Risk Shield Privacy Notice
Risk Shield powered by CROSStrax, Inc. (“Risk Shield”) provides this Privacy Policy to inform you of our policies and procedures regarding the collection, use and disclosure of personal information we receive from users of Risk Shield powered by CROSStrax.com and any subdomains related thereto (collectively, this “Site”). This Privacy Policy applies only information that you provide to us through this Site and direct communication via e-mail, phone, and post.
This Privacy Policy is intended to help you understand:
- What information we collect about you
- How we use information we collect
- How we share information we collect
- How we store and secure information we collect
- How to access and control your information
- How we transfer information we collect internationally
- Other important privacy information
For the purposes of the General Data Protection Regulation of the European Union (the “GDPR”), Risk Shield powered by CROSStrax is the Data Controller with respect to information collected through this Site. Risk Shield powered by CROSStrax’s contact information can be found at the bottom of this Privacy Policy. Where this policy refers to “personal data” it refers to personal data within the meaning given in the GDPR.
Privacy policy
Information Collection and Use
Our primary goals in collecting information are to provide and improve our Site, services, features and content, to administer your use of the Site and to enable users to enjoy and easily navigate the Site.
Personal Information
When you register with us through the Site or when you conduct other activities on the Site, including, but not limited to, requesting information or requesting an online product demonstration we will ask you for personally identifiable information. This refers to information about you that can be used to contact or identify you (“Personal Information”). Personal Information includes, but is not limited to, your name, company name, phone number, email address and business postal address. We use your Personal Information mainly to provide services associated with the Site, to fulfill your requests for information about us or our products, and to contact you about our products or services. We do not take payment on our site and will not ask you for financial information.
We also collect the other information that you provide as part of registration or otherwise via the Site (e.g., without limitation, state, country, position, industry or title) (“Non-Identifying Information”). We use your Personal Information (in some cases, in conjunction with your Non-Identifying Information) mainly to provide services associated with the Site and administer your inquiries. We may combine your Personal Information with Non-Identifying Information and aggregate it with information collected from other sources, to attempt to provide you with a better experience, to improve the quality and value of the Site and to analyze and understand how our Site is used. We may also use the combined information without aggregating it to serve you specifically, for instance to deliver a communication to you according to your preferences or restrictions.
We also use your Personal Information to contact you with Risk Shield powered by CROSStrax newsletters, marketing or promotional materials and other information that may be of interest to you. If you decide at any time that you no longer wish to receive such communications from us, please follow the unsubscribe instructions provided in any of the communications or update your “user preferences” information through the Site.
We do not collect any special categories of personal data (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership or information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. All of your Personal Information and some or all of your Non-Identifying Information is “personal data” as defined in the GDPR.
Log Data
When you visit the Site (a “Risk Shield powered by CROSStrax User”), our servers automatically record information that your browser sends whenever you visit a website (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type or the webpage you were visiting before you came to our Site, pages of our Site that you visit, the time spent on those pages, information you search for on our Site, access times and dates, and other statistics. We use this information to monitor and analyze use of the Site and for the Site’s technical administration, to increase our Site’s functionality and user-friendliness, and to better tailor it to our visitors’ needs. We also use this information to verify that visitors to the Site meet the criteria required to process their requests. We do not treat Log Data as Personal Information or use it in association with other Personal Information, though we may aggregate, analyze and evaluate such information for the same purposes as stated above regarding other Non-Identifying Information. Some of your log data may be “personal data” as defined in the GDPR in which case it will be treated accordingly.
Cookies
Cookies are small data files that we transfer to your hard drive that contain information about you such as your login ID. The cookies allow our site to recognize your browser, track the validity of your authenticated session and track your UI preferences on the Site. Our cookies do not collect Personal Information. Cookies may collect personal data to the extent your IP address, device ID or similar technical information constitutes personal data. You can choose to reject or turn off the cookies through your browser settings. If you do not accept cookies, however, you may not be able to use all of the functionality of the Site.
We use Google Analytics for aggregated, anonymized website traffic analysis. In order to track your session usage, Google drops a cookie (_ga) with a randomly-generated ClientID in your browser. This ID is anonymized and contains no identifiable information like email, phone number, name, etc. We use GA to track aggregated website behavior, such as what pages you looked at, for how long, and so on. This information is important to us for improving the user experience and determining site effectiveness. If you would like to ask us to delete any GA data – please delete your _ga cookies and email us at users@crosstrax.co, and/or install the Google Analytics Opt-Out Browser Add-On.
Legal bases for processing (for EEA users)
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. The legal bases depend on the services you use and how you use them. This means we collect and use your information only where:
- We need it to provide our services to you, including making the Site available to you, to provide customer support and personalized features and to protect the safety and security of our services and the Site;
- It satisfies a legitimate interest (which is not overridden by your fundamental rights or interests), such as for research and development, to market and promote our services and to protect our legal rights and interests;
- We need to do so to satisfy the terms of our agreement with you or in contemplation of an agreement to be entered into with you;
- You give us consent to do so for a specific purpose; or
- We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
Information Sharing and Disclosure
Aggregate Information and Non-Identifying Information
We may share aggregated information based on your Personal Information, Non-Identifying Information and Log Data with third parties for industry analysis and demographic profiling and to deliver targeted advertising about other products and services.
