Last Updated April 27, 2020
Personal data is information that identifies you personally, either alone or in combination with other information available to Entrust (e.g., your name or email address). More detail about the types of personal data Entrust collects is set forth below.
What Personal Data Does Entrust Collect?
Information you provide to us
We collect personal data you provide to us when you visit our websites. This includes information you provide when you register to use our websites, purchase products or services from our websites, subscribe to our services, search for products, participate in discussion boards or other social media functions on our websites, enter competitions, promotions or surveys, or when you report a problem with our websites.
You are free to explore our websites without providing any information about yourself.
We also collect personal data you provide when you contact us via email or telephone, or during business-related events, trade shows, sales or marketing activities hosted by Entrust or by third parties. The information you provide may include your location, name, phone number, email address, mailing address, job title, place of employment, financial and credit card information.
Information we collect
Like most companies with an online presence, we collect information relating to the access, usage and performance of our websites. This information is collected and stored in electronic records called logs. These logs may record the names, usernames, manner of access, time of access and location of access of those who have visited our websites.
Information third parties provide to us
On occasion, we receive personal data from third parties. For example, if you attend a meeting or event, the organizer of the event may share your personal data with us if they have obtained your consent to do so. We may combine this information with information you provide to us and information we collect about you. We will use this information and the combined information for the purposes set out below (depending on the types of information we receive).
How Do We Use the Information We Collect?
We only process personal data where we have a legal basis to do so (e.g., necessary for the performance of a contract, to comply with a legal obligation, to pursue our legitimate interests or where we have consent).
Here is a list of the most common uses for which we process personal data:
- To set up your user account and validate your license to access our websites, online products and services;
- To process and complete online transactions and send related information, including transaction confirmations and invoices;
- To provide, maintain or troubleshoot access to our websites, online products, and services;
- To improve the content, functionality and usability of our websites, online products and services;
- To investigate and prevent fraudulent activity or unauthorized access to our websites, online products or services;
- To provide you with effective customer service;
- To conduct internal research and development;
- To comply with applicable laws or regulations;
- To contact you with special offers and other information we believe may be of interest to you and related to your use of our websites, products and services;
- To invite you to participate in surveys and provide feedback to us;
- To better understand your needs and interests;
- To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- To ensure that content from our site is presented in the most effective manner for you and for your device.
Does Entrust Share and Disclose Personal Data?
We may share and disclose your personal data, but only under the following circumstances:
- We may disclose or transfer your personal data to Entrust subsidiaries or affiliates.
- We may disclose or transfer your personal data as part of a potential or actual company merger, acquisition, sale of a portion of Entrust or our assets or as part of a bankruptcy proceeding or a business reorganization.
- We may disclose your personal data to Entrust partners selling Entrust products and services that may be of interest to you.
- We may share your personal data with third parties who provide services to us. Examples of third-party service providers include payment processing providers, credit reference agencies, website analytics companies, and service providers who operate, maintain and support our websites, products and services.
- We may disclose personal data in aggregate form to others, including strategic partners, advertisers, investors, and customers.
- We may disclose personal data to protect, enforce or defend our rights or those of others, or where we believe the disclosure is required by law.
- We may disclose personal data to prevent or investigate a possible crime, such as fraud or identity theft, or to protect the security of our websites, products and services.
How Long Do We Retain Personal Data?
We only retain personal data for as long as necessary for the purpose in which it was collected. For example, where your personal data is needed to provide you with access to our websites, online products or services, we retain your personal data for the period in which we are providing that access unless we are required by law to dispose of it earlier or to keep it longer. We also retain personal data as necessary to comply with our legal obligations, resolve disputes, pursue legitimate business interests, conduct audits, and protect or enforce our rights.
Where Do We Keep Your Personal Data and How Do We Protect it?
All information you provide to us is stored on our internal and third party secure servers.
We use appropriate technical, organizational and administrative security measures to protect your personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These security measures are designed to provide a level of security appropriate to the risk of processing your personal data. For example, payment transactions are encrypted using SSL technology or have appropriate safeguards in place to ensure the security and integrity of your personal data where stored on third party servers.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our websites; any transmission is at your own risk. Once we receive your information, we use strict procedures and security features to try to prevent unauthorized access.
International Data Transfers
The personal data that we collect from you may be transferred to and/or stored at a destination on our servers or our third party servers that is different from the location where it was collected. It may also be processed by staff who work for us or for one of our suppliers in a location different from where the data was collected. We will only transfer your personal data where permitted to do so by law and we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Statement. Certain privacy and data protection laws require data controllers to put in place safeguards to protect personal data transferred across borders. To comply with this requirement, Entrust has put in place agreements that include the standard contractual clauses recommended by the European Commission to provide adequate safeguards for personal data.
Who is the Data Controller?
The data controller of any personal data we hold about you and that is subject to this Privacy Statement is Entrust Corporation.
What Rights Do You Have With Respect to Your Personal Data?
Depending upon the applicable data protection law in your country of residency, you may have the right to ask us for information relating to personal data about you we control and process; to correct, delete, or restrict any active processing of your personal data; to obtain a copy of your personal data in a structured, machine readable format; and to ask us to share this personal data with another controller.
Additionally, you can object to the processing of your personal data in some circumstances (e.g., where we don’t have to process the information to meet a legitimate interest, contractual or other legal requirement). Your right to object to processing of your personal data may be limited in certain circumstances (e.g., where fulfilling your request would reveal personal data about another person or where you ask us to delete information which we are required by law to keep or have other compelling legitimate interests to keep such as for purposes of fraud prevention). We may need to request additional information from you to verify your identity or understand the scope of your request, although you will not be required to create an account with us to submit a request or have it fulfilled.
If we have collected and processed your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data on lawful processing grounds other than consent.
We may also send you direct marketing without requiring your consent; for example, where our marketing is not based on consent, but other lawful grounds (such as our legitimate interest in marketing our products and services to you). Note: This will not apply to electronic marketing to Canadian residents where consent is required.
Where we use your personal data for direct marketing purposes (whether based on consent or other lawful grounds), you still have the right to withdraw consent at any time. To opt out of receiving marketing communications from Entrust, please click here.
We do not knowingly collect personal data on individuals under 18 years of age. Our websites, products and services are not intended for users under 18 years of age.
Our websites may contain links to third party websites. We do not control, and are not responsible for, the content or privacy practices of these other websites. Our provision of such links does not constitute our endorsement of these other websites, their content, their owners, or their practices. This Privacy Statement does not apply to third party websites.
Amendments to This Privacy Statement
We reserve the right to amend this Privacy Statement from time to time as our business, laws, regulations and industry standards evolve. Any changes are effective immediately following the posting of such changes on www.entrustdatacard.com. We encourage you to review this statement from time to time to stay informed.
If you have questions or concerns about this Privacy Statement or our handling of your personal data, please contact us at [email protected]. To submit a Data Subject Access Request, please use our online form. We will do our best to answer your questions and address your concerns. We will not discriminate against you for exercising any of your rights as a data subject. If you are still not satisfied, you may lodge a complaint with your national data protection supervisory authority. The European Data Protection Board authorities can be found here. The Office of the Privacy Commissioner of Canada can be found here.