are communicating with.
1.3 Cookies and Similar Technologies
1.4 With Whom Does SafeGuard Cyber Share My Personal Information?
SafeGuard Cyber may use third party service providers or partners to help us operate our business; provide, support, maintain or secure our Platform, Offerings and websites; or administer activities on our behalf. It may be necessary to provide or allow access to your personal information by those third party service providers or partners for those purposes.
SafeGuard Cyber provides information regarding our business to our legal counsel and auditors. In some cases, the information shared may contain personal information, but the legal counsel and auditors may only use it for the limited purpose of providing their professional services to SafeGuard Cyber.
SafeGuard Cyber may also disclose your personal information as required by law, such as to comply with a subpoena or similar legal process; or when we believe that disclosure is necessary or appropriate to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to an official government request. We may transfer information we have about you in the event we sell or transfer all or a portion of our business or assets.
2. LEGAL BASIS FOR PROCESSING PERSONAL INFORMATION (EEA VISITORS ONLY)
If you are a visitor from the European Economic Area or the United Kingdom, SafeGuard Cyber’s legal basis for collecting and using the personal information collected will depend on the personal information concerned and the specific context in which we collect it. In most circumstances, we collect personal information: (i) where it is needed for the performance of a contract, (ii) where the processing of personal information is in our legitimate interests and not overridden by your rights, or (iii) where you provide your consent. At other times, your personal information may be collected in order for us to (iv) comply with a legal obligation, (v) perform a task for the public interest, or (vi) for the protection of your or another’s vital interests.
If we collect and use your personal information in reliance on our legitimate interests or those of any third party, we will make clear to you at the relevant time through this Notice, or otherwise, what those legitimate interests are. In most cases, legitimate interests involve our normal day-to-day operations, such as operating the SafeGuard Cyber Platform and communicating with you as necessary to provide our Offerings, responding to customer inquiries or conducting marketing activities. We may transfer personal information to companies that help us provide our services and Offerings. Transfer to any subsequent third parties are covered by the service agreements and contracts with our customers.
If you have questions about, or need additional information concerning, the legal basis on which SafeGuard Cyber collects and uses your personal information, please contact us using the contact details provided at the end of this Privacy Notice.
3. PLATFORM AND OFFERINGS
SafeGuard Cyber’s customers are primarily companies and other legal entities that give their employees, contractors and agents (collectively referred to as, “End Users”) access to the SafeGuard Cyber Platform or our other Offerings via the Internet for official business purposes. In addition, the SafeGuardMe mobile application allows End Users to monitor and protect their individual social media accounts.
To the extent that SafeGuard Cyber collects personal information through our Platform and Offerings, we generally collect that information under the authority and direction of our customers. SafeGuard Cyber typically has no direct relationship or contact with an individual whose personal information we may collect or receive from a customer for subsequent analysis and use. Consequently, any inquiries about the specific processing of your personal information by SafeGuard Cyber should be directed to the customer for which you are an employee, contractor or agent. Regardless, use of personal information collected by our Platform and Offerings is limited to the primary purpose of providing the services for which our customers have engaged SafeGuard Cyber, or as otherwise outlined in our customer agreements. SafeGuard Cyber does not use any personal information collected via our Platform or Offerings to contact or market products or services to the affected individuals. SafeGuard Cyber also does not provide any personal information thus obtained to third parties for the purpose of marketing products or services to the affected individuals.
Services Data use includes:
● Multi-Service Use: If an End User purchases or is otherwise granted a license to another SafeGuard Cyber Offering, we may use Services Data derived from the End User’s social media account to populate information within the additional SafeGuard Cyber Offering. When an End User deactivates his or her SafeGuard Cyber account from the SafeGuard Cyber Platform, the token will be deleted from our Platform and our Platform will have no access to such accounts. We may, however, continue to include Services Data derived from social media within another SafeGuard Cyber Offering for as long as the End User maintains a license for the particular SafeGuard Cyber Offering, unless the End User (or the customer on behalf of the End User) submits a request for deletion of Services Data.
● Authentication: Once a registered End User links his or her social media account to our SafeGuard Cyber Platform or other Offerings, we request and subsequently store an End User access token for such account. This will only occur if the End User explicitly grants permission. Our Platform is then able to access the content of posts and other interactions within that social media account and also write information to the social network account when explicitly instructed to do so by the registered End User.
● Analysis: Our Platform and Offerings monitor information posted or sent, and the corresponding responses or engagements (any actions taking on the piece of content that is trackable) to report on, analyze and better understand the expected responses to posting or sending additional content broadly, or to a specific individual.
● Disclosure to Customers: Our Platform provides supervision capability for each customer to report on and review the content, posted by their employees, contractors and personnel that have connected their accounts to our Platform.
● Platform and Offerings Assessment and Improvement: We also use Services Data to assess and improve the capabilities and functionality of the SafeGuard Cyber Platform and Offerings
4. HOW WE PROTECT YOUR INFORMATION
SafeGuard Cyber is dedicated to protecting against digital risks, and the security of our customers’ data and your personal information is not only important to us, it is our primary mission as a business. We adopt data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of customer data and your personal information. We follow generally accepted practices to protect customer data and the personal information collected and submitted to us, both during transmission and once we receive it. We have comprehensive security controls to protect against unauthorized review and use of the personal information that is submitted to or processed by us, including electronic safeguards such as encryption software and firewalls. Access to personal information is restricted to authorized employees only.
