Version 1.0, effective as of May 1, 2018
In this Privacy Policy, we describe the types of data, including personal data (collectively, "data"), that we and our associated companies collect from you when you use BerSec LTD websites and certain BerSec LTD products and services as described in this Privacy Policy (collectively, our "services"), how we use and disclose that data, and your options to access or update your data.
This Privacy Policy may be amended from time to time. The respective latest version of the Privacy Policy at the point of time of the purchase a service from BerSec LTD. The data controller is BerSec LTD (BerSec).
BerSec LTD as data controller, is responsible for compliance with data protection legislation. BerSec LTD is primarily responsible for exercising of rights of data subjects and providing information about data processing.
The following definitions are used throughout this Privacy Policy:
Bersec LTD Service. Any software product owned or created by Bersec LTD or service delivered by Bersec LTD and provided under Bersec LTD Subscription Agreement or other Bersec LTD contract EXCLUDING software that can be used by Bersec LTD software products but is not created by Bersec LTD. This may include, but not be limited to, code that extends the functionality of a Bersec LTD software product. Any such code is governed by its own terms and conditions and privacy policy.
Bersec LTD Website. Any website that is the property of Bersec LTD, including but not limited to everything hosted under the top-level domains bersec.pl, bersec.co.uk, bersec.uk.
Bersec LTD Account. An account created by Bersec LTD for you after signing a contract for Bersec LTD service. Account contains your first name, last name, email address, and username. It is accessed via a username and password.
Bersec LTD Terms of Use means Bersec LTD Subscription Agreement, Bersec LTD Terms of Use for a product or a service,or other agreements you have in place with Bersec LTD covering Bersec LTD Products or services.
Bersec LTD services, Bersec LTD software, Bersec LTD Websites may be collective referred to as "Bersec LTD Products and Services".
Personal Data means any data relating to an identified or identifiable natural person.
To provide you with software, services, or information. We may collect data which are required to provide you with the software, support, and services, including checking for license validation and updates, provision of support, reporting of vulnerabilities, issues and bugs, and other processing connected with use of Bersec LTD Products and Services, or information. We may use third-party service providers, acting as data processors, to assist us in providing Bersec LTD Products and Services to you or in our operations. For example, we may use third-party service providers to provide data storage and backup services. We do not transfer your personal data to any 3rd parties acting as separate data controllers to provide you with complimentary products and services.
To protect us from unlawful use of our software or services. We may collect data which are required to protect us from any unlawful, or unauthorized use of our software or services, or which are necessary to ensure security of our software or services, including both data provided by you (see above) and data collected in the course of use of Bersec LTD Products and Services. The legal basis for this data processing is Bersec LTD legitimate interest in protection from unlawful use of Bersec LTD Products and Services.
To improve our offerings based on usage we may collect anonymous data based on your use of Bersec LTD Products and Services, and we do not associate these data with your name. We use these data to better understand the usage patterns of our services and products and the behaviors of our collective audience. At times we may share this information in aggregated anonymous form with third parties or publish in on Bersec LTD Website or Bersec LTD research papers. The legal basis for this data processing is our legitimate interest in improving our software and services.
For internal evidence of Bersec LTD and to protect the rights and interests of Bersec LTD and other users we may collect data which are required to keep evidence of provision of software and services to you, of any communication between you and us, of your contact details, of your use of our software and services, of any payments or refunds, and of any issues or disputes between you and us. We may use and disclose these data where we believe, in our sole judgment, that it is legitimate and appropriate to do so to protect our rights and interests and the rights and interests of other users of Bersec LTD Products and Services, or where we believe there has been a violation of this Privacy Policy that could affect the interests of Bersec LTD or its customers. The legal basis for this data processing is our legitimate interest in keeping internal evidence and protecting the rights and interests of us and other users.
To promote and market our products and services.We may use feedback that you provide voluntarily on our products or services. As permitted by applicable law, we may use this in the form of quotes or in other ways in accordance with the Bersec LTD Privacy Policy or Bersec LTD contract. We also may use data that we collect and aggregate to assist us in determining appropriate marketing and advertising for our products and services. In doing so, we may share anonymous aggregated data with third parties to assist us with these efforts. With your consent or if permitted by applicable law, we may also use your contact details to send you commercial communications about our products and services. The legal basis for this data processing is our legitimate interest in promoting and marketing our products and services.
To fulfil legal duties stipulated by accounting, taxation, and other laws. We may use and disclose your personal data where required by law, such as in keeping and disclosing our accounts, in keeping and disclosing our tax records, and in response to a court order, valid subpoena,or other legal process. The legal basis for this data processing is our compliance with our legal obligations.You may object to the processing of your personal data for the purposes b) to e) at any time.
