Secured 2 Corporation Privacy Policy (as of October 1, 2020)

Secured2 Corporation located at 6160 Summit Drive, Suite 345, Minneapolis, MN 55430 (collectively, “Secured2,” “we,” “us” or “our”; operate a web site located at Secured2.com (collectively, the “Site”), through which users can obtain information about Secured2 and subscribe services provided by Secured2 (collectively, the “Secured2 Services”).

Scope of this Policy

This Policy applies to individuals that subscribe to and use any Secured2 Service, as well as individuals that do not subscribe to or use any Secured2 Service but have sent or received emails to or from users or subscribers of Secured2 Services or who visited our site. This Policy applies to all information collected through the Site, regardless of how you access the Site. This Policy applies whether you are accessing our Site on a computer or on a mobile device like a tablet, or phone. We may also speak with you face to face or by telephone. These conversations are covered by this Policy. By providing information to us when subscribing, contacting, or communicating with us, or using the Site, or Services, you expressly agree to be covered under this Policy.

This Policy does not apply to information collected through any third-party products or services, even if resold by Secured2.

Potential Applicability of Other Privacy Policies

You might use Secured2 Services through an application provided by your employer, or you may interact with one of our Services which is being used by your employer or an independent entity. In that case, your employer or independent entity likely has its own privacy policy that applies to your use of the Secured2 Services, and both privacy policies apply to you in those situations. Secured2 is not responsible for the privacy practices of your employer, independent entity or other third parties. If you located in Europe, please see the section below entitled “Data Controller” for more information on our relationship with our customers.

Applicability of Other Terms

Information collected by Secured2 through its site and through customer use of the Secured2 Services is governed, to the extent applicable to the relevant Secured2 Services, by Secured2’s Terms and Conditions, Secured2’s License and Services Agreements for the applicable Services, and Secured2’s End User License Agreements (collectively, “Terms”). Please carefully review those Terms.

Information That We Collect

Secured2 collects information that you voluntarily provide when: using the Site, Apps, and our products or Services; participating in our surveys, contests, and other promotions; registering for Secured2 Services, Site, Apps, events, or resources; subscribing to our email listings; applying for a job; or communicating with us or requesting that we contact you (including through customer support).

The information we collect includes information relating to identified or identifiable natural persons. Examples of information we collect include: contact information, such as names, mailing addresses, email addresses, and phone numbers; financial information, such as credit card number numbers; credentials, such as passwords, password hints, and authentication data; content data, such as the content of the messages you send to us for customer support, feedback, and product reviews; purchase data, such as purchases you have made, items in your shopping cart, and how often you make purchases; demographic data, such as preferred language; and resume data, such as your employment history, transcript, writing samples, and references. We also collect broad demographic and statistical information, such as your state and county of residence.

Secured2 collects your contact information described above when you register to use the Secured2 Services. Secured2 also receives and records your name and the credit card information that you supply if you pay to use the Secured2
Services. In addition, Secured2 collects a variety of information about users and subscribers to Secured2 Services and about other individuals that send or receive email to or from such users and subscribers, including contacts, IP address, and relationships. That information includes, without limitation, email address, and information about Secured2 email accounts. We also collect metadata about emails, such as header information (e.g., sender, recipient, time sent, to, from, cc, date, subject line), file structure, operating systems used, system components, and hardware used. These types of metadata information are not encrypted by Secured2 because they are required for email delivery and analysis.

When you use Secured2 Services, your information is stored in various data repositories, which we do not have access to nor can we read any information other than the metadata listed above.

If you choose to refer a friend or business entity to Secured2, we will ask you for certain information about your friend or a contact at the business entity. We may contact the referred party using the contact information you provide (such as by email, postal mail, landline phone, and mobile phone, as applicable). Secured2 stores this information for its marketing purposes, to track the success of the referral program, and to determine our obligations under the referral program. Individuals referred through our consumer referral program may contact us at support@Secured2.com to request that we cease contacting the individual in connection with the referral program.

When you request technical support, Secured2 collects your name, email address, and phone number to provide this requested service to you.  You have the option of providing additional information to support including your demographic information (such as your state and country of residency), operating system, browser, Internet service provider (“ISP”), connection type and email program that you are using.  We encourage you to provide the additional information so that we can determine specific regional problems (such as natural disasters or power outages caused by cuts through fiber optic cable) or isolate problems relating specifically to your particular operating system, email program or browser, thus enabling us to provide a more accurate response to your support requests.

