This Privacy Statement relates to information collected by SecureSheet Technologies, LLC (referred to in this Privacy Statement as “SecureSheet” “we” or “us” or “our”) through your use of the SecureSheet website, its features, the services we provide, and information available through the SecureSheet website.
“You” or “your” refers to the individual whose information is shared with SecureSheet.
As used in this Privacy Statement, the terms “using” and “processing” information include using cookies on a computer, subjecting the information to statistical or other analysis and using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, using, combining, disclosing and transferring information within our organization.
SecureSheet obtains information from individuals in the following ways:
- When you contact us directly;
- When you sign up to receive our services;
- When your employer signs up as a SecureSheet customer and provides your information to us; and
- When you provide a third-party service to SecureSheet.
Customers who wish to have us handle information from the European Union may elect to enter into a Data Processing Amendment with us. Should the customer decide to do so, our Data Processing Amendment governs how we handle information obtained from our customers when they use our services. You may read our Data Processing Amendment here at Data Processing Amendment (DPA).
Contents
Whose information does SecureSheet collect?
What information does SecureSheet collect?
Does SecureSheet collect any information from third parties?
When does SecureSheet collect information?
Does SecureSheet collect any information from cookies?
What does SecureSheet do with the information it collects?
How does SecureSheet share information with third parties?
Does this Privacy Statement apply when I link to other websites or services?
Is the information collected through the SecureSheet service secure?
Could my information be transferred to other countries?
What are my data rights if I am in the EEA, UK , or Switzerland?
How long does SecureSheet store my personal information?
Does SecureSheet respond to Do Not Track (DNT) requests?
Can I update or correct my personal information?
Whom may I contact with questions about this Privacy Statement?
Whose information does SecureSheet collect?
Generally speaking, SecureSheet collects information from our customers and their employees.
Our customers are individuals and businesses who have signed up for a SecureSheet account or that we believe may be interested in signing up for a SecureSheet account. If you are a customer or the employee of one of our customers, we will handle your information under the terms of our Data Processing Amendment.
We may also collect some information from service providers that support SecureSheet’s business operations.
What information does SecureSheet collect?
We may collect certain types of personal information relating to you, depending on your use of our services and your interactions with us.
Personal information is information that identifies you or may be used in combination with other pieces of personal information to identify you. Examples of personal information we may collect include name, email address, job title, employee ID number, and employer. If you are a customer, we will collect payment information from you to process your payments.
If you contact us directly, we will collect the contact information associated with the communication (such as your email address).
Does SecureSheet collect any information from third parties?
SecureSheet collects contact information for potential customers from trade shows and third-party providers for purposes of marketing our services. You may contact us at any time if you wish to stop receiving marketing communications from us.
When does SecureSheet collect information?
SecureSheet will collect personal information that you submit to us, either by directly contacting us or by registering for an account on our website. If you are an employee of one of our customers, SecureSheet will also collect information that has been submitted on your behalf by your employer.
Does SecureSheet collect any information from cookies?
We use data collection devices such as “cookies” on certain pages of our website to help facilitate your use of our website. “Cookies” are small files placed on your hard drive that assist us in providing access to our website and services. The cookies on the Site are “session cookies,” meaning that they are automatically deleted from your hard drive at the end of a session. The cookies used on the SecureSheet website do not collect any personal information from you and are used only to ensure that you remain logged in while navigating our website.
You may delete and block cookies from our website by controlling the settings of your web browser. If you block cookies, you may still use our website, but your ability to use some features of our website may be limited.
What does SecureSheet do with the information it collects?
We use the information we collect from our customers or service providers to identify you internally for the purposes of managing our relationship with you. We do not extract any information from our customers’ use of SecureSheet’s services or use the information contained in these spreadsheets for any purposes.
If you contact us, we will use the contact information you have provided to respond to your questions or comments, and we may save your questions or comments for future reference.
How does SecureSheet share information with third parties?