5. RETENTION OF PERSONAL INFORMATION
SafeGuard Cyber will retain your personal information for as long as needed to fulfill the purpose for which we collected it, and for a reasonable period thereafter, in order to comply with audit, contractual or legal requirements, or where we have a legitimate business interest in doing so. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may retain personal information preserved in automatically generated computer back-ups or archival copies generated in the ordinary course of our information technology systems procedures.
6. INTERNATIONAL DATA TRANSFERS
SafeGuard Cyber’s mission and business are global, therefore, we may store and process information in the United States and other locations worldwide where we or our service providers have facilities. Where applicable, SafeGuard Cyber relies upon an adequate mechanism for the international transfer of personal information. In order to ensure EU GDPR compliance, SafeGuard Cyber offers its customers a Data Protection Addendum that incorporates the EU Standard Contractual Clauses.
SafeGuard Cyber participates in, and has certified compliance with recognizes that the E.U.-U.S. and the Swiss-U.S. Privacy Shield Frameworks are no longer recognized as legal means to transfer personal data from the EU and Switzerland to the U.S., however, we retain the certifications as evidence of our commitment to providing appropriate privacy protections. SafeGuard Cyber participates in, and has certified compliance with, the E.U.-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. SafeGuard Cyber is committed to subjecting personal information received from the European Economic Area (EEA), the United Kingdom and Switzerland to the applicable Principles of the relevant Privacy Shield Framework. To learn more about the Privacy Shield Frameworks, and to view SafeGuard Cyber’s certification, please visit the U.S. Commerce Department’s Privacy Shield website.
SafeGuard Cyber is responsible for the processing of personal information it receives under each Privacy Shield Framework, as well as subsequent transfers of personal information to a third party acting as an agent or on our behalf. SafeGuard Cyber complies with Privacy Shield Principles for all onward transfers of personal information from the EEA, the United Kingdom and Switzerland, including onward transfer liability provisions. With respect to all such transfers, SafeGuard Cyber is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, SafeGuard Cyber may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Under certain conditions more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. SafeGuard Cyber commits to cooperate with the EU Data Protection Authorities (DPAs) and/or the Swiss Federal Data Protection and Information Commissioner, as applicable, and comply with the advice given by those entities with regard to data transferred from the EU and/or Switzerland, as applicable.
If you have any Privacy Shield related questions or complaints, please contact us using the contact details provided at the end of this Privacy Notice.
7. YOUR DATA PROTECTION RIGHTS
Where SafeGuard Cyber is a data controller, it affords access, correction and deletion rights to individuals. More specific rights are discussed below.
7.1 European Economic Area, United Kingdom and Switzerland
If you are a resident of the European Economic Area, United Kingdom or Switzerland, your data protection rights are as follows:
● If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting SafeGuard Cyber using the contact details provided at the end of Privacy Notice.
● You can object to processing of your personal information, ask SafeGuard Cyber to restrict processing of your personal data, or request portability of your personal information. You can exercise these rights by contacting SafeGuard Cyber using the contact details provided at the end of this Privacy Notice.
● You have the right to opt-out of marketing communications SafeGuard Cyber sends to you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in any marketing emails we send you. To opt-out of other forms of marketing, please contact SafeGuard Cyber using the contact details provided at the end of this Privacy Notice.
● If SafeGuard Cyber has collected and currently processes your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted based on lawful processing grounds other than consent.
● You have the right to complain to a relevant data protection authority about SafeGuard Cyber’s collection and use of your personal information.
7.2 California Consumer Protection Act
The California Consumer Protection Act (CCPA) provides consumers who are California residents with specific rights regarding the processing of their personal information. Section 1 of this Privacy Notice (“Data Collection and Use”) includes the categories of consumer personal information SafeGuard Cyber has processed during the past twelve (12) months. Subject to allowable exceptions, you may request disclosure or deletion of your personal information at any time by contacting SafeGuard Cyber using the contact details provided at the end of this Privacy Notice.
SafeGuard Cyber responds to verificable requests received from individuals who wish to exercise their data protection rights in accordance with applicable data protection laws. When contacting SafeGuard Cyber, please provide us with detailed information about the personal information you are requesting we correct, update, amend or remove, and the timeframe and manner in which you believe we came to collect your personal information. If we obtained your personal information from a customer or third party acting on your behalf, then you should contact the entity or person you provided your information to. If you would like to no longer be contacted by one of our customers, or would like to have your personal information held by that other entity corrected, updated, amended or removed, then please contact that entity (“data controller”) directly.
For the period July 1, 2020 through July 1, 2022, SafeGuard Cyber has not received any valid CCPA right requests from California consumers.
8. CHANGES TO THIS PRIVACY NOTICE
SafeGuard Cyber may update this Privacy Notice at any time to reflect changes to our privacy practices. If we make significant changes in how we use your personal information, we will notify you either by email or by a notice on our Website. We encourage you to periodically review this page for the latest information on SafeGuard Cyber’s privacy practices.
9. CONTACTING SAFEGUARD CYBER
Any questions about this Privacy Notice or SafeGuard Cyber’s privacy practices should be addressed to email@example.com or by mail at: SafeGuard Cyber, Attn: Legal Department, 410 A East Main Street, Charlottesville, VA 22903 USA.