Information That We Automatically Collect

Secured2 automatically receives certain information about your device and how your device interacts with our Site. Examples of such information include your device’s IP address and other device identifiers, device type, browser type (such as Chrome®, Firefox®, Internet Explorer® and Safari®), browser language, operating system, referring and exit page, pages visited, number of clicks, domain names, error reports, performance data, and time spent on our Site. We use various current – and later – developed tracking technologies to collect this information, including cookies, web beacons, and embedded scripts. Secured2 combines such information with other types of data it collects about you, such as your email address. Secured2 treats any such combined information as personal information under applicable laws and will treat any such information in accordance with this Policy.

IP Address and Location Information

Secured2 and our service providers receive your IP address each time you obtain content from the Site.  We use your IP address for various purposes, including diagnosing service or technology problems that are associated with your IP address, conducting analytics, and estimating the total number of users visiting the Site from specific locales, countries or regions of the world. An IP address generally indicates a user’s physical location.  Secured2 generally does not collect precise location data (such as GPS or mobile device coordinates); IP addresses and access times are linked to your email address, but this combined information is for our internal use only and is not shared with third parties.

Logs

When you request content from the Site, information related to that request is collected and stored in log files on our servers. That information includes the date and time of the request, and the IP address of the device that requested the content.

Cookies

If you visit the Secured2 Site, or use certain Secured2 Services, Secured2 and our service providers will set cookies and similar technologies on your computer and/or your mobile device and later access those cookies in order to deliver services. A cookie is a small text file, which often includes a unique identifier, which is sent to your browser when you visit a Web site. It is then stored on your computer or mobile device. Secured2 uses cookies to allow you to use certain functions when you use various Secured2 Services, and to engage in interest-based digital advertising as described below in the Section entitled “Analytics and Advertising.” If you do not accept cookies or disable these technologies, you will not be able to use all portions or functionality of our Site and/or Services.

Web Beacons

Small graphic images or other web programming code called web beacons (also known as “clear GIFs”), which are invisible to you, are included in our web pages and e-mail messages. Web beacons are used for a number of purposes, including, without limitation, to count visitors to the Site, to monitor how users navigate the Site, to count how many e-mails that were sent were actually opened or to count how many particular links were actually viewed.

Embedded Scripts

An embedded script is programming code that is designed to collect information about your interactions with the Site, such as the links you click on. The code is temporarily downloaded onto your device from our server or a third-party service provider, is active only while you are connected to the Site and is deactivated or deleted thereafter.

Information That Third Parties Provide About You

We receive information about you from third parties who are lawfully permitted to share your information with us. For example, if you are on another web site and you provide information that the website operator indicates will be provided to Secured2, that website operator will typically forward the information you provide. We may contact you using the information you provided, in accordance with your communication preferences. We also combine the information we receive from third parties with information we collect or already maintain to ensure the records we hold about you are accurate and up to date. will apply this Policy to the combined information, plus any additional restrictions imposed by the source of the data.

In addition, we supplement the information we collect with outside records from third parties in order to provide you with information, services or goods you have requested, to enhance our ability to serve you, and to tailor our content to you. These third party sources vary over time, but have included data brokers from which we purchase demographic data, third party partners and resellers, our customers, social media platforms, lead generation providers, content sponsors, and publicly-available sources such as open government databases or data in the public domain. We combine the information we receive from those other sources with information we collect through the Site and/or Services. In those cases, we will apply this Policy to the combined information, plus any additional restrictions imposed by the source of the data.

How We Use Information That We Collect

Secured2 uses information about you for our legitimate interests and business purposes, including as follows:

• To provide you with products, services, and any renewals
• To process your registration including verifying the information you provide is active and valid; In our Secured2 Services, to facilitate secure messaging with third parties.
• To communicate with you including via email or push notification; To monitor compliance with our Terms.
• To notify you when you receive a Secured2 service email message and when there is any change in our Terms or in the availability of various products and services.
• To communicate with you concerning problems or malfunctions that you report; To provide you with support and maintenance for products and services.

• To notify you of any changes to your use of our Site, products, or services; To respond to your inquiries.

