Privacy Policy

Learn how we collect, use, and protect your personal information

IMPORTANT: BY USING SHIELDFORCE CORPORATION'S ("SHIELDFORCE", "COMPANY", "WE", "US") SOFTWARE SOLUTION OFFERED BY SHIELDFORCE OR OUR SUBSIDIARIES OR AFFILIATED COMPANIES OR TECHNOLOGY PARTNERS ("SOLUTION") AND/OR BY VISITING SHIELDFORCE'S WEBSITE AT: privacy@shieldforce.io ("THE WEBSITE" AND TOGETHER WITH THE SOLUTION, THE "SERVICES") YOU ("YOU") ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTAND THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY, AND THAT ALL PII (DEFINED BELOW) THAT YOU SUBMIT OR THAT IS PROCESSED OR COLLECTED THROUGH OR IN CONNECTION WITH YOUR USE OF THE SERVICES WILL BE PROCESSED BY SHIELDFORCE AND ITS AFFILIATES AND TECHNOLOGY PARTNERS IN THE MANNER AND FOR THE PURPOSES DESCRIBED IN THE FOLLOWING PRIVACY POLICY.

1. Information We Collect and How We Use It

Summary: We collect personal data about our customers and their representatives and visitors of our Services. We also collect personal data included in publicly available sources. We use PII to provide and improve our Services, and to meet our contractual, ethical and legal obligations.

1.1 Your Contact Information

When you register to use the Services we ask you to provide PII, including: email address, full name, business phone, company/employer name and job title. We use this information to administer the Services, carry out our obligations, verify and carry out financial transactions, contact you for technical and administrative needs related to the Services, replying to queries and troubleshooting, detecting and preventing fraud, soliciting feedback, compliance and audit purposes, prevention of crime and identity theft and more.

1.2 Employee Information

When you are employed by Company, we will collect information which we require and process in order to employ you and meet our obligations as an employer.

1.3 Email Monitoring

We process PII in connection with our Services, including in particular the Solution, which will automatically monitor and reroute your sent and received emails and we may receive any PII included in such emails content, emails metadata, email addresses, IP addresses and shared files.

1.4 Job Applicants' Data

We collect PII from applicants seeking employment with ShieldForce and submitting details through the Website, by e-mail or otherwise, including your full name, CV and all information therein, contact details (e.g. phone number, e-mail address, address), professional qualifications and previous employment history.

2. Cookies

Summary: We use cookies and similar technologies on our Services. You can disable cookies but then your online experience on our Services will be limited.

In order to collect the data described herein we use temporary cookies that remain on your browser for a limited period of time. We also use persistent cookies that remain on your browser until the Company's Services are removed, in order to manage and maintain the Services and record your use of the Services.

4. Minors.

If any of your data subjects (e.g. employees or customers) are minors aged 16 or under, you must obtain parental consent prior to using our Services. The Company will not knowingly contact or engage with children aged 16 or under without said parental consent. If you have reason to believe that a child has provided us with their PII, please contact us at the address given above and we will endeavor to delete that PII from our databases.

5. Information sharing.

Summary: We transfer your PII to third parties who assist us in providing the Services. We have a contract with those third parties to govern their processing on our behalf. We may also transfer PII to comply with any obligations by which we are bound or to an investor or in connection with a merger or acquisition or similar transaction.

As part of providing the Services our affiliates, agents, representatives and service providers will have access to your PII. We require these parties to process such information in compliance with this Privacy Policy and subject to security and other appropriate confidentiality safeguards. The Company will also share PII in the following circumstances: (a) as required for providing the Services; (b) for maintenance and improvement of the Services; (c) if we become involved in a reorganization, merger, consolidation, acquisition, or any form of sale of some or all of our assets, with any type of entity, whether public, private, foreign or local; and/or (d) to satisfy applicable law or prevention of fraud or harm or to enforce applicable agreements and/or their terms, including investigation of potential violations thereof.

6. Data Security.

We follow generally accepted industry standards to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of PII. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your PII, we cannot guarantee its absolute security. We retain your PII only for as long as reasonably necessary for the purposes for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.

7. Data Retention

Summary: We retain PII only for as long as necessary to meet our legal and ethical obligations, which for different types of PII will be different periods.

