TrustCor Systems S. de R.L. Privacy Policy

TrustCor Systems S. de R.L. and its subsidiaries (“TrustCor CA”, “TrustCor”, “we” or “us”) are committed to protecting the privacy of its Website visitors (“you”) and Customers (“you” or “Customer”) and employees or agents of Customers (“you” or “Individuals”). As a result, TrustCor has developed this Privacy Policy (“Privacy Policy”) to inform its Website visitors, Customers and Individuals about how TrustCor will collect, use, share or otherwise process any personal data or usage information. Different regulations may apply to the use of individual services. This Privacy Policy applies to all sites owned and operated by TrustCor (collectively, “Websites,” individually referred to as a “Website,” meaning each and every Website owned and operated by TrustCor). This Privacy Policy also applies to TrustCor CA's provision of website certificate services (the “Validation Services” , “Services” or “Certificates”).

The protection of your personal data is very important to us. Therefore, we handle your information and personal data (eg name, address, e-mail, telephone number, etc.) with great care and in accordance with the relevant statutory provisions of the General Data Protection Regulation (“GDPR”). For the purpose of the GDPR’s and any local privacy laws, we are the data controller of personal information obtained through our Website. We are a data processor in relation to the Individuals’ personal information that we receive from Customers (data controllers), either directly or through resellers, and that we process at the Customer’s instructions, as well as according to applicable Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates (“Baseline Requirements” or “Industry Standards”), in order to issue Certificates.

In this Privacy Policy we inform you about our data processing methods. We explain to you which data will be processed by us when accessing our Website. 

Information Gathered by TrustCor

  • Through our Website: TrustCor collects information you voluntarily submit to us. It is up to you whether to submit information, and how much information you provide. If you choose to become a TrustCor Customer, we may ask for information such as your name, organization, email address, mailing address and/or phone number. Customers who voluntarily submit information via our Website, email, by creating an account or otherwise, do so in order to use TrustCor products and services, or to submit sales or technical support questions.
  • From Customers: Customers request TrustCor Certificates through their account in TrustCor’s Website (the “Account”). When submitting a request, Customers provide to TrustCor the following information about Individuals: name, email address, telephone number, address and government-issued identification (if applicable and which may include additional information, depending on the certificate type and identification used). Where Customers share personal information of Individuals with TrustCor, Customers represent that they have collected and processed such information in accordance with data protection laws, and that they have duly informed the Individuals that their personal information was provided to TrustCor. TrustCor will process such information following Customer instructions, as strictly necessary to provide the services contracted by Customer.
  • Additional Information Collected: In the course of the Services, TrustCor will collect the information that you provide while enrolling in the Services (e.g., business contact names, business telephone numbers, business e-mail/addresses, payment information, domain names, password and security questions and answers), and will treat and process the information in accordance with the Privacy Policy, as amended from time to time and accessible from the home page of the Website.

Use of Information

  • Products and services, sales and support: TrustCor uses information provided by Customers to carry out our business offerings as it is in our legitimate interest to provide our products and services, send order confirmations, respond to Customer service requests, answer sales questions and provide technical support needs, and fulfill your order, including using the information to verify the identity of the Customer or to contact the customer in order to discuss support, renewal and the purchase of products and services.
  • Validation services: TrustCor uses information provided by Customers to perform Validation Services, in accordance with Industry Standards. TrustCor uses this information as follows: (i) to perform our contracts with Customers that are natural persons; (ii) based on the legitimate interest of TrustCor to provide services to Customers that are legal entities; and (iii) based on the legitimate interest of Customers to have TrustCor issue Certificates. Please refer to TrustCor CA’s Certificate Subscriber Agreement and Certificate Terms of Use for details on how Customer can request Certificates.
  • Notification emails: While a customer account is active, TrustCor will send notification emails to Customers to provide support and security updates in relation to our products and services, as this is necessary for the performance of our contracts with Customers. Notification emails are used to respond to inquiries, provide support and validation services, provide security updates and inform the Customer about ordered products and services. Because notification emails contain essential information related to the use and security of TrustCor’s products and services, Customers are not able to unsubscribe from notification service emails while their Customer account is active.
  • Technical usage: In general, it is in our legitimate interest to ensure the proper functioning of our Website, and further its vision, including to protect privacy, defend freedom and innovation, and to protect your rights in the digital world. Which could include monitoring usage activity and trends, in order to keep our Website safe and secure when you visit the Website. We may collect information sent to us by your computer, mobile phone or other access device in order to diagnose problems with or consider improvements to our servers or related technologies. This information includes: your IP address; device information including, but not limited to, name, type of operating system, and standard web information, such as your browser type and the pages you access on our Website. Such information will be used for the purposes for which it was collected.
  • How long we store your data: We only keep your information as long as we deem necessary in order to offer our products and services, to provide sales and support and to remain in accordance with Industry Standards. Exceptions may apply to inactive accounts and expired certificates when it is necessary for us to retain data for the purpose of defending against legal claims, resolving disputes or enforcing Customer agreements.

Cookies & Tracking

What is a cookie?

A cookie is a small piece of data sent from a website and stored on the user's computer by the user's web browser while the user is browsing. It contains data for technical session control and, in particular, the identification of your browser for the duration of your visit to the website. Cookies also enable us to tailor the website to your specific interests and to improve the functionality of websites. 