• To bill you for product and services.
• To investigate, prevent, or act regarding illegal activities, suspected fraud, safety of person or property, or violation of our policies or our other rights or interests.
• To monitor traffic patterns and Site usage and where applicable report on traffic levels and/or statistics to certain enterprise customers, such as how many of their users are sending emails.
• To test, analyze and improve our services and marketing; To market existing and new Secured2 services.
• To resell, and sometimes provide support for, the offerings of third parties including Microsoft; To inform you of any new or updated services or product offerings; and
• To provide tailored content and advertising.

We also use information about you with your consent, including as follows:

• To market existing and new Secured2 services to the friends or businesses you refer to Secured2.
• To manage your participation in our surveys, contests, events, and other promotions; and
• To fulfill any other purpose disclosed to you and with your consent.

Emails and Attachments

Secured2 uses email message and attachment content to provide and improve our products and services. When you open our add-in and secure an email, our software executes processes that will shrink the size of the email, shred the email into small 5k byte segments and secure the email with encryption.  If you choose to attach documents to the secured email, those attachments will go through the same process.  Once the email and any attachments are secured, Secured2 cannot read any of the contents of either the email or the attachment.  Only the recipient(s) of the email can open the email.  If they are a Secured2 subscriber, they can open the email by activating the application in their email client.  If they are not a subscriber, they will need to request a one-time use code or validate themself through other means as provided by Secured2.  Upon successfully validating themselves, the recipient will receive the secure email and can read the email and reply to email in the application.

Employment Applications

If you use the Site to apply for positions with Secured2, we will use the information you supply to process your application and to monitor recruitment statistics. We retain statistical information about applicants to help inform our recruitment activities. Secured2 is headquartered in the United States and employee and recruitment data is retained there. Once a person begun working for Secured2, we will compile a file relating to their employment. At that stage, we will give the employee more details about how we hold employee data.

Information Sharing and Disclosure

Subject to recent changes in the law, which may include a different definition of “sell” from those previously used in this policy (further discussed below), Secured2 generally does not sell or rent your information, except in the event that Secured2 (or some or all of its assets) is merged with, sold to, or otherwise transferred to, one or more third parties. In such an event, customer information might be included among the transferred assets and Secured2 reserves the right to disclose information it has about you for our business purposes including those described above in the Section entitled “How We Use Information That We Collect.” Notwithstanding any such transfer, your information will remain subject to this Policy. Our customer database could be sold separately from the rest of the business, in whole or in several parts. It could be that the purchaser’s business is different from ours too. If we are involved in a merger, acquisition, or sale of all or a portion of our assets, you will be notified via email and/or prominent notice on our Web site for 30 days of any change in ownership or uses of your information, as well as any choices you have regarding your information.

In addition, depending on the Secured2 Service(s) you use, Secured2 shares or discloses your information, and the information of your friends, family, or of others to whom you refer Secured2, for business purposes as described below. The information so shared or disclosed includes the categories of information described above in the Section entitled “Information That We Collect”; and information about your account usage (including the number of email messages and attachments, if any, that you sent; the list of recipients; and the subject and size of the combined text body of those email messages and attachments).We share:

• with persons or companies, we retain to carry out or provide support to Secured2 (“Service Providers”) and our legitimate interests and business purposes described in the Section entitled “How We Use Information That We Collect”. We contractually require that those Service Providers use information they obtain from Secured2 solely for the purpose of providing these services, although we permit them to use aggregate information that does not identify you for other purposes.

Following is additional information about the vendors with whom we work across all our various product offerings. Secured2 and its affiliates may also provide these types of services in providing the Services to you.

Internet Infrastructure
We may use Cloud hosting and back-up, ISP, Local Loop, Distributed Denial of Service (DDoS) and other Internet infrastructure vendors to connect our network to the Internet and co-location managers to provide data center infrastructure and physical security.

Service-Management Operations
We may use various vendors for administrative and solution-management purposes, such as billing, analysis, alerting, customer management, and marketing communications.  Furthermore, we may use vendors for support services and the delivery of maintenance upgrades or other development of the Services (to include platform development tools).

