Capital terms that are not defined here have the same meaning as set out in our Terms and Conditions.
Personal data or personal information or personally identifiable information (“Personal Data”) means information about an identifiable individual or natural person – that is, someone we can identify, directly or indirectly, using an identifier like a name, an identification number, location data, an online identifier, or someone we can identify using one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
While Customer Data may include your Personal Data or Personal Data belonging to someone who has provided you with the authority to upload to Vaultt servers, this Policy does not address Customer Data. Customer Data is specifically dealt with under the Terms and Conditions or the agreement between you and Vaultt when you Register for a Subscription Plan to use our Vaultt Application. Vaultt does not have access to Customer Data as it is securely encrypted from end-to-end.
By Registering for our Services, you are providing your meaningful consent for us to control and process your Personal Data, or the Personal Data of those who have authorized you to share their Personal Data (“Consent”). Even though we strive to ensure that any information that comes through our systems is securely protected, you acknowledge that no security solution is completely impenetrable. This means your Personal Data, and information you decide to share with us or upload to our servers, may be exposed to unauthorized individuals in the event of a security breach. A security breach may create a risk of significant harm to you or to the owner of the Personal Data. For more information about meaningful consent or risk of significant harm, please visit https://www.priv.gc.ca/en/privacy-topics/collecting-personal-information/consent/.
We therefore strongly encourage you to read this Policy carefully and let us know if you have any concerns or questions by contacting us at firstname.lastname@example.org.
What Personal Data do we collect?
We collect the following types of Personal Data:
– First name;
– Last name;
– Email address;
– Phone number;
– Payment information (Subscription Plan, purchase date, scheduled billing date, Subscription status); and
– Metadata for calendar events (Google, Apple, Android calendar applications).
If you have added other User Accounts that are affiliated with your Customer Account, we also collect their Personal Data, including their first name, last name, email address, phone number and metadata for calendar events.
When Customers or Users login to use the Vaultt Application, we also collect information about your Device, including your IP address, the type of operating system, and your login credentials.
When Customers and Users access our Website, we collect information about the browser you use; what pages you visit; and the links you click on through the Website. Other information we collect include normal website traffic, device ID, device usage, and geolocation (if it has been enabled by you).
We may also collect your Personal Data if you have made your Personal Data publicly available on the Internet or through any list or database we are authorized to use or see.
How do we collect your Personal Data?
When you Register for a Customer Account or User Account to use our Services, we require certain Personal Data to process your Account application. We also collect Personal Data every time Customer or User logs in to their respective Accounts, access and use our Website. Lastly, we collect your Personal Data that is publicly available on the Internet which we have received either through third-party websites or marketing companies.
How will we use your Personal Data?
Vaultt uses Personal Data to:
– communicate with Customers and Users in the context of providing technical support or responding inquiries;
– communicate with Customers and Users respecting the use of the Service and other matters including but not limited to regulatory compliance, subscription and payment information, software or application functionality and updates, security and breaches;
– improve our services, software, applications, security, and evaluate how we are doing;
– conduct security checks, tests, audits, or system analyses;
– verify the identity of Customers or Users (where required);
– comply with our financial, reporting, and legal obligations;
– update you on changes to any of our policies, terms, and services;
– track how our Customers and Users use the Vaultt Application so that we can identify frequently used and preferred functions within the Vaultt Application and improve the Services we provide;
– complete transactions, collect fees, process payments, or provide receipts or reports to Customers and Users.
If our reasons for collecting your Personal Data changes, we will let you know and request your consent for any new control or processing purpose.
Third Party Service Providers
Vaultt engages certain third-party service providers to help provide its Services to Customers and Users. From time to time these third-party service providers will need access to your Personal Data to complete their work. The third-party service providers we currently engage include:
– Amazon AWS. We use Amazon AWS to host Customer Data and our Vaultt Software. We have very limited access to Customer Data uploaded by Customers or Users to our servers at Amazon AWS.
– Iversoft. We engage Iversoft for software development and upgrades, and to provide technical support for Customers and Users.
– Cronofy. We use Cronofy as part of our Vaultt Application to allow Customers and Users connect to their calendar data.
– Zen Desk. We use Zen Desk to facilitate our customer support services for Customers and Users.
We strongly encourage you to review the privacy policies of our third-party service providers (links provided above). If we change the third-party service providers we engage, we will update our Policy and send you a notification.
When you visit our Website, we sometimes include direct links to third party websites, like Twitter, LinkedIn, or Facebook. You acknowledge that Vaultt does not have control over any of these links and the information you provide to those third-party websites.
How do we store and retain your Personal Data?
