PRIVACY POLICY
Last update: June 10nd, 2023
We thank you for visiting www.secure-exchanges.com (the “Website”) operated by Secure Exchanges Inc. (“Secure Exchanges”).
For the purposes of this privacy policy, (“Privacy Policy”), all references to Secure Exchanges shall be deemed to include its related companies (including all subsidiaries), its divisions and other companies that are part of its corporate group, its suppliers and licensors, as well as its employees, directors, administrators, shareholders, agents, subcontractors and other representatives.
Secure Exchanges (hereinafter also referred to as “we”, “us”, “our”) takes its responsibility of protecting your personal information seriously and has prepared this Privacy Policy in order to present you its practices regarding the collection, use, communication, sharing and management of personal information that you submit on our Website, using our Software or in the context of a transaction made on our Website. Our Privacy Policy also describes the measures we take to protect the security of the personal information as well as how you can access, modify, or delete your personal information. In addition to this Privacy Policy, the use of this Website is also subject to (i) our Terms and Conditions of Use and (ii) all other terms of use that may be communicated by Secure Exchanges from time to time.
If you do not agree to comply with these terms and conditions regarding our collection, use, communication, sharing, and management of personal information set out in this Privacy Policy, please do not use this Website and cease its use immediately.
DEFINTIONS
“Authorized Employees” means Secure Exchanges’ employees or stakeholders who have a need to know or otherwise access Personal Information to enable Secure Exchanges to offer services of the Website.
“Authorized Persons” means (i) Authorized Employees; and (ii) Secure Exchanges’ contractors, agents, outsourcers and auditors who have a need to know or otherwise access Personal Information to enable Secure Exchanges to offer the services of the Website.
“Secured Messages” means the content of a message sent using the Website or the Software, including but not limited to messages sent through the web portal, through any API or SDK, add-on, plugins and/or extensions operated or developed by Secure Exchanges.
“Personal Information” means information provided to Secure Exchanges by or at the direction of a user or to which access was provided to Secure Exchanges by or at the direction of user that:
- identifies or can be used to identify an individual, including, without limitation, names, signatures, addresses, telephone numbers, e-mail addresses and other unique identifiers; or
- can be used to authenticate an individual including, without limitation, employee identification numbers, government-issued identification numbers, passwords or PINs, financial account numbers, credit report information, biometric or health data, answers to security questions and other personal identifiers.
“Security Breach” means (i) any act or omission that materially compromises either the security, confidentiality or integrity of Personal Information or the physical, technical, administrative or organizational safeguards put in place by Secure that relate to the protection of the security, confidentiality or integrity of Personal Information.
PERSONAL INFORMATION THAT IS COLLECTED
You may choose to give us personal information when you visit our Website. For example, you could be asked to provide personal information when you send a message using our Website or when you begin a relationship with us through any means provided on the site, including your last name, first name, email address and cellular number, as well as any personal information that could be found in the messages or in any attachments included in the messages that you send or exchange while using the products and services offered by Secure Exchanges.
Other personal information is automatically collected when you visit the Website, including your IP address.
Regarding the content of the messages sent or exchanged while using the products and services offered by Secure Exchange, the content is encrypted at its source and therefore Secure Exchanges does not have access to any personal information other than the email address, mobile number, IP address and/or any Personal Information provided by the sender and/or the recipient and/or any Personal Information that is included in the “subject” field of any message,
Any encrypted content is destroyed after a maximum of 30 days or any other lifespan period specified by the sender.
We use the personal information described above for legitimate purposes which are detailed in the next section.
While your credit card and billing information (including your mailing address) may be requested through an accessible link on the website, this information will only be communicated to the payment service provider (ex: PayPal) in order to complete the transaction. Secure Exchanges does not obtain and does not keep your credit card number.
COLLECTION AND USE OF PERSONAL INFORMATION
We collect personal information that you provide when you use other functionalities of our Website or when you use the software offered by Secure Exchanges, including when you participate in the following activities:
- Sending a message using the Website
- Using an enveloped provided by the Website
- Subscribing to an account, making a purchase or completing a form on our Website;
- Using connectors offered by Secure Exchanges (ex: connectors with Outlook, Thunderbird, Office 365 and SDK);
- Subscribing to our mailing list, newsletter and email communication in order to receive our latest news; and/or
- Communicating with us to ask a question, submit a comment or file a complaint (customer service).
In general, the personal information that is collected is used to administer the Website, as well as to administer the software licenses offered by Secure Exchanges, including to provide information about updates and upgrades. To help you better understand how your personal information will be used, you will find below a more detailed explanation on how your personal information will be used in relation to specific activities.
Sending a message using our Website. Our Website offers the possibility of sending secured messages. Therefore, we will use the personal information that is collected to send the message.
Using connectors offered by Secure Exchanges (ex: connectors with Outlook, Thunderbird, Office 365 and SDK). The Website offers you the opportunity to download software components offered by Secure Exchanges, including connectors with Outlook, Thunderbird, Office 365 and SDK. We will use personal information that is collected prior to, during and after downloading the software to activate your Secure Exchanges software license and to be able to subsequently administer the software, which shall include providing usage information, updates and upgrades that are made available by Secure Exchanges.
