PRIVACY POLICY

PRIVACY POLICY

Last Updated: Oct 08, 2024

Updates in this version of the Privacy Policy reflect changes in data protection law. In addition, we have worked to make the Privacy Policy clearer and more understandable. Addition of 3rd party sharing of phone numbers is added.

This Privacy Policy (“Privacy Policy”) explains how iTRUST.io LLC , Inc. (“iTRUST ”, “we”, “us”, “our”) may collect, use and share information from or about you (“Licensee” or “you”) when you access and use our services (including iTRUST), client software applications and websites (collectively the “Services”) that link to or otherwise reference this Privacy Policy.  This Privacy Policy is governed by our Terms of Service and incorporates our Data Protection Addendum, if applicable to you.  By using the Services, you consent to the data practices described herein.  As technology and circumstances change, we will continue to update, modify, and enhance this Privacy Policy for your benefit.  It is your responsibility to review this Privacy Policy frequently and remain informed about any changes to it, so we encourage you to visit this page often.

Our Privacy Policy is our commitment to you that we provide not only the highest quality services and products, but that we understand that you expect us to safeguard the personal and business information that we collect.  All of our employees and data processors that have access to and/or are associated with the processing of personal information are obliged to respect the confidentiality of your personal information. To this end, our Privacy Policy allows you to make an informed decision regarding your usage of the Services that we provide.

If you are using our Services to interact with your customers, it is your obligation and responsibility to make sure your customers understand how you (and iTRUST) collect and process their personal information as the data controller. Accordingly, if you use the Services, you agree to post an up-to-date, accurate, and easily accessible privacy policy that complies with the laws applicable to your business and territory. You also agree to obtain consent from your customers for the use and access of their personal information by iTRUST, and other third parties, as applicable. In addition, if you are collecting any sensitive personal information from your customers (including information relating to medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or sexuality), you agree to obtain affirmative, express consent from your customers for the use and access of sensitive personal information by iTRUST and other third parties, as applicable.

  1. TYPES OF INFORMATION WE COLLECT
  2. HOW WE USE YOUR INFORMATION
  3. HOW WE SHARE YOUR INFORMATION
  4. LIABILITY FOR ACTS OF THIRD PARTIES 
  5. CHILDREN
  6. YOUR RIGHTS AND CHOICES
  7. LOCATION OF YOUR INFORMATION
  8. DATA PRIVACY FRAMEWORK NOTICE FOR INDIVIDUALS IN THE EU, UK, AND SWITZERLAND
  9. HOW WE PROTECT YOUR INFORMATION/ HOW LONG WE KEEP YOUR INFORMATION
  10. LINKS TO THIRD PARTY WEBSITES
  11. SOCIAL MEDIA FEATURES AND WIDGETS
  12. UPDATES TO OUR PRIVACY POLICY
  13. PERSONAL DATA OF CALIFORNIA RESIDENTS 
  14. CONTACT

1. TYPES OF INFORMATION WE COLLECT

We may collect the following information about you, your use of the Services, and others who use the Service through your accounts:

 

  • Your name, company name, address, email address, phone number(s), and payment details (for example, your credit card information).
  • We use this information to provide you with access to our Services; for example, to confirm your identity, contact you, inform you of new features and products, and invoice you. We also use this information to make sure that we comply with the legal requirements.
  • Information obtained via 3rd party authentication systems such as Google authentication (email address and name).
  • Personal information about your customers that you share with us or that your customers provide to us while using our Services via your websites or applications.
  • We use this information to provide you with our Services and so that you can process orders and better serve your customers.
  • Questions, feedback, and other messages you address to us directly through tech support, online forms, and social media platforms. If you contact us by phone, we may record the conversation and/or keep a summary of the call.
  • Other information you provide to us such as posted comments, date of birth, photos, etc.
  • Device Information including your IP address, browser types, browser language, operating system, platform type, device types, and device IDs such as unique identifiers (mobile device tokens).
  • Usage Information including files you download, domain names, landing pages, your browsing activity, scrolling, and keystroke activity, pages viewed, forms or fields you complete or partially complete, search terms, whether you open an email and your interaction with the content, access times, and error logs, and other similar information.
  • Location information including the city, state, and ZIP code associated with your IP address, information derived through WiFi triangulation, and precise location information from GPS-based functionality on your mobile devices or from your use of our mobile applications, and with your consent, your precise GPS information.
  • Offline Information that may be stored while you are offline and transmitted to us when you next connect to the Internet, regardless of where you connect from or the device you use to connect.
  • Information collected through cookies, web beacons, and other tracking technologies.

