SOCIAL SAFEGUARD, INC. DBA SAFEGUARD CYBER
Last updated: April 2020
Social Safeguard, Inc. (dba SafeGuard Cyber) is a software-as-a-service provider that empowers customers to achieve digital transformation by using social media, mobile messaging and digital collaboration channels, applications and tools, securely, compliantly and at scale. For more information about SafeGuard Cyber, please visit our website at https://www.safeguardcyber.com.
DATA COLLECTION AND USE
1.1 Why does SafeGuard Cyber Collect Personal Information?
SafeGuard Cyber processes personal information in the course of running our websites, processing payments, registering visitors to our offices and events, providing support, improving user experience, running our infrastructure, preventing fraud, protecting intellectual property, maintaining network security, protecting customers through the SafeGuard Cyber Platform and SafeGuardMe mobile application, enforcing our legal rights, sending marketing and other communications, processing agreements, complying with our legal obligations, and to achieve other legitimate business interests, as well as situations where you have provided consent. Personal information, such as contact information, is collected from our websites, web portals, Offerings, events, partners, office visitor registration systems, and where you have otherwise provided it directly to SafeGuard Cyber.
1.2 Where Does SafeGuard Cyber Obtain Personal Information?
SafeGuard Cyber’s websites provide Internet-based access for users to learn about SafeGuard Cyber and our Offerings, and also to communicate with SafeGuard Cyber. Safeguard Cyber web portals that may exist within our Offerings provide customers with Internet-based access to the SafeGuard Cyber Platform and our Offerings. When an individual uses our Websites, Platform or Offerings, SafeGuard Cyber gathers information, some of which may be considered personal information in your jurisdiction. Information collected and used by SafeGuard Cyber may include, among other things, the Internet Protocol (IP) address, browser information, the type of device and operating system, the Internet service provider used and other similar information. For customers and other users who are required to login to gain access to a particular SafeGuard Cyber website, Platform or other Offering, we collect usernames, passwords and other login credentials that are used for the purpose of authentication and verifying user authorization.
SafeGuard Cyber Websites and Social Media Accounts: We may use the information, including personal information, that we collect from visitors to our website or our official social media accounts for a number of reasons, including: (i) operating, securing, supporting, personalizing and improving our websites and/or social media accounts, (ii) providing you with requested information and Offerings, (iii) operating our blog and podcast, (iv) communicating through social media and other channels, (v) running surveys, contests or similar activities, (vi) sending periodic emails and other electronic messages, (vii) recruiting new employees, (viii) analyzing trends, and (ix) carrying out digital marketing and advertising.
Email Communications and Other Information: SafeGuard Cyber collects the email addresses of those who communicate with us via email, contact information of Users that communicate through other channels (such as phone number and physical address), information on what pages Users visit on the SafeGuard Cyber websites, IP addresses of those accessing the SafeGuard Cyber websites, information volunteered by the user (such as survey information), and information collected from users of the Platform and our Offerings. This also includes information on the senders and recipients of communications sent using SafeGuard Cyber Services (including Mail and Messages), by the User of the Service and the people they are communicating with.
1.3 Cookies and Similar Technologies
1.4 With Whom Does SafeGuard Cyber Share My Personal Information?
SafeGuard Cyber may use third party service providers or partners to help us operate our business; provide, support, maintain or secure our Platform, Offerings and websites; or administer activities on our behalf. It may be necessary to provide or allow access to your personal information by those third party service providers or partners for those purposes.
SafeGuard Cyber provides information regarding our business to our legal counsel and auditors. In some cases, the information shared may contain personal information, but the legal counsel and auditors may only use it for the limited purpose of providing their professional services to SafeGuard Cyber.
SafeGuard Cyber may also disclose your personal information as required by law, such as to comply with a subpoena or similar legal process; or when we believe that disclosure is necessary or appropriate to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to an official government request. We may transfer information we have about you in the event we sell or transfer all or a portion of our business or assets.
If you are a visitor from the European Economic Area or the United Kingdom, SafeGuard Cyber’s legal basis for collecting and using the personal information collected will depend on the personal information concerned and the specific context in which we collect it. In most circumstances, we collect personal information: (i) where it is needed for the performance of a contract, (ii) where the processing of personal information is in our legitimate interests and not overridden by your rights, or (iii) where you provide your consent. In addition, your personal information may be collected in order for us to (iv) comply with a legal obligation, (v) perform a task for the public interest, or (vi) for the protection of your or another’s vital interests.