What cookies do we use?

We do not use persistent ID cookies on this site except where you click “remember me” or when you are logged in. We use session cookies on certain portions of our services. Session cookies expire when you close your browser. You can control the use of cookies at the individual browser level, or by using Tor if you wish to keep your connection information anonymous, but if you choose to disable cookies, it will limit your use of certain features or functions on our Website or service, affecting your website experience. Please note that you can still be identified to TrustCor if you log in.

Third Party Services

TrustCor will publicly disclose information embedded in an issued Certificate as necessary to provide the services contracted by Customer, in accordance with Industry Standards.

When performing its services, TrustCor uses third party sources to confirm or supplement the information that it obtains from a Customer, including information about Individuals. TrustCor uses such information from third party sources exclusively for the purposes of its Validation Services, based on the legitimate interests of TrustCor and of the Customer to provide services and have a Certificate issued.

TrustCor never sells or provides personal information to third parties for uses apart from assisting TrustCor in servicing our Customers and website visitors. We will share your personal information with third parties including these categories of recipients: (i) IT Service Desk providers that provide us with support and ticketing services to assist with Customer communications, reporting and service requests; and (ii) credit card and payment providers that help process payments for us. The information collected from TrustCor Customers remains protected by the terms of our agreements with those providers and we will ensure that the information be kept confidential and disclosed only to designated staff who require such access in the course of their assigned duties. TrustCor also requires all of our third party service providers to notify TrustCor if they receive legal process seeking information about visitors to TrustCor’s website or services.

TrustCor may change the specific third party providers from time to time, and will transfer stored information to any new provider subject to similar restrictions and agreements. We encourage users to read the privacy policies of any website visited via links from or interactions with the TrustCor website or related services. Where appropriate, we will provide specific notice of these third party services at the point of interaction. It is our policy not to include third party resources when users initially load our web pages, but we may dynamically include them later after giving the user a chance to choose to interact with them. If you believe a third party resource is automatically loading, please let us know so we can address it.

Disclosure of Information

While TrustCor endeavors to provide the highest level of protection for your information, we may disclose personally identifiable information about you to third parties in limited circumstances, including: (i) with your consent; (ii) in relation to an issued Certificate; (iii) when we are required by law, such as pursuant to a subpoena or other judicial or administrative order; or (iv) if we have a good faith belief that such use is reasonably necessary to enforce our terms of use and other agreements, including investigation of any potential violation thereof.

Your Rights

In most cases, a Customer of Individual may choose to review, correct, update and delete inaccuracies of information provided through its TrustCor account management page.

In certain circumstances, individuals also have the following rights:

  • Access and information: You have the right to know whether we process personal data about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
  • Correction, erasure and restriction of processing: You have the right to require us to correct any personal data held about you that is inaccurate and have incomplete data completed or ask us to delete data (i) where we are processing your data on the basis of our legitimate interest and you object to such processing; or (ii) if you believe the personal data we hold about you is being unlawfully processed by us. You can ask us to restrict processing data we hold about you other than for storage purposes if you believe the personal data is not accurate (while we verify accuracy). Customers and Individuals cannot edit a TrustCor CA Certificate directly. In order to update information in a Certificate, including personal information, Customers or Individuals must submit a change request through the Customer’s account, and TrustCor will implement the edits where applicable.
  • Questions or complaints: If you have any questions regarding the processing of your data, you can contact us via a contact form, by email (support@trustcor.ca) or via postal mail letter to the following address: TrustCor Systems, 371 Front Street West #227, Toronto ON M5V 3S8 Canada. In this case, the information you provide will be stored for the purpose of processing the contact. If you are an EU or Switzerland resident, and you wish to make a complaint about how we process your personal data, please contact us in the first instance at gdpr@trustcorsystems.com and we will endeavor to deal with your request. Before we respond to your request, we will ask you to verify your identity. Note that these rights in their entirety only apply to EU or Switzerland residents and subject to the applicable law of the jurisdiction where you reside. Where exercise of a particular data subject right is not required by law, your request will be handled on a case-by-case basis.

Security

TrustCor employs industry standard security measures to protect the loss, misuse and alteration of the information under our control. TrustCor has turned on HTTPS by default.

Although we make good faith efforts to store information collected by TrustCor in a secure operating environment, we cannot guarantee absolute security. We take all necessary security and legal precautions to ensure the safety and integrity of the Individuals’ personal data that we receive from a Customer, including, as appropriate, (i) ensuring the ongoing confidentiality, integrity, availability and resilience of processing systems and services; (ii) restoring the availability and access to personal data in a timely manner in the event of a physical or technical incident; (iii) only maintaining information we collect for a length of time appropriate to our needs; and (iv) regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing.

We assume no liability for the unauthorized access or loss of personal data outside our sphere of influence. 

Applicability

Our website may contain links to third party websites whose privacy practices may differ from those of TrustCor and are beyond our control. Therefore, these third party websites are not covered by this Privacy Policy. If you submit personal information to any of those websites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policies of those third party websites before you submit any information to those websites.

Changes to this Privacy Policy

Changes to this Privacy Policy may be required from time to time, for example because of the evolution of our Website or due to changes in law. TrustCor therefore reserves the right to change the Privacy Policy at any time with effect to a future date. We recommend that you read this Privacy Policy regularly. This Privacy Policy was last updated on: February 1, 2019.