Data Elements LLC ("we," "us," or "our") operates www.trustelements.com (the "Platform").
This Privacy Policy outlines the types of information we collect, how we use and protect that information, and your choices regarding the collection and use of your information.
- Information We Collect
- Personal Information: We may collect personally identifiable information ("Personal Information") that you provide to us when you use our Platform. This may include your name, email address, phone number, company name, cyber insurance details and other information you choose to provide.
- IT Data: We may collect Network Information, System Information, Vulnerability Data, Patch Information, Access Control Information, Log Files Information, Open Ports and Services Information, Certificates Data, Domain and DNS Information and other data that can be collected or provided during the Internal and/or External Scans. We collect this data solely for the purpose of identifying and mitigating vulnerabilities and improving the security of the company's systems.
- Compliance Data: We may collect data about Policies and Procedures, Security Risk Analysis Reports, Trainings and Evaluations results and other data that can be collected or provided during the risk assessment.
- Log Data: When you use our Platform, we automatically collect certain information sent by your browser or device, such as your IP address, browser type and version, device type, operating system, and other similar information. This data is used for analytical purposes and to improve the functionality of the Platform.
- Cookies and Similar Technologies: We may use cookies, web beacons, and other similar technologies to collect information about your use of the Platform. Cookies are small files stored on your device that enable us to recognize your browser and capture certain information. You can modify your browser settings to refuse cookies or notify you when cookies are being used.
- Consent: By using our Platform and providing access to your sensitive data, you consent to the collection, storage, and processing of this data for the purposes outlined in this Privacy Policy.
- Use of Information
- Mitigation and Recommendations: Based on the analysis of the sensitive data, we provide recommendations and guidance to companies on how to address identified vulnerabilities and improve their security posture.
- Aggregated and Anonymized Data: We may use aggregated and anonymized data derived from the sensitive data collected to generate statistical insights, improve our services, and develop industry benchmarks. This data will not contain any personally identifiable information.
- Third-Party Engagement: We do not sell, trade, or otherwise transfer the sensitive data to third parties without the explicit consent of the company. However, we may engage trusted third-party service providers who assist us in delivering our services, and they may have access to the sensitive data solely for the purpose of providing those services. We ensure that such third-party service providers are bound by confidentiality and data protection obligations.
- We use the information we collect to provide, maintain, and improve our Platform, as well as to communicate with you, respond to your inquiries, and fulfill your requests.
- We may also use your Personal Information to send you promotional materials, updates, and newsletters, unless you opt out of such communications.
- We do not sell, trade, or otherwise transfer your Personal Information to third parties unless we have obtained your consent or are required by law to do so.
- Data Security
- We implement robust security measures to protect sensitive data from unauthorized access, disclosure, alteration, or destruction. We follow industry best practices to safeguard data, including the use of encryption, access controls, and regular security assessments.
- Retention Period: We retain the sensitive data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal and regulatory requirements.
- User Rights
- Right to Access: Users have the right to request access to the sensitive data collected about them. They can inquire about the specific types of data collected and how it is being used.
- Right to Rectification: Users have the right to request the correction or updating of any inaccurate or incomplete sensitive data that is stored about them.
- Right to Erasure: Users have the right to request the deletion of their sensitive data from the cybersecurity platform's systems, subject to any legal obligations or legitimate reasons for retaining the data.
- Right to Restrict Processing: Users have the right to request the limitation of processing their sensitive data under certain circumstances, such as when they contest the accuracy of the data or when the processing is unlawful.
- Right to Data Portability: Users have the right to receive a copy of their sensitive data in a structured, commonly used, and machine-readable format. They may also have the right to request that the data be transferred to another organization, where technically feasible.
- Right to Object: Users have the right to object to the processing of their sensitive data based on legitimate interests pursued by the cybersecurity platform. The platform must provide compelling legitimate grounds for the processing that override the user's interests, rights, and freedoms.
- Right to Withdraw Consent: If the processing of sensitive data is based on user consent, users have the right to withdraw their consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
- Right to Lodge a Complaint: Users have the right to lodge a complaint with a supervisory authority or data protection authority if they believe that their rights regarding their sensitive data have been violated.
- Right to Information Security: Users have the right to expect the cybersecurity platform to implement appropriate technical and organizational measures to safeguard their sensitive data and protect it from unauthorized access, disclosure, alteration, or destruction.
- Compliance with Laws and Regulations
- We adhere to all applicable data protection laws, regulations, and industry standards to ensure the privacy and security of user data. We strive to maintain compliance with relevant regulations, to protect the rights and interests of our users.
- Children's Privacy
- Our Platform is not intended for individuals under the age of 18. We do not knowingly collect Personal Information from children. If you believe we have inadvertently collected information from a child, please contact us immediately, and we will take appropriate steps to remove the information.
- Third-Party Websites and Services
- Our Platform may contain links to third-party websites or services. This Privacy Policy does not apply to such third-party websites or services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of those third parties.
- Changes to this Privacy Policy
- We may update this Privacy Policy from time to time, and any changes will be effective upon posting of the revised policy on the Platform. We encourage you to review this Privacy Policy periodically for any updates or changes.
- Contact Us
- If you have any questions, concerns, or suggestions regarding this Privacy Policy, please contact us at contact@trustelements.com.