2. HOW WE USE YOUR INFORMATION

We may use the information collected for purposes such as:

 

  • to provide technical support including the detection, prevention, and resolution of security and technical issues;
  • to respond to customer support requests; 
  • otherwise to fulfill the obligations under the Terms of Service
  • improve your experience and improve the Services;
  • send information to you which we think may be of interest to you by post, email, or other means and send you marketing communications relating to our business;
  • promote the use of our Services to you and share promotional and information content with you;
  • provide other companies with statistical information about our users -- but this information will not be used to identify any individual user;
  • send information to you regarding changes to our Terms of Service, Privacy Policy, or other legal agreements; and to meet legal requirements.

We may combine all the information we collect from or receive about you for any of the foregoing purposes. Please see Your Rights and Choices section for further information.

We may aggregate or de-identify your information and may use, share, rent or sell aggregated or de-identified information for any purpose and such information is not subject to this Privacy Policy.  We will never sell your personal information to any third party except in the case of Sale or Transfer of all or Part of our Business or Assets (see below).

Credit Card and Sensitive Information:

When you enter sensitive information, such as credit card information, we encrypt the transmission of that information using secure socket layer technology (“SSL”). Other information that you send via standard email will not be subjected to this high level of encryption, so we advise you accordingly that you should never submit sensitive personal information such as credit card numbers and so forth via standard email to us.

We maintain your credit card related information once your purchase has been verified and processed via your credit card service provider for future usage, within a secured system. In the event of a chargeback, the credit card service provider will provide us with such information for the purpose of our evaluation of the chargeback request, including any protestations and or feedback issued by our company if we determine fraud has taken place. In the event of credit card fraud and similar defaulted payments, the credit card related information shall be used for collection-related purposes.

As noted above, we follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our website, you can contact us at team@itrust.io

3. HOW WE SHARE YOUR INFORMATION

We may share your information with:

 

  • Service providers that perform certain business-related functions on our behalf: including website hosting, transaction fulfillment, payment processing, fraud prevention, technology services, and platforms, and identity management.

  • Law Enforcement Agencies, Regulators, Content Protection Organizations, Anti-fraud Coalitions, and other groups to:
  • protect our legal rights, privacy or safety, and that of our employees, agents, contractors, or other individuals;
  • protect the safety and security of other users of the Services;
  • protect against fraud or other illegal activity or for risk management purposes;
  • respond to inquiries or requests from government, regulatory, law enforcement, or public authorities;
  • permit us to pursue available remedies, commence, participate in, or defend litigation, or limit the damages that we may sustain;
  • comply with the law including with subpoenas, search warrants, court orders, and other legal processes; or enforce applicable terms of service.

  • In the event that iTRUST is involved in a merger, acquisition, transfer of control, bankruptcy, reorganization or sale of assets, or diligence associated with such matters, we may sell or transfer the information described in this Privacy Policy as part of that transaction.

Mobile Phone Numbers:

  • No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

  • OPT IN CONSENT: By submitting your phone number, you are authorizing to send you text messages and notifications. Message/data rates apply. Reply STOP to unsubscribe to a message sent from us.

4. LIABILITY FOR ACTS OF THIRD PARTIES 

iTRUST accountability for personal data that it receives in the United States under the Data Privacy Frameworks and subsequently transfers to a third party is described in the Data Privacy Framework Principles. In particular, we remain responsible and liable under the Data Privacy Framework Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the damage. 

Although iTRUST will use all reasonable efforts to safeguard the confidentiality of the Registration Data, transmissions made by means of the Internet cannot be made absolutely secure. iTRUST will have no liability for disclosure of Registration Data due to errors in transmission or unauthorized acts of third parties.

5. CHILDREN

Our Services are not directed at children. We do not knowingly collect information from children under the age of 18. As per our Terms of Service, children under the age of eighteen (18) years may not register for our Services. If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us at team@itrust.io so we may delete the information.