• with your employer and/or compliance review committees for billing and auditing purposes. Your employer and/or the compliance review committee may be based in a different country from where you are based. This could mean that we would disclose your data to them anywhere in the world. By using our service, you consent to that disclosure. Secured2 is not responsible for the privacy practices of your company or other third parties.
• with our customers in connection with us processing your information on their behalf, including to respond to your questions, fulfill your requests, and otherwise comply with applicable law.
• to the extent that we determine it is reasonably necessary or legally required in order for us to respond to lawful requests by public authorities (including to meet national security or law enforcement requirements), subpoenas, court orders, warrants, or other legal process.
• when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
• to enable a third-party partner or independent reseller to contact you to facilitate the renewal, support, or purchase of Secured2 products and services.
• with credit card authorization processors, third-party financial institutions and related organizations for billing and payment purposes so that they can verify the credit card numbers, process the credit card payment transaction, and prevent fraud or misuse of credit card facilities.
• with your consent or where disclosure is necessary to complete a transaction to which you have consented.
• as otherwise described in this Policy.

Secured2 does not generally disclose personal information about you to any third parties for commercial purposes and does not sell personal information as the term “sell” is traditionally understood. However, to the extent the California Consumer Privacy Act (“CCPA”) is interpreted to include advertising technology activities such as those disclosed below in the Section entitled “Analytics and Advertising” as a “sale,” Secured2 will comply with applicable law as to such activity. For more information about how to opt-out of sale of personal information, see the Section below entitled “California Resident Rights.”

We use testimonials from our customers, with their express consent, in order to show our customers and potential customers how Secured2 services have benefited others. To request removal of your information from the testimonials on our Site, contact us at support@Secured2.com. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to do so and why.

Without limiting the foregoing, Secured2 shares with certain business partners, advertisers, and other third parties certain aggregated or de-identified data that does not identify you, and email metadata (such as domains of senders and recipients), for various purposes, including marketing, except as prohibited by applicable law.

Analytics and Advertising

To analyze traffic to our Site, Secured2 uses various web analytics services, which independently set and access their own tracking technologies (including cookies, web beacons, and embedded scripts) and collect or have access to information about you.

In addition, Secured2 works with network advertisers and ad agencies to serve our advertisements on other web site, within third party applications, and across the Internet, and to provide us with information regarding the effectiveness of our advertisements. For example, if you clicked on a Secured2 advertisement that led you to one of our corporate site, our service provider(s) and we can often determine which Secured2 advertisement you clicked on and where you were viewing the advertisement.

We also target advertisements based on your IP address and your web browsing activity on non-Secured2 website. Secured2’s advertising providers also store cookies and other tracking technologies on your device. You can visit www.networkadvertising.org/managing/opt_out.asp, which provides information regarding this practice by Network Advertising Initiative (“NAI”) members, including the opt-out procedures of NAI members.

If you are visiting this site from the European Union, you can opt-out of certain interest-based ads by visiting www.youronlinechoices.eu. Please note this does not opt you out of being served ads.  You will continue to receive generic ads. Secured2 does not control the information collection, use, or sharing practices of third-party analytics providers or advertisers. Some of these parties collect your information when you visit the Site, Apps, Services, or other online website and services. We are not responsible for effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs.

The Secured2 Companies have always considered our advertising technology partners to be Service Providers. However, regulators may interpret newer data protection laws such as the CCPA as characterizing certain kinds of digital advertising activities as “sales.” In such an event, Secured2 will comply with applicable laws in connection with its use of such advertising technology services on its Site, Apps, or Services.

Social Features

Some of our Sites offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas can be read, collected, and used by others who access them. To request removal of your information from our blog or community forum, contact us at support@Secured2.com. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to do so and why. The blog or community forums include certain social features (also known as third-party widgets), which permit interactions that you initiate between the blog or community forums and a third-party web site or service. Social features include enabling you to “like” or “share” our content on other web site or services, such as Facebook, Google+, Twitter, or LinkedIn. If you use social features, Secured2 receives or has access to certain information about you and your use of the social features. These social features collect your IP address and which page you are visiting on the blog or community forum, and they set a cookie to enable the social feature to function properly. Social features are either hosted by a third party or hosted directly by us. The information we collect or receive in connection with social features is subject to this Policy. The information collected and stored by the provider of the social features remains subject to the that third party’s privacy practices, including whether the third party continues to share information with us, the types of information shared, your choices with regard to what is visible to others on that third party web site or service and whether your information can be deleted from the third party site.