7.1 Company will retain PII in accordance with its record retention policy. PII associated with our customers and business partners, will be retained for the duration of our engagement, and a period of seven years thereafter unless earlier requested to be deleted. PII associated with emails will be retained in accordance with the nature of the email- malicious emails will be retained for one year while “safe” emails are retained for two days. Company performs periodic reviews of our databases, and have established specific time limits for data retention, based on the criticality of the PII and the purposes of the data processing. We will also retain PII to meet any audit, compliance and business best-practices.

7.2 PII with respect to which Company is the processor will be deleted only on instruction of the controller, except where such data must be retained by us, in our judgment, as above.

7.3 Personal Data that is no longer retained will be anonymized or deleted. Non-personal, non-identifiable, metadata and statistical information concerning the use of our Services are retained by Company for one year. Some PII may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policy and their retention policy.

8. Data Integrity.

The Company processes PII only for the purposes for which it was collected and in accordance with this Privacy Policy or any applicable service agreements. We review our data collection, storage and processing practices to ensure that we only collect, store and process the PII needed to provide or improve our We take reasonable steps to ensure that the PII we process is accurate, complete, and current, but we depend on our users to update or correct their PII whenever necessary. Nothing in this Privacy Policy is interpreted as an obligation to store information, and we may, at our own discretion, delete or avoid from recording and storing any and all information.

9. Rights of Data Subjects

9.1 Right of Access and Rectification: Data subjects have the right to know what PII we collect about them and to ensure that such data is accurate and relevant for the purposes for which we collected it. Where we are controller, we allow data subjects the option to access and obtain a copy of their PII and to rectify such PII if it is not accurate, complete or updated. However, we may first ask data subjects to provide us certain credentials to permit us to identify them.

9.2 Right to Delete PII or Restrict Processing: Data subjects have the right to delete their PII or restrict its processing. We may postpone or deny such requests if the PII is in current use for the purposes for which it was collected or for other legitimate purposes such as compliance with legal obligations.

9.3 Right to Withdraw Consent: Data subjects have the right to withdraw their consent to the processing of their Exercising this right will not affect the lawfulness of processing the PII based on consent obtained before its withdrawal.

9.4 Right of Data Portability: Where technically feasible, data subjects have the right to ask to transfer their PII in accordance with their right to data portability, if required pursuant to applicable law.

Where we are controller of your PII, you may exercise the above rights by sending a request to privacy@shieldforce.io

9.5 Right to Lodge Complaint: Data subjects also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of their data.

When data is provided by a Data Subject’s employer or organization, or through a Controller, such data subject rights will have to be effected through that customer or Controller. In addition, Data Subject rights cannot be exercised in a manner inconsistent with the rights of Company’s employees and staff, with Company’s proprietary and other rights, and third-party rights. As such, job references, reviews, internal notes and assessments, documents and notes including proprietary information or forms of intellectual property or internal documentation, or documentation which may affect Company’s rights cannot be accessed or erased or rectified by data subjects. In addition, these rights may not be exercisable where they relate to data that is not in a structured form, for example emails, or where other exemptions apply.

Note that we may have to undertake a process to identify a Data Subject exercising their rights, and we will keep details of such rights exercised for our compliance and audit requirements. PII may be either deleted or retained in an aggregated manner without being linked to any identifiers or Personal Data, depending on technical commercial capability. Such information may continue to be used by Company.

10. Enforcement

The Company regularly reviews its compliance with this Privacy Policy. Please feel free to direct any questions or concerns regarding this Privacy Policy or our treatment of PII by contacting us as provided above. When we receive formal written complaints, it is the Company’s policy to contact the complaining user regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of PII that cannot be resolved between the Company and an individual.

11. Changes to This Privacy Policy.

The Company may update this Privacy Policy. We will notify you about significant changes in the way we treat PII by sending a notice to the email address provided by you or by placing a prominent notice on the Services. We encourage you to periodically review this Privacy Policy for the latest information about our privacy practices. Our customers and business partners will be notified of such changes and are responsible to inform their data subjects.

13. Questions

If you have any questions about this Privacy Policy or concerns about the way we process your PII, please contact us at privacy@shieldforce.io

14. Your California Privacy Rights and Do Not Track Notices

California Civil Code Section 1798.83 permits customers of Company who are California residents to request certain information regarding its disclosure of PII to third parties for their direct marketing purposes. To make such a request, please send an email to privacy@shieldforce.io. Please note that we are only required to respond to one request per customer each year.