6. YOUR RIGHTS AND CHOICES

 

  • Communication Preferences and Opt-outs: You may unsubscribe from our email newsletters or promotional emails by following the opt-out instructions contained in the email. You cannot unsubscribe from service-related, transactional, or emails related to your Services.
  • Cookies and Similar Technologies: We use cookies and other tracking technologies (e.g., web beacons, pixels, ad tags and device identifiers) when you create an account through our website, to recognize you and/or your device(s) on, off and across different Services and devices and to assist the functionality of other tools, services, research, analytics, and internal operations. In the future, we may also choose to use cookies and other tracking technologies for other purposes such as contextual advertising.
  • Access, Correction, and Deletion: You may request access to correct, update, or delete all your personal information by emailing team@itrust.io . We will respond to your request within 30 days.

7. LOCATION OF YOUR INFORMATION

iTRUST is located in the United States. From time to time, your information may be transferred to or from other countries. We will take steps to ensure that your information receives an appropriate level of protection.

International Data Transfers Using the Model Clauses: iTRUST relies on the Model Clauses set forth by the European Commission for intercompany transfers of personal data from the EEA to our data centers located outside of the EU. iTRUST also has in place model clauses with any third-party vendors or partners to whom it may pass personal information.

8. DATA PRIVACY FRAMEWORK NOTICE FOR INDIVIDUALS IN THE EU, UK, AND SWITZERLAND

iTRUST complies with the EU-U.S. Data Privacy Framework program (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework program (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.Our organization is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) to ensure compliance with privacy and data security laws.

iTRUST has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. iTRUST has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework program Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov.

Pursuant to the Data Privacy Framework, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the Data Privacy Framework, should direct their query to team@itrust.io If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to team@itrust.io

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the EU-US Data Privacy Framework Principles, iTRUST commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF Principles. European Union, Swiss and United Kingdom individuals with DPF inquiries or complaints should first contact:

iTRUST.io LLC

ATTN: Legal Department

1201 Brickell Ave

Miami, FL 33131

Email: team@itrust.io

iTRUST has further committed to refer unresolved privacy complaints under the DPF Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/programs/all-programs/dpf-consumers/ProcessForConsumers for more information and to file a complaint. This service is provided free of charge to you.

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2.

9. HOW WE PROTECT YOUR INFORMATION/ HOW LONG WE KEEP YOUR INFORMATION

We maintain procedural, technical, and physical safeguards for the Services to help protect against the loss, misuse, or unauthorized access, disclosure, alteration, or destruction of the information you provide via the Services. These safeguards vary depending upon the sensitivity of the information we collect and store. Please be aware that no security solutions are infallible.

We will keep your information only for as long as it is necessary to fulfill the purposes described above unless longer retention is required or permitted by law, after which we will delete or anonymize it. The period we keep your information will vary depending on your interactions with the Services. For example, depending on the type of Services you use, we may retain your account data for a reasonable period of time after your last activity or after you stop paying for the relevant services. This is to enable you to easily come back and start using the service again. We may also keep a record of correspondence with you relating to the Services you use, for example, if you have made a complaint, for as long as is necessary to protect us from a legal claim. Similarly, when you unsubscribe from our email newsletters or promotional emails, we will keep a record of your email address to ensure we do not send you marketing emails in the future.

10. LINKS TO THIRD PARTY WEBSITES

You acknowledge that iTRUST provides links to third party websites, but that iTRUST is not responsible for the content of such third-party websites or their terms, conditions, or privacy policies. You acknowledge that you must carefully review the terms, conditions, and privacy policies of all websites prior to using said third party websites and you assume all risk of using third-party websites. Furthermore, you understand and agree to not hold iTRUST responsible for any third-party content provided on the iTRUST Services that may infringe on intellectual property rights, rights of privacy or publicity, or any rights of any nature in any jurisdiction.

11. SOCIAL MEDIA FEATURES AND WIDGETS

Our website includes Social Media Features (such as the Facebook and Twitter buttons) and/or Widgets (interactive mini-programs that run through our website). Social Media Features and Widgets are either hosted by a third party or hosted directly on our Site. The third parties that own these Social Media Features and Widgets may collect your IP address and which page(s) you are visiting on our website and may set a cookie to enable the Feature or Website to function properly. Your interactions with these Social Media Features and Widgets are governed by the privacy policy of the company providing it.