Google API Services

In connection with certain services that it provides, Secured2 uses Google API Services as part of an authentication and authorization framework to request access to Google user data. The Google user data we request through the Google API Services includes email addresses and basic profile information, and Secured2 uses such Google user data to verify user email addresses and manage the provisioning of administrator status on its domains. Any Google user data Secured2 collects through Google API Services is only used for such purposes and deleted after such use.

Links and Online Tracking by Third Parties

The Site contains links to Web site controlled by third parties. We have no control over the practices of the third-party Web site to which we link. Those Web site automatically collect information about your visit to their site and use their own tracking technology (such as cookies, web beacons, or embedded scripts). Those Web sites are subject to the privacy policies of the third parties that control those Web site, and our Privacy Policy. We encourage you to check the privacy policies of these Web site before using them or disclosing any information to them.

Your Ability to Manage Your Secured2 Company Account Information

You can manage information in your Secured2 account by creating usernames, passwords, and authorizations. If you are authenticating with an alternate identity provider, such as Microsoft Office 365, please refer to the identity providers regarding changing passwords.

You can request deletion or deactivation of any of your Secured2 accounts by sending an email to support@Secured2.com. Please see the “Data Storage” section of this Policy to read about data storage after your account has been deleted. Please note that it takes up to 30 days for your deletion or deactivation request to come into effect.

Subject to certain exceptions, upon request and provided you provide us sufficient information to confirm your identity, we will provide you the information that you have submitted to us through your Secured2 Company account(s) for the purpose of enabling you to correct, amend, or delete any inaccuracies. You can make this request to us via email at support@Secured2.com.  If we are not able to provide the information that you are requesting within 30 days of receipt of your request, we will provide you a timeline for providing the requested information. If we deny access to your information, we will explain why access was denied and give you contact information for further inquiries regarding the denial of access. If you are unhappy with our answers you can write to our Chief Executive Officer, who can also be reached at support@Secured2.com.

If you no longer wish to receive marketing emails from Secured2, you can opt-out by (1) following the instructions provided in the emails, as applicable; (2) sending an email to support@Secured2.com.

Data subjects in Europe, and California consumers, have additional rights as set forth in the sections entitled “European Privacy Rights” and “California Privacy Rights”, respectively, below.

Security

Secured2 takes reasonable precautions, including the maintenance of reasonable physical, electronic, and procedural safeguards, to help protect your information from loss, misuse, and unauthorized or illegal access, disclosure, alteration, modification, use or destruction. Secured2 has implemented reasonable security measures to help protect your email address and the Secured2 service passwords associated with your email address from unauthorized access or disclosure, alteration, unlawful destruction, or accidental loss. When appropriate, Secured2 uses industry-standard encryption to protect certain data (e.g., credit card numbers) during transmission. The servers on which we store your information are kept in an environment that is controlled and monitored 24 hours per day, 7 days per week. Although Secured2 uses reasonable efforts to help protect your information, transmission via the Internet, Wi-Fi or mobile network is not completely secure and Secured2 cannot guarantee the security of your information. It remains your responsibility:

• To protect against unauthorized access to your use of the Site and Services.
• To ensure no one else uses the Site or Services while your machine is logged on to the Site or Services (including by logging on to your machine through a mobile, Wi-Fi or shared access connection you are using).
• To log off or exit from the Site and Services when not using them.
• To keep your password or other access information secret and all your account details secure. Your Secured2 Service passwords and log in details are personal to you and should not be given to anyone else or used to provide shared access, for example, over a network.
• To maintain good Internet security. For example, if your email account is compromised, this could allow access to your account with us. If your email account is compromised it could be used to ask us to reset a password and gain access to your account with us.

If you think that any of your accounts has been compromised you should change your account credentials with us, and in particular make sure any compromised account (even one from another service) does not allow access to your account with us. Never use the same passwords for different accounts (among the Secured2 Company Services or with respect to other unrelated services). You should also tell us as soon as you can so that we can try to help you keep your account secure and if necessary, warn anyone else who could be affected.

Data Storage

Most account information (including email addresses, public keys, names, and mailing addresses, but excluding credit card information used for payment to Secured2) is stored on servers in the United States, Europe, and other global locations. This means that we redundantly store data on more than one server in one of those locations.