Making a purchase or completing a form on our Website. Our website offers you the possibility to request information on the products and services offered by Secure Exchanges and the possibility to purchase software products offered by Secure Exchanges. Therefore, we will use the personal information that is collected to process your request, to complete your transaction using the payment services offered by PayPal and when applicable, to deliver any information you may request or the products you have ordered.
Subscribing to our mailing list, newsletter and email communication. Sometimes, we may collect personal information to send you emails containing our latest news, products, services or promotions as well as those of third parties to whom we are linked. You can unsubscribe from our mailing list at all times by following the instructions provided at the end of every email. You can also unsubscribe from our mailing list by following the instructions set out in the section titled “Contact us” below. Your request will be processed within the statutory timeframes.
Communicating with us to ask a question, submit a comment or file a complaint (customer service). If you choose to send us an electronic feedback form or to send comments, questions or feedback via email, we collect some personal information as well as your comments, suggestions and feedback. This personal information is used to respond to your comments, questions or feedback. We can also keep this information to help you in the future. We can also use your comments, suggestions and feedback to monitor and/or enhance our products and service offerings and our Website.
Management database and customer relationship management (CRM). When you participate in one of the above-mentioned activities, we collect personal information provided to complete and update our customer relationship database. In this context, the personal information collected is used to manage the relationship with customers, to generate mailing lists, to follow up with potential clients and to create internal reports on relationships between Secure Exchanges and its clients to monitor and/or enhance our products and service offerings and our Website.
INFORMATION COLLECTED ON THE WEBSITE
Cookies and other technologies. Our Website uses a technology called "cookies". A cookie is a tiny element of data that our Website can send to your browser, which may then be stored on your hard drive so we can identify you as an authorized user of our products. The information recorded by cookies is encrypted and only Secure Exchanges is in a position to read the content of cookies in order to identify authorized users. You may set your web browser to notify you when you receive a cookie or to not accept certain cookies. However, if you decide not to accept cookies from our Website, you may not be able to take advantage of all of the features of our Website.
A professional web analysis service. We can also use third parties, including Google, to:
- Use the following features of Google Analytics: the creation of reports based on the saved impressions on Google Display Network (a service that lets you place ads on a variety of news sites, blogs and other niche sites) to attract more potential customers; integration with DoubleClick Campaign Manager (management tool including a set of features used for advertising as well as targeting and monitoring advertising campaigns on websites and mobile devices linked to them, as well as the creation of Google Analytics reports on the demographic data of internet users and their interests);
- Collect, analyze and/or gather your personal information (such as internet users’ IP address, sex, age and interests), as well as create Google Analytics reports on the demographic data of internet users and their interests, in order to help us understand how visitors interact with our Website and to improve our products and our Website.
These functions are not active on the Website pages that relate to the writing and sending of secured messages.
The companies conducting remarketing can combine the use of first-party cookies (such as the Google Analytics cookies for example), and third-party cookies (like DoubleClick cookies), to (i) gather personal information; (ii) to inform, optimize and advertise based on your previous visits on our Website; and (iii) to determine the relationship between the registered visits to our Website and the advertising impressions, the other uses of advertising services and the interactions with these advertising impressions and these advertising services. To measure the effectiveness of our ads, these companies may also use tracer tags or web beacons to account for certain information regarding your visits to our Website and to the Websites that have links to our site and that advertise it. If so desired, you can deactivate Google Analytics for the Display Ads. You can also customize the advertisements on the Google Display Network. Go to https://www.google.com/settings/ads to set your preferences.
DISCLOSURE OF PERSONAL INFORMATION
Principle. Unless specifically stated in this Privacy Policy, we will not disclose, trade, rent, sell or otherwise transfer your personal information, without your consent. Access to your personal information is restricted to Secure Exchanges, more specifically to their personnel, management and the marketing team who need access to this personal information as part of their functions for Secure Exchanges.
Exceptions. We may transfer your personal information that is not encrypted and which we have access to:
- service providers, i.e. third parties (or otherwise make your personal information available to them) who provide services on our behalf in Canada, in the United States or abroad, including Google in order to use the various Google Analytics features described herein. Our service providers are given the information they need to perform their designated functions, and we do not authorize them to use or disclose personal information for their own marketing or other purposes.
- to entities, organizations and authorities for legal purposes. In other words, we and our service providers can disclose your personal information in response to a search warrant or other legally valid inquiry or order, or to an investigative body in the case of a breach of an agreement or contravention of law, or as otherwise required or permitted by applicable law. We may also disclose personal information where necessary for the establishment, exercise or defense of legal claims and to prevent actual or suspect loss or harm to persons or property; and/or
- to another entity in connection with a merger or sale including all or part of our company or as part of a corporate reorganization or stock sale or other change in corporate control. In that case, we may transfer your personal information to a third party as part of the transaction.