Categories of data involved in data processing include:
names, email address, office phone number, mobile phone number, username, password, cookies, IP address, SSH public key, PGP/GPG public key, S/MIME and other network certificates, physical address, information about subscription and payments, tax ID, data about usage of Bersec LTD Products and Services, comments, voluntarily provided feedback, and any data provided in survey responses, data provided voluntarily for pricing purposes, data in issue reports pertaining to Bersec LTD Products and Services.
Where appropriate, we will prompt you to give us your consent to the collection and processing of your data as described above.
Our products and services are not designed for and are not offered to children under the age of 13. If we discover that a person under the age of 13 has submitted information directly to us, we will endeavor to delete the information from our systems.
To respect your privacy, before using your personal data, we will inform you about the categories of data we collect and the purposes we use them for. We will also inform you about the data management options that you may have. For this purpose, we use agreements, terms of use, and consent notices embedded in Bersec LTD Products and Services contracts and policies. Should you wish to access and manage your data, you can do so by contacting us at office [at] bersec.uk. Using this email address you can update and manage your data and also provide us with an opt-out of certain personal data collection when applicable.
Collected personal data are shared based on particular contract, and this Privacy Policy.
According to Bersec LTD contracts covering a particular Bersec LTD Products and Services, as part of the product or service functionality, collected personal data may be shared with other representatives of your company.
We may share your data with certain third parties which help us provide you with Bersec LTD Products and Services, or to run our business, for example to providers of data storage and backup services or provide accounting or other financial or legal services. We may also share your data with individual representatives of your company.
Your personal data may also be shared with other organizations or individuals if we have obtained your consent to do so.
We may also share your data with certain third parties if we are obliged to do so under applicable legislation (especially with tax authorities or with other government bodies exercising their statutory powers) or if such sharing is necessary to achieve the purposes defined above (especially with government bodies or with parties harmed by your illegal acts, if applicable).
To secure your personal data, our products and services are designed with security and privacy in mind.
We encrypt your data in transfer and at rest where it is technically feasible. External web resources are protected by strong and secure TLSv1.2 encryption.
We review the processes of personal data usage before implementing them. This is done to minimize data usage and to make sure that you as the data owner is informed about the processing. When the reason for data storage expires, we remove your personal data from our servers or anonymize it for further usage. By the nature of the activity within which your data is collected, it may appear in datasets used for research. Before using the datasets for research or other purposes you are not informed of, we remove or anonymize your personal data in the datasets.
We use partners to host our services and websites and to process your data in accordance with this Privacy Policy. While choosing the partners, we ascertain their compliance with legal regulations and security standards to make sure your data are stored in a secure location with appropriate security measures in place.
Any servers or services that contain personal data are located within the EU. We do not transfer your personal data to 3rd countries outside of EU.
If at any time you choose to cease using Bersec LTD Products and Services, you may ask for your data to be removed from our servers by sending a request to office [at] bersec.uk. Generally, we retain your data as long as we need to in order to achieve the purpose for which it was collected. We may retain your information if it is required to comply with legal obligations and/or defense in case of violation of Bersec LTD contracts and/or Privacy Policies. We may also have copies of your information in application logs, web logs, and/or backups made for security and support purposes These backups will not be accessible as separately delineated information. We may store data pertaining to a customer or user for as long as they are entitled to a license or usage of Bersec LTD Products and Services. Further, we may keep the data to protect ourselves from damage in case of litigation in accordance with the current legislation. Please note, however, that you must retain a copy of all data that you have placed on our servers in the case of any loss; further,if you cease using our software and/or services, we will not be responsible for retention of any of your data.
We expect you to check the Personal Data you provide to us and if any inconsistency takes place, update your Personal Data or report the inconsistency to Bersec LTD.
As permitted by applicable law, EU residents may request a copy of the information that we hold about them. To do so, please contact office [at] bersec.uk. We may charge a fee in accordance with applicable law for this service.
Moreover, as set out in locally applicable personal data protection law, you may have the right to: (i) request access to your personal data; (ii) request rectification of your personal data; (iii) request erasure of your personal data; (iv) request a restriction on the processing of your personal data; (v) request personal data portability; or (vi) object to the processing of your personal data.
These rights can be exercised via the email address office [at] bersec.uk. You may also contact Bersec LTD to get up to date information about your personal data processing and any personal data recipients.
You may lodge a complaint related to the processing of your personal data with the competent data protection supervisory authority, i.e. in the England: Information Commissioner's Office (https://www.gov.uk/government/organisations/information-commissioner-s-office)
This Privacy Policy is current as of the Effective Date set forth above. We may change this Privacy Policy from time to time, so please be sure to check back periodically. We will post any changes to this Privacy Policy on Bersec LTD Website. If we make any changes to this Privacy Policy that materially affect our practices with regard to the personal information we have previously collected from you, we will endeavor to provide you with an advance notice of such change by highlighting the change on Bersec LTD Website.
If you have any questions or concerns, or you feel that this Privacy Policy has been violated in any way, please let us know immediately by contacting office [at] bersec.uk