All information uploaded to the Vaultt Application or sent to Vaultt in connection with the Services is held on our Amazon AWS servers. We do not keep any hard copies of Personal Data, and in the event that we have or have received hard copy documents containing Personal Data, we will destroy hard copies as soon as is feasible, subject to our legal obligations.
We retain information for as long as we are required by law to retain information. Once we no longer need the information for the purpose for which it was collected, we securely dispose of or de-identify any Personal Data, subject to our legal requirements and any written requests from you.
Vaultt likes to send you information about our new products and services. Unless we already have a business relationship with you or you have offered your Personal Data to us separately, we will always ask you for your consent before sending you any commercial electronic messages.
You can opt-out of receiving any marketing messages from us at any time by contacting us at email@example.com. We will promptly add you to a do-not-send list and modify our records. You acknowledge that your name and contact information will be retained on our do-not-send list.
Vaultt otherwise does not share or sell your Personal Data to any third parties for sales, marketing, survey, or other purposes.
What are your rights?
Subject to our legal obligations, you have the right to:
– request access to your Personal Data;
– request corrections to your Personal Data; and
– withdraw your Consent to our processing of your Personal Data.
If you are a ‘consumer’ from certain US states, you may also have the right to request that we erase your Personal Data, under certain restrictions; restrict or object to our processing of your Personal Data; or, request that we transfer your Personal Data to another organization or directly to you, under certain conditions.
You acknowledge and understand that Vaultt does not have access to your Customer Data that you upload onto our servers through the Vaultt Application. If you wish to delete specific data from a Customer or User Account, you may do so through your Customer or User Account. Vaultt can only delete accounts and any of the Personal Data that Vaultt collects for the reasons provided in this Policy. Please see our Terms and Conditions for more information on Customer Data.
To exercise any of the above rights, please contact us at firstname.lastname@example.org.
Vaultt tracks information using different types of cookies when you use our Website.
What are cookies?
How to manage your cookies
You can set up your browser to disable cookies at any time. For instructions on how to disable cookies, please visit the links below:
– Internet Explorer
– Mozilla Firefox
– Microsoft Edge
– Google Chrome
If your browser is not listed above, we encourage you to consult information technology experts.
Do not track
We do not currently respond to browser Do Not Track signals.
Vaultt’s Services are premised on the ability to provide Customers and Users with a high level of security, including implementing technical, physical and administrative measures, for private information and Customer Data. We apply the same security protocols to your Personal Data.
Our systems are stored on Amazon AWS servers and as such are subject to Amazon’s physical, technical, and administrative security measures. For more information, please visit https://aws.amazon.com/security/.
We test our systems regularly and investigate any potential breaches. In addition to Vaultt’s tasks set out in the Information Security Management Policy, where Vaultt becomes aware of a security breach in our systems, we will send a notice to any affected individuals where we feel there is a reasonable risk of significant harm resulting from the breach within 72 hours of discovering the breach. If you have questions about our security practices, please contact us at email@example.com.
Customers of Vaultt must be persons who have attained the age of majority in the jurisdiction where they reside.
Vaultt does not intentionally collect Personal Data of minors without consent from parents or guardians. If you are a minor (a person who has not attained the age of majority or someone who is under 13 years of age), then your parent or guardian must provide us with their consent for you to use our Services before you use our Services. When Customers sign up for Vaultt and add Users to their account, Customers may designate the User Account as a minor’s account. Vaultt has no control over the designation of User Accounts. If you are a Customer who has designated a User Account as an account for a minor, you acknowledge that you are responsible for the information that the minor User uploads to Vaultt servers through the Vaultt Application.
If you are a parent or guardian of a minor who has provided Vaultt with Personal Data, and you wish for Vaultt to cease collecting and processing such minor’s Personal Data, please contact us immediately at firstname.lastname@example.org. While we will provide support in any way we can, you acknowledge and understand that Vaultt cannot access any Personal Data uploaded to Vaultt servers through the Vaultt Application. Vaultt implements high security and end-to-end encryption which prevents anyone but the Customer or User from accessing information on their accounts.
Changes to our Policy
We reserve the right to change this Policy from time to time. If we may any significant changes, we will notify you of the changes and post the most recent version of this Policy in effect on our Website. Please note the ‘Last Updated’ date at the bottom of this page.
If you have questions or concerns regarding our privacy or data protection practices or policies, please contact our Data Protection Officer at email@example.com.
If you feel Vaultt has not addressed your privacy related concerns in a satisfactory manner, you can contact the appropriate governmental authority in your jurisdiction. These governmental bodies are often called data protection authorities, information commissioner’s offices, or supervisory authorities.
Last Updated: January 23, 2020