If we collect and use your personal information in reliance on our legitimate interests or those of any third party, we will make clear to you at the relevant time through this Policy, or otherwise, what those legitimate interests are. In most cases, those legitimate interests involve our normal day-to-day operations, such as operating the SafeGuard Cyber Platform and communicating with you as necessary to provide our Offerings, responding to customer inquiries or conducting marketing activities. We may transfer personal information to companies that help us provide our services and Offerings. Transfer to any subsequent third parties are covered by the service agreements and contracts with our customers.
SafeGuard Cyber’s customers are primarily companies and other legal entities that give their employees, contractors and agents (collectively referred to as, “End Users”) access to the SafeGuard Cyber Platform or our other Offerings via the Internet for official business purposes. In addition, the SafeGuardMe mobile application allows End Users to monitor and protect their individual social media accounts.
To the extent that SafeGuard Cyber collects personal information through our Platform and Offerings, we generally collect that information under the authority and direction of our customers. SafeGuard Cyber typically has no direct relationship or contact with an individual whose personal information we may collect or receive from a customer for subsequent analysis and use. Consequently, any inquiries about the specific processing of your personal information by SafeGuard Cyber should be directed to the customer for which you are an employee, contractor or agent. Regardless, use of personal information collected by our Platform and Offerings is limited to the primary purpose of providing the services for which our customers have engaged SafeGuard Cyber, or as otherwise outlined in our customer agreements. SafeGuard Cyber does not use any personal information collected via our Platform or Offerings to contact or market products or services to the affected individuals. SafeGuard Cyber also does not provide any personal information thus obtained to third parties for the purpose of marketing products or services to the affected individuals.
Services Data use includes:
SafeGuard Cyber is dedicated to protecting against digital risks, and the security of our customers’ data and your personal information is not only important to us, it is our primary mission as a business. We adopt data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of customer data and your personal information. We follow generally accepted practices to protect customer data and the personal information collected and submitted to us, both during transmission and once we receive it. We have comprehensive security controls to protect against unauthorized review and use of the personal information that is submitted to or processed by us, including electronic safeguards such as encryption software and firewalls. Access to personal information is restricted to authorized employees only.
SafeGuard Cyber will retain your personal information for as long as needed to fulfill the purpose for which we collected it, and for a reasonable period thereafter, in order to comply with audit, contractual or legal requirements, or where we have a legitimate business interest in doing so. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may retain personal information preserved in automatically generated computer back-ups or archival copies generated in the ordinary course of our information technology systems procedures.
SafeGuard Cyber’s mission and business are global, therefore, we may store and process information in the United States and other locations worldwide where we or our service providers have facilities.
SafeGuard Cyber participates in, and has certified compliance with, the E.U.-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. SafeGuard Cyber is committed to subjecting personal information received from the European Economic Area (EEA), the United Kingdom and Switzerland to the applicable Principles of the relevant Privacy Shield Framework. To learn more about the Privacy Shield Frameworks, and to view SafeGuard Cyber’s certification, please visit the U.S. Commerce Department’s Privacy Shield website.
SafeGuard Cyber is responsible for the processing of personal information it receives under each Privacy Shield Framework, as well as subsequent transfers of personal information to a third party acting as an agent or on our behalf. SafeGuard Cyber complies with Privacy Shield Principles for all onward transfers of personal information from the EEA, the United Kingdom and Switzerland, including onward transfer liability provisions. With respect to all such transfers, SafeGuard Cyber is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, SafeGuard Cyber may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
7.1 European Economic Area, United Kingdom and Switzerland
If you are a resident of the European Economic Area, United Kingdom or Switzerland, your data protection right are as follows:
7.2 California Consumer Protection Act
SafeGuard Cyber responds to verificable requests received from individuals who wish to exercise their data protection rights in accordance with applicable data protection laws. When contacting SafeGuard Cyber, please provide us with detailed information about the personal information you are requesting we correct, update, amend or remove, and the timeframe and manner in which you believe we came to collect your personal information. If we obtained your personal information from a customer or third party acting on your behalf, then you should contact the entity or person you provided your information to. If you would like to no longer be contacted by one of our customers, or would like to have your personal information held by that other entity corrected, updated, amended or removed, then please contact that entity (“data controller”) directly.