Secured2Message Center email messages that you send or receive via Secured2 services will ordinarily expire from our disk storage systems based on the based on standard time of six month. This expiration date can be changed if request for your account. If you request deletion of your Secured2 service account, that account will be deactivated and your email address and information will be removed from our user registration database associated with that Secured2 service within 30 days, subject to any need we have to hold onto the data for longer to meet any legal, auditing or regulatory requirements and subject to any commitments we have given to third parties – for example your employer if your employer paid for your Secured2 Service account. You can also request deletion of all your Secured2 Company Service accounts. Email header information maintained for purposes of transaction logging, and user account information maintained for disaster recovery purposes, will be held longer than the content of email messages, as described above, in order to provide Secured2 Company Services, and support, including technical support and business continuity, to our customers.

Guidelines Regarding Children

Secured2’s Site, and Secured2 Company products and Services, are not designed for or directed to children under the age of 16, and Secured2 does not knowingly collect personal information as defined by the Children’s Online Privacy Protection Act (“COPPA”) or personal information as defined under the CCPA from anyone under the age of 16. If you are under the age of 16, please do not provide personal information of any kind whatsoever and please do not use Secured2 products and services or participate in Secured2’s surveys, contests, events, and other promotions.

Your California Privacy Rights

Shine the Light Customer Rights

When California customers provide personal information as defined by California’s “Shine the Light” to a business, they have the right to request certain disclosures if that business shares the personal information (as narrowly defined under the Shine the Light law) with third parties or affiliates for the third parties’ or affiliates’ direct marketing purposes. Once per calendar year, the customer has the right to request that the business provide a list of companies with which it shares the personal information for the third parties’ or affiliates’ direct marketing purposes, and a list of the categories of personal information that the business shares. As stated in this Policy, we do not share personal information as defined under the Shine the Light law with third parties or affiliates for those third parties’ or affiliates’ direct marketing purposes. California customers can request further information about our compliance with this law by e-mailing support@secured2.com or contacting us by mail at 6160 Summit Drive North #345, Minneapolis MN 55430, USA. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through this e-mail address.

California Consumer Rights Under the CCPA

If you are a California resident and a consumer customer of Secured2, you have the right effective January 1, 2020, to request access to personal information we have collected about you, and to request other disclosures regarding the categories of personal information we have disclosed about you for business purposes or commercial purposes and regarding the categories of personal information we have sold about you, over the last 12 months. You will also have the right effective January 1, 2020, to request that we delete personal information we hold about you if we collected the information directly from you. If you represent a business, you do not have rights to request access to our deletion of your information pursuant to the CCPA.

To exercise your access or deletion rights as a California resident consumer customer email us at support@secured2.com.

Effective January 1, 2020, to the extent Secured2 sells your personal information as the term “sell” is defined under CCPA, you have the right to opt-out of sales of your personal information to third parties at any time. Secured2 does not sell personal information as the term “sell” is traditionally understood. However, to the extent the CCPA is interpreted to include advertising technology activities such as those disclosed in the “Analytics and Advertising” section of our policy as a “sale,” Secured2 will comply with applicable law as to such activity. Please email us at support@secured2.com if you have us remove your information from any sales activities.

As of the posting of this updated privacy policy, certain provisions of the CCPA may change. Secured2 reserves the right to revise the sections of this policy that are impacted by those changes until such time as the regulations are finalized. Given the potential changes in the law, the rights available to California residents may change at any time. 

European Privacy Rights

If you are a data subject in Europe, you have the right to access, rectify, or erase any personal data we have collected about you. You also have the right to data portability and the right to restrict or object to our processing of personal data we have collected about you. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different than for which it was originally collected or subsequently authorized by you. You have the right to withdraw your consent at any time for any data processing we do based on consent you have provided to us.

To exercise any of these rights, contact us as set forth in the section entitled “Privacy Policy Questions, Suggestions and Complaints” below and specify which right you intend to exercise. We will respond to your request within 30 days. We sometimes require additional information from you to allow us to confirm your identity. Please note that we store information as necessary to fulfil the purposes for which it was collected, and continue to retain and use the information even after a data subject request for purposes of our legitimate interests, including as necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements.