We use third-party service providers to provide specific services to support SecureSheet, including hosting, payment processing, email, and document storage. In the course of providing these services, our service providers may have access to information we have collected, including your personal information. Our service providers have committed to (1) protect the privacy of your personal information consistent with this Privacy Statement, and (2) not use or disclose your personal information for any purpose other than providing us with the services we have requested or as otherwise provided by law.
Legal process
We may disclose your information (including personal information) if we believe in good faith that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, or other valid legal process. We may disclose personal information in special circumstances when we have reason to believe that disclosing this information is necessary to identify, contact or bring legal action against someone who may be violating our Terms of Use, to detect fraud, or to protect the safety and/or security of our users, the SecureSheet website, or the general public. SecureSheet is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
We also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
Sale of business
We reserve the right to transfer information to a third party in the event of a sale, merger or other transfer of all or substantially all of the assets of SecureSheet, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Privacy Statement.
Does this Privacy Statement apply when I link to other websites or services?
The SecureSheet website or our services may provide you with access to other websites and services. Please be aware that we are not responsible for the privacy practices of any websites or services other than those provided by SecureSheet. We encourage you to read the privacy policies or statements of each and every such website and service. This Privacy Statement applies solely to information collected by us.
Is the information collected through the SecureSheet service secure?
We use procedural and technical safeguards to protect your personal information against loss or theft as well as unauthorized access and disclosure to protect your privacy, including encryption, “firewalls” and Secure Socket Layers. We treat data as an asset that must be protected against loss and unauthorized access. We employ many different security techniques to protect such data from unauthorized access by other users of the Service and unauthorized third parties. User IDs and passwords are part of our security protections, and each user is responsible for the protection of their User ID and password. Despite our commitment to the protection of data using reasonable and appropriate measures, no security measure is foolproof, and there can be no guarantee that our security measures will be completely effective. You may see our Security Statement for more information.
Could my information be transferred to other countries?
SecureSheet is based in the United States. Information collected via our website, through direct interactions with you, or from use of our services may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such data.
How are transfers of your information from within to outside the European Economic Area (EEA) handled?
SecureSheet is based in the United States and we process and store information in the U.S. Therefore, we and our service providers will store and access your personal information in the U.S. The U.S. may not provide equivalent levels of data protection as enjoyed in your home jurisdiction.
In such instances, whenever your personal data is transferred to countries outside of the EAA, UK or Switzerland, we will ensure that at least one of the following safeguards is in place:
- The country is one that the European Commission have approved as providing an adequate level of protection for personal data;
- The transfer is subject to a specific derogation in the GDPR or national laws;
- Through the use the standard contractual clauses as the transfer mechanism when a case-by-case analysis has been performed; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data substantially similar protection as in the EEA or UK
What are my data rights if I am in the EEA, UK , or Switzerland?
Equivalent. If you reside in the EEA, the United Kingdom, or Switzerland, our use of your personal information is governed by the European Union’s General Data Protection Regulation, or “GDPR” or applicable EEA, UK or Swiss national laws. These grant you particular rights in your personal information, including the right to alter, correct, receive, or delete personal information processed by SecureSheet subject to our business interests and any legal requirements we may face.
Those in the EEA, UK, or Switzerland have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the EEA are available here.
Data Request and Rights
We respond to all requests we receive from individuals wishing to exercise their data protection rights under applicable data protection laws. To protect your privacy and security, we may need to take reasonable steps to verify your identity before responding to your request.
To exercise any of these rights, you may contact us at support@securesheet.com. If we are unable to resolve your complaint, you may contact your country’s data protection authority.
You may also contact our Article 27 representative in the EU and the UK with any questions about our processing of personal information. Please send inquiries to: securesheet@gdprrepresentative.eu.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here.
If you need further assistance regarding your rights, please contact us support@securesheet.com and we will consider your request in accordance with applicable law. In some cases, our ability to uphold these rights for you may depend upon our obligations to process personal information for security, safety, fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
Data Protection Framework
SecureSheet complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.