As previously mentioned, the content of messages sent or exchanged while using the products and services offered by Secure Exchanges are encrypted at the source and are only decrypted by the recipient. Therefore, Secure Exchanges is not able to access the encrypted content and only has access to the personal information that is included in the subject field of the email and the email addresses and IP addresses of the sender and the recipient.
THIRD PARTY LINKS
Our Website may contain links to other sites that Secure Exchanges does not own or operate. Also, links to our Website may be featured on third party websites on which we advertise. Except as provided herein, we will not provide any of your personal information to these third parties without your consent. We provide links to third party websites as a convenience to the user. These links are not intended as an endorsement of or referral to the linked websites. The linked websites have separate and independent privacy statements, notices and terms of use, which we recommend you read carefully. We do not have any control over such websites, and therefore we have no responsibility or liability for the manner in which the organizations that operate such linked websites may collect, use or disclose, secure and otherwise treat your personal information.
SECURITY OF PERSONAL INFORMATION
We have implemented, and we apply administrative, technical and physical measures aiming to protect the Personal Information in our custody and control against unauthorized access, use, modification and disclosure.
We have personal information retention processes designed to retain personal information of our customers for no longer than necessary for the purposes stated above or to otherwise meet legal requirements.
Secure Exchanges shall comply with the Privacy Policy set forth in this Agreement in its collection, receipt, transmission, storage, disposal, use and disclosure of such Personal Information and be responsible for the unauthorized collection, receipt, transmission, access, storage, disposal, use and disclosure of Personal Information under its control or in its possession by all.
In recognition of the foregoing, Secure Exchanges agrees and covenants that it shall:
- keep and maintain all Personal Information in strict confidence, using such degree of care as is appropriate to avoid unauthorized access, use or disclosure;
- use and disclose Personal Information solely and exclusively for the purposes for which the Personal Information, or access to it, is provided pursuant to the present Privacy Policy and not use, sell, rent, transfer, distribute, or otherwise disclose or make available Personal Information for Secure Exchanges’ own purposes or for the benefit of anyone other than the user, in each case, without user’s prior written consent; and
- not, directly or indirectly, disclose Personal Information to any person other than its Authorized Persons without express written consent from the user unless and to the extent required by Government Authorities or as otherwise, to the extent expressly required, by applicable law.
At a minimum, Secure Exchanges’ safeguards for the protection of Personal Information shall include:
- limiting access of Personal Information to Authorized Employees;
- securing business facilities, data centers, servers, back-up systems and computing equipment;
- implementing network, device application, database and platform security;
- securing information transmission, storage and disposal;
- implementing authentication and access controls within media, applications, operating systems and equipment;
- encrypting content of messages without being able to retrieve or to access the keys transmitted over public or wireless networks;
- strictly segregating Personal Information from information of Secure Exchanges or its other customers so that Personal Information is not commingled with any other types of information;
- implementing appropriate personnel security and integrity procedures and practices, including, but not limited to, conducting background checks consistent with applicable law; and
- providing appropriate privacy and information security training to Secure Exchanges’ employees.
SECURITY BREACH PROCEDURE
Secure Exchanges agrees to:- provide users with the name and contact information for an employee of Secure Exchanges who shall be available to assist a user in resolving obligations associated with a Security Breach;
- notify any user of a Security Breach as soon as practicable, but no later than 48 hours after Secure Exchanges becomes aware of the said Security Breach; and
- notify Customer of any Security Breaches by any available communication means.
Secure Exchanges agrees to use best efforts to remedy any Security Breach in the best delays.
AUDIT OF SECURITY COMPLIANCE
Secure Exchanges may periodically conduct site audits of the information technology and information security controls for all facilities including, but not limited to, obtaining a network-level vulnerability assessment performed by a recognized third-party audit firm based on the recognized industry best practices.
ACCESS TO YOUR PERSONAL INFORMATION
You have the right to access, update, and correct inaccuracies in your personal information in our custody and control, subject to certain exceptions prescribed by law. You may request to access, update and correct inaccuracies in your personal information that we have in our custody or control by emailing or writing to us at the contact information set out below. We may request certain personal information for the purposes of verifying the identity of any individual seeking access or update to their personal information records.
CHANGES TO THE PRIVACY POLICY
This Privacy Policy may be updated periodically to reflect changes to the applicable laws or to our personal information practices. The revised Privacy Policy will be posted on this Website. We will treat personal information in a manner consistent with the Privacy Policy in effect when we collect your information unless we have your consent to treat it differently.
WITHDRAWING YOUR CONSENT TO THE RETENTION, USE AND DISCLOSURE
You may withdraw your consent to our retention, use or disclosure of your personal information at any time by contacting us as set out below in the “Contact us section”. However, if you withdraw your consent, we may not be able to respond to your requests, process your requests or provide you with any help regarding the Website.
CONTACT US
If you have comments or questions about the way we use your personal information or if you would like to access, review, update, or correct the personal information in our custody, please contact us in the manner described below.
Attention of: Support
Phone: 1-800-955-3872
Mailing address: POBOX 1002 Succ. Saint-Nicéphore, Drummondville (QC), Canada J2A 0B1
Online: support@secure-exchanges.com