12. UPDATES TO OUR PRIVACY POLICY

We may update this Privacy Policy to reflect changes to our information needs and practices. If we make any material changes, we will notify you before these changes come into effect at the email address specified in your account or via a notice on this website. We encourage you to periodically review this page for the latest information on our privacy practices and to always remind your Users of changes to our Privacy Policy.

13. PERSONAL DATA OF CALIFORNIA RESIDENTS

This section describes how iTRUST manages Personal Information of California residents under the California Consumer Privacy Act (“CCPA”) and amended by the California Privacy Rights Act of 2020 ("CPRA").

This section does not apply to information that is: exempted from the scope of the CCPA; collected in a business context to perform due diligence, provide services to, or receive services from a company or organization; personal information we collect, use, and share on behalf of our clients as a ‘service provider’ in relation to the CCPA.

In reference to the CCPA, California privacy rights include:

  • Right to Nondiscrimination. You can exercise the rights described in this section free from discrimination prohibited by the CCPA.
  • The Right to Know. This is information you can request following how we have collected and used your personal information during the past 12 months regarding categories: of the personal information we have collected; sources from which we have collected the personal information; third parties with whom we share the personal information;  personal information that we sold or disclosed for a business purpose; third parties to whom the personal information was sold or disclosed for a business purpose; and business or commercial purpose for collecting or selling personal information. 
  • Right to Know Access. You can request a copy of the personal information that we have collected about you over the past 12 months. 
  • Right to Deletion. You can ask us to delete personal information that we have collected from you. 
  • Right to Opt-Out. You have the right to opt-out of any sale of your personal information as defined in the CCPA.

You can exercise your rights under the CCPA. To start we would need to verify your identity and confirm your California residency in order to process your information, access, and manage deletion requests. We may require you to login to an iTRUST system, provide a government-issued ID or other applicable identification, give a written declaration as to your identity under penalty of perjury, and provide any other additional information to confirm your request. Your request may be declined as permitted by law and is not absolute.

You may have an authorized agent make a request of your rights on your behalf upon confirmation of the agent’s identity and our receipt of a valid copy of a power of attorney given to your agent pursuant to California Probate Code. You may also provide your agent with written and signed permission to exercise your CCPA rights, we may require additional information to process such requests to validate your identity as described above.

The categories of personal information we collect, use, and disclose are referenced in the above sections and include:

  • Identifiers (not including online identifiers), first and last names, email addresses, phone numbers, avatars, company name, company role, social media profile information, photo and document signatures. 
  • Online Identifiers, such as operating system, version number, manufacturer, hardware model, browser type, screen resolution, IP address, unique identifiers, and iTRUST custom identifiers.
  • Financial information, such as credit card information, billing and mailing address, and other payment-related information. 
  • Commercial information, such as records for transactions and services requested.
  • Internet or network information, such as website history before or after visiting iTRUST services, navigation paths between pages or screens, session time and dates, time spent on a page or screen, activity status (last contacted, last heard from, first time seen, last time seen),  clicked links, language preferences, pages viewed, tags applied within customer accounts, and other information about your interaction with our services, including information related to cookies.
  • Geolocation data, such as location information associated with your IP address.
  • Professional or employment information, such as your job title, organizational information, or business affiliation details.
  • California Customer Records, such as financial information, commercial information, and professional or employment information.
  • Sensory information, such as photos, videos and other imagery you choose to submit in our services. 
  • Inferences, such as those based on the above information to create a profile for your preferences, characteristics, and behavior.

Your personal information is not sold in the typical sense. Like many other companies, we may use advertising services that personalize ads based on your interests from information collected through cookies or other similar technologies about your activity on our service or other online/offline services.

The above summary of this section is how we collect, use, and share personal information describes our best practices for the 12 months preceding the effective date of this notice.

14. CONTACT

If you have an inquiry or complaint about this privacy policy or our privacy practices, please feel free to contact us:

iTRUST.io LLC

ATTN: Legal Department

1201 Brickell Ave

Miami, FL 33131

Email: team@itrust.io