If your information has been processed by us on behalf of one of our customers and you wish to exercise any rights you have with such information, please inquire with our customer directly. If you wish to make your request directly to Secured2, please provide the name of the Secured2 customer on whose behalf Secured2 processes your information. We will refer your request to that customer, and will support them to the extent required by applicable law in responding to your request.

If you have any issues with our compliance, you have the right to lodge a complaint with a European supervisory authority.

Data Controller

EU data protection law makes a distinction between organizations that process personal data for their own purposes (known as “controllers”) and organizations that process personal data on behalf of other organizations (known as “processors”). In limited circumstances, Secured2 (located at the address set forth in the section entitled “Purpose of this Policy” above) operates as a controller, such as in connection with data collected from non-subscribers who browse its Site and when Secured2 Services involves a direct to consumer relationship. However, Secured2 generally operates as a processor on behalf of its customers that use the Secured2 services. The customers are the data controllers and determine the purposes for which and the way personal data are to be processed by Secured2. Please visit the applicable customer’s privacy policy for information about their privacy practices. Any questions that you have relating to such personal data and your rights under data protection law should therefore be directed to the customer as the controller, not to Secured2.

Moreover, Secured2 has partnerships with resellers who offer Secured2 Services directly to consumers. The resellers are controllers of the personal data they collect while offering and selling Secured2 Services to consumers. Please direct any questions you may have regarding personal data collected or processed by resellers of Secured2 Services to the reseller, not to Secured2.

Lawful Basis for Processing

Data protection laws in Europe require a “lawful basis” for processing personal data. When we operate as a controller, our lawful bases include where: (a) you have given consent to the processing for one or more specific purposes; (b) processing is necessary for the performance of a contract with you; (c) processing is necessary for compliance with a legal obligation; or (d) processing is necessary for the purposes of the legitimate interests pursued by us or a third party, and your interests and fundamental rights and freedoms do not override those interests. Our legitimate interests include direct marketing and fraud prevention, among other things.

Privacy Shield

We are based in the U.S. and the information we collect is governed by U.S. law.  If you are accessing the Site or the Secured2 services from outside of the U.S., please be aware that information collected through the Site or the Secured2 services are transferred to, processed, stored, and used in the U.S. and other jurisdictions. Data protection laws in the U.S. and other jurisdictions are different from those of your country of residence. Your use of the Site or Secured2 Services therefore constitutes your consent to the transfer to and from, processing, usage, sharing, and storage of your information in the U.S. and other jurisdictions as set forth in this Policy. If your data is collected in Europe, the United Kingdom or Switzerland, we will transfer your personal data subject to appropriate or suitable safeguards, such as the Privacy Shield Framework discussed below.

In accordance with our obligations under the Privacy Shield, and subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission, we hereby affirm our commitment to subject to the Privacy Shield Principles all personal data transferred from the European Union, the United Kingdom and Switzerland in reliance on the Privacy Shield. This means that, in addition to our other obligations under the Privacy Shield Principles, we shall be liable to you for any third party agent to which we transfer your personal data and that processes such personal data in a manner that violates the Privacy Shield Principles, unless we can demonstrate that we are not responsible for the resulting damages.

For inquiries or complaints regarding our compliance with Privacy Shield, please send us an email or letter at the address specified in the “Privacy Policy questions, suggestions and complaints” section below. If we are unable to resolve your complaint directly, you have the right to submit your complaint at no cost to you to JAMS at https://www.jamsadr.com/eu-us-privacy-shield. In the event there are residual complaints that have not been resolved by JAMS, or any other means, you have the right to seek a non-monetary remedy through binding arbitration to be provided to you in accordance with the Privacy Shield Principles.

To learn more about the Privacy Shield Framework, and to view the Secured2 Companies’ certifications, please visit http://www.privacyshield.gov. A list of companies certified under the Privacy Shield Framework is available at the following link: https://www.privacyshield.gov/list.

Notification of Changes to this Policy

We update this privacy policy to reflect changes to our information practices. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Site (if you do not have a Secured2 Company Services account) prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. 

Privacy Policy Questions, Suggestions and Complaints

If you have questions, concerns or suggestions about this Policy or Secured2’s privacy practices, please contact us:

By email: support@secured2.com

By Mail:
Secured2 Corporation

Attn: Privacy Officer

6160 Summit Drive North #345

Minneapolis MN 55430