SecureSheet has also certified to the US Department of Commerce that it adheres to EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S.
SecureSheet has also certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
If there is any conflict between the terms in this policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. SecureSheet’s commitments under the Data Privacy Framework are subject to the investigatory and enforcement powers of the United States Federal Trade Commission. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/s/.
As set out above SecureSheet uses a limited number of third-party service providers to assist us in providing our services to our users and business customers. These third parties may access, process, or store personal data in the course of providing their services. SecureSheet maintains contracts with these third parties restricting their access, use and disclosure of personal data in compliance with our Data Privacy Framework obligations, including the onward transfer provisions.
DPF Mediation, Arbitration and Unresolved Complaints
In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, SecureSheet commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF to the EU Data Protection Authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC),. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit here (for a list of EU DPAs) or here (for the FDPIC) for more information or to file a complaint. This service is provided at no cost to you.
In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, you have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. For more information please see Q11 Invoke Arbitration and ANNEX-I-introduction on the DPF website.
In compliance with the EU-U.S. DPF and the Swiss-U.S. DPF, SecureSheet commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the Swiss-U.S. DPF.
DPF Notice of Liability for Onward Transfers
Even in the case of an onward transfer of your personal information, SecureSheet has responsibility for the processing of personal information it receives under the DPF Principles and subsequently transfers to a third party acting as an agent on its behalf.
SecureSheet shall remain liable under the DPF Principles if its agent processes such personal information in a manner inconsistent with the DPF Principles, unless SecureSheet proves that it is not responsible for the event giving rise to the damage. For more information please see FAQs – Privacy Policy (11–12) on the DPF website.
What choices do I have regarding the collection, disclosure and distribution of personal information?
Except as otherwise described in this Privacy Statement, we will only use personal information for the purposes described above or as otherwise disclosed at the time we request such information from you. We will not use your personal information for any other purpose without first notifying you and obtaining your consent. You may also change your preference and “opt out” of receiving certain marketing communications from us by contacting us via email.
How long does SecureSheet store my personal information?
If you are a SecureSheet customer or an employee of one of our customers, your data is retained for as long as the associated customer account is active. We will delete information associated with your customer account at your direction. We keep historic backups of all of our data for one month in order to recover past versions of a customer’s documents upon their request.
Does SecureSheet respond to Do Not Track (DNT) requests?
At this time, SecureSheet takes no action when it receives a Do Not Track signal from your browser.
Can I update or correct my personal information?
If you are a SecureSheet customer, you may contact us in order to update or
correct your contact information, receive the information we hold about you, or cancel your account. You may also make adjustments to information by logging in to your account and clicking on “Edit My Profile.” Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Privacy Statement prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.
You should be aware that it is infeasible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your information may exist in a form that will be difficult or impossible for us to locate. As detailed above, all of our backups are maintained for one month. Promptly after receiving your request, all personal information stored in databases we actively use, and other readily searchable media will be updated, corrected, changed or deleted, as appropriate, as soon as and to the extent reasonably and technically practicable.
If you are an employee of a customer and wish to update, delete, or receive any information we hold about you, you should contact your employer’s SecureSheet Administrator.
Whom may I contact with questions about this Privacy Statement?
If you have any questions or comments about this Privacy Statement, or you wish to have any information corrected, deleted, or sent to you, you may email support@securesheet.com or call or write to:
Mark W. Byrd,
Managing Member
SecureSheet Technologies, LLC
4030 Wake Forest Rd., Suite 300
Raleigh, NC 27609
Email: mbyrd@securesheet.com
Phone: 877-475-1153
Fax: 919-375-4543
SecureSheet will respond to your correction or update request within at most 30 days from the date of your request.
If you are located in the European Union, you may contact our EU representative at securesheet@gdprrepresentative.eu.