Last Updated April 12, 2019
If you have a contract for products or services with Entrust Datacard that references our Privacy Statement, please click here for the applicable language.
Personal data is information that identifies you personally, either alone or in combination with other information available to EDC (e.g., your name or email address). More detail about the types of personal data EDC collects is set forth below.
Information you provide to us
We collect personal data you provide to us when you visit our websites. This includes information you provide when you register to use our websites, purchase products or services from our websites, subscribe to our services, search for products, participate in discussion boards or other social media functions on our websites, enter competitions, promotions or surveys, or when you report a problem with our websites.
You are free to explore our websites without providing any information about yourself.
We also collect personal data you provide when you contact us via email or telephone, or during business-related events, trade shows, sales or marketing activities hosted by EDC or by third parties. The information you provide may include your location, name, phone number, email address, mailing address, job title, place of employment, financial and credit card information.
Information we collect
Like most software providers and operators of cloud services, we collect information relating to the access, usage and performance of our websites. This information is collected and stored in electronic records called logs. These logs may record the names, usernames, manner of access, time of access and location of access of those who have visited our websites.
Information third parties provide to us
On occasion, we receive personal data from third parties. For example, if you attend a meeting or event, the organizer of the event may share your personal data with us if they have obtained your consent to do so. We may combine this information with information you provide to us and information we collect about you. We will use this information and the combined information for the purposes set out below (depending on the types of information we receive).
We only process personal data where we have a legal basis to do so (e.g., necessary for the performance of a contract, to comply with a legal obligation, to pursue our legitimate interests or where we have consent). Here is a list of the most common uses for which we process personal data:
We may share and disclose your personal data, but only under the following circumstances:
We will never sell, rent or lease your information to a third party.
We only retain personal data for as long as necessary for the purpose in which it was collected. For example, where your personal data is needed to provide you with access to our websites, online products or services, we retain your personal data for the period in which we are providing that access unless we are required by law to dispose of it earlier or to keep it longer. We also retain personal data as necessary to comply with our legal obligations, resolve disputes, pursue legitimate business interests, conduct audits, and protect or enforce our rights.
All information you provide to us is stored on our internal and third party secure servers.
We use appropriate technical, organizational and administrative security measures to protect your personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These security measures are designed to provide a level of security appropriate to the risk of processing your personal data. For example, payment transactions are encrypted using SSL technology or have appropriate safeguards in place to ensure the security and integrity of your personal data where stored on third party servers.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our websites; any transmission is at your own risk. Once we receive your information, we use strict procedures and security features to try to prevent unauthorized access.
The personal data that we collect from you may be transferred to and/or stored at a destination on our servers or our third party servers that is different from the location where it was collected. It may also be processed by staff who work for us or for one of our suppliers in a location different from where the data was collected. We will only transfer your personal data where permitted to do so by law and we will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Statement. Certain privacy and data protection laws require data controllers to put in place safeguards to protect personal data transferred across borders. To comply with this requirement, EDC has put in place agreements that include the standard contractual clauses recommended by the European Commission to provide adequate safeguards for personal data.
The data controller of any personal data we hold about you is Entrust Datacard Corporation.
Depending upon the applicable data protection law in your country of residency, you may have the right to ask us for information relating to personal data about you we control and process; to correct, delete, or restrict any active processing of your personal data; to obtain a copy of your personal data in a structured, machine readable format; and to ask us to share this personal data with another controller.
Additionally, you can object to the processing of your personal data in some circumstances (e.g., where we don’t have to process the information to meet a legitimate interest, contractual or other legal requirement). Your right to object to processing of your personal data may be limited in certain circumstances (e.g., where fulfilling your request would reveal personal data about another person or where you ask us to delete information which we are required by law to keep or have other compelling legitimate interests to keep such as for purposes of fraud prevention).
If we have collected and processed your personal data with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal data on lawful processing grounds other than consent.
We may also send you direct marketing without requiring your consent; for example, where our marketing is not based on consent, but other lawful grounds (such as our legitimate interest in marketing our products and services to you). Note: This will not apply to electronic marketing to Canadian residents where consent is required.
Where we use your personal data for direct marketing purposes (whether based on consent or other lawful grounds), you still have the right to withdraw consent at any time. To opt out of receiving marketing communications from EDC, please click here.
We do not knowingly collect personal data on individuals under 18 years of age. Our websites, products and services are not intended for users under 18 years of age.
Our websites may contain links to third party websites. We do not control, and are not responsible for, the content or privacy practices of these other websites. Our provision of such links does not constitute our endorsement of these other websites, their content, their owners, or their practices. This Privacy Statement does not apply to third party websites.
We reserve the right to amend this Privacy Statement from time to time as our business, laws, regulations and industry standards evolve. Any changes are effective immediately following the posting of such changes on www.entrustdatacard.com. We encourage you to review this statement from time to time to stay informed.
If you have questions or concerns about this Privacy Statement or our handling of your personal data, please contact us at [email protected]. To submit a Data Subject Access Request, please use our online form. We will do our best to answer your questions and address your concerns. If you are still not satisfied, you may lodge a complaint with your national data protection supervisory authority. The European Data Protection Board authorities can be found here. The Office of the Privacy Commissioner of Canada can be found here.