Service Providers
We may employ employees or third party companies and individuals to facilitate our Site, to provide services associated with the Site on our behalf, to perform Site-related services (e.g., without limitation, maintenance services, database management, web analytics and improvement of the Site’s features), to assist us in analyzing how our Site is used and in connection with the operation of our business generally. These third parties have access to your Personal Information only to perform these tasks on our behalf. We will not sell or rent any personally identifiable information to third parties. These third parties are listed at the end of this document. Some of these third parties use “cookies” or other tracking devices on our Site, which are software programs or other systems that collect information about your use of our Site. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including policies and procedures designed to protect your information. The third parties are prohibited from using your Personal Information for any other purpose than that for which we engaged them.
Compliance with Laws and Law Enforcement
We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose limited information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect the property and rights of Risk Shield powered by CROSStrax or a third party, to protect the safety of the public or any person, or to prevent or stop activity we may consider to be, or to pose a risk of being, illegal, unethical or otherwise in violation of our Terms of Use. To the extent we are able, Risk Shield powered by CROSStrax will redact unnecessary identifiable personal data or personal data that may be of increased interest to intelligence agencies before complying with a request to disclose personal data to public authorities. Browsing history and topics followed by users will not be disclosed to public authorities.
Business Transfers
Risk Shield powered by CROSStrax may sell, transfer or otherwise share some or all of its assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.
How to Access and Control Your Data
You have certain choices available to you when it comes to your information. Below is a summary of those choices, how to exercise them and some limitations.
Your Choices:
You have the right to request a copy of your personal data, to object to our use of your personal data (including for marketing purposes), to request the deletion or restriction of your personal data, or to request your personal data in a structured, electronic format, the right to have your personal data rectified if it is incorrect, the right to withdraw your consent to processing of your personal data (where the consent is the lawful basis for such processing) and, if the General Data Protection Regulation of the European Union applies, the right to lodge a complaint with a supervisory authority, which may be the Data Protection Authority in the country where you reside. These rights are subject to certain limitations. If you would like further information concerning those limitations, please contact us.
You can exercise some of the choices by accessing the Site and using settings available within the Site. Otherwise, you can contact us to exercise your rights using the contact information below.
You may opt out of receiving marketing communications and automated messages from us by using the unsubscribe link within each email or by contacting us to have your contact information removed from all promotional and transactional emails. However, even after you opt out from receiving promotional messages from us, you will continue to receive certain transactional messages from us regarding our services such as payment failure notices or account suspension notices sent via email.
Security
Risk Shield powered by CROSStrax is very concerned with safeguarding your information. The security of your personal information is important to us. But remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. Risk Shield powered by CROSStrax is compliant with SOC 2 Type II security controls, and we use security measures, such as firewalls and Secure Sockets Layer (“SSL”) software, to safeguard the confidentiality of our users’ Personal Information. Information we collect about our users is stored on secured servers. If you have any questions about the security of the Site, please view Security at Risk Shield powered by CROSStrax or send an e-mail to users@crosstrax.co.
We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored “personal data” (as defined in applicable state statutes on security breach notification) to you via email or conspicuous posting on this Site in the most expedient time possible and without unreasonable delay, insofar as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.
International Transfer
Your information may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and provide information to us, you are transferring Personal Information to the United States and Risk Shield powered by CROSStrax processes it there.
EEA Users:
- Risk Shield powered by CROSStrax is based outside of the EEA and so are many of our third-party service providers, so processing of your Personal Information will involve a transfer of your personal data outside the EEA. The location where our third-party service providers process your personal data is shown at the end of this document.
- Whenever we transfer your personal data to a third-party outside of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US; or
- Where we transfer your personal data to a country that the European Commission has not determined provides an adequate level of protection for your personal data and the relevant third party is not a part of the Privacy Shield (if the transfer is to the US), we may use specific contractual clauses approved by the European Commission which give personal data the same protection it has in Europe; or
- We may transfer your personal data outside the EEA with your explicit, informed consent. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Links to Other Sites
Our Site may contain links to other websites. If you choose to click on a third-party link, you will be directed to that third party’s website. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit personal information from you. Other sites follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.
Our Policy Toward Children
This Site is not directed to persons under 18. We do not knowingly collect personally data, as defined in the GDPR, from children under 16. If we become aware that a child under 16 has provided us with personal data, we will delete such information from our files.
Your Consent; Notification of Changes
By visiting our Site, you consent to our collection, use and sharing of Personal Information, including personal data, as described in this Privacy Policy. If we decide to change this Privacy Policy, we will post those changes via our homepage so our users are aware of changes to the information we collect, how we use it, and under what circumstances we disclose it. Where we feel it is necessary and appropriate, we may also email you regarding changes to this Privacy Policy. If at any point we decide to use Personal Information in a manner different from that stated in our Privacy Policy at the time it was collected, we will notify you by way of an e-mail. Please check this Privacy Policy from time to time to make sure that you are aware of our latest Privacy Policy.
Questions; Contacting Us
If you have questions about this Privacy Policy or believe that Risk Shield powered by CROSStrax is not abiding by this Privacy Policy, you should contact us at:
Email: users@crosstrax.co
Address: Risk Shield powered by CROSStrax, Inc., 1217 Airport Road, Suite 417, Destin, FL 32541.
Third Party Processors/Subprocessors of Your Data
To support the Site, we use different service providers that may store and process personal data about you. This section provides important information about the identity, location, and role of these Data Processors/Subprocessors. We use different types of Processors/Subprocessors to perform various functions as explained in the table below.
Processor/Subprocessor | Location | Role |
---|---|---|
Amazon Web Services | https://aws.amazon.com | User accounts |
If you have any other questions, please email users@crosstrx.co