Privacy Policy
OUR COMMITMENT TO PRIVACY
At GoTrust. (“GoTrust”, “our”, “we”, or “us”) the protection of your personal data is of particular importance to us. We protect your personal data in accordance with applicable data protection laws as well as this Privacy Policy. We have prepared this Privacy Policy to inform you of the manner in which we collect, use, disclose, and otherwise process the information we may collect about you from (a) your use of our website, and/or our products, (b) your interactions with us online and at in-person events, or (c) any other circumstances in which we provide you with a copy of this Privacy Policy.
INFORMATION WE COLLECT
We may collect the following types of information:
Personal Information:
When setting up new Customers for the GoTrust platform, we collect Personal Information, such as name and email address, to provide them with the Services. The types of information we may collect directly from our customers and their users include names, usernames, email addresses, postal addresses, phone numbers, job titles, as well as any contact details or other information they choose to provide us or upload to our systems in connection with the Services.
Usage Data:
This information may include your IP address, browser type, operating system, the pages you visit on the Website, the time and date of your visit, and other information about your use of the Website.
Cookies and Similar Technologies:
We may use cookies and similar tracking technologies to collect information about your browsing activity on the Website. Cookies are small data files that are stored on your device when you visit a website. They can be used to remember your preferences, track your browsing behaviour, and improve your experience on the Website.
We may use the information we collect for the following purposes:
For your creation of a user account or profile to use our products;
To provide, maintain, and improve our website, products, including for collaboration within the product, to enhance your user experience, and to understand and save your preferences for future visits;
To monitor our products’ performance and implement security measures;
To communicate with our customers or clients;
To establish and maintain our business relationship with you;
To send you marketing and other information about our products, offerings, including through our publications and on other websites and/or media channels;
To advertise to you on other sites;
To receive, process, and respond to your feedback, requests or queries through our products, Website, or social media;
For compliance with our legal obligations and other internal legal compliance purposes;
For other purposes consistent with the context of the collection of your personal data, or as otherwise disclosed to you prior to the use of your personal data.
SHARING YOUR INFORMATION
Personal data may be disclosed to third parties in the following circumstances:
Personal data may be disclosed to processors or service providers who act on our behalf to process personal data in accordance with the purposes outlined above. This includes the following categories of service providers:
IT service providers;
Email marketing providers;
Administrative, billing, operations, and payment operators.
Cloud and other software service providers.
Data access by processors or service providers is protected under our contracts with these entities, which limit the processing purposes. The agreement obliges the service providers to process your personal data only on our behalf and upon our instruction. They are prohibited to pass on your personal data to other parties without permission, unless this is required by law.
LEGAL PURPOSES
We may share your personal data with regulators, courts or competent authorities, to comply with applicable laws, regulations and rules (including, without limitation, federal, state or local laws), and requests of law enforcement, regulatory and other governmental agencies or if we have a good faith belief that the law requires it, such as in response to a search warrant, subpoena, or other legally valid inquiry, order, or process.
YOUR RIGHTS
GDPR
European data protection laws give you certain rights regarding your Personal Information. You may ask us to take the following actions in relation to your Personal Information that we hold:
Access: You have the right to request a copy of the personal data we hold about you.
Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
Erasure (Right to be Forgotten): You have the right to request that we erase your personal data under certain circumstances, such as if it is no longer necessary for the purposes for which it was collected or if you withdraw your consent.
Restriction of Processing: You have the right to request that we restrict the processing of your personal data in certain situations, such as if you contest the accuracy of the data or if you object to its processing.
Data Portability: You may have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
Objection: You have the right to object to the processing of your personal data based on our legitimate interests or for direct marketing purposes.
Withdrawal of Consent: Where processing is based on your consent, you have the right to withdraw your consent at any time. This will not affect the lawfulness of any processing carried out before you withdraw your consent.
DPDPA
We respect your right to control your personal data under the Digital Personal Data Protection Act (DPDPA). You have the following rights:
Right to Access Information: You have the right to be informed about the collection, purpose, and sharing of your personal data. This includes details about the categories of data collected, the purpose for processing, and the recipients or categories of recipients with whom the data is shared.
Right to Correction and Erasure: You have the right to request the correction of any inaccurate or incomplete personal data concerning you. Additionally, under certain circumstances, you may have the right to request the erasure of your personal data. This might apply if the data is no longer necessary for the purposes for which it was collected, or if you withdraw your consent (where processing is based on consent).
Right of Grievance Redressal: The DPDPA provides you with a right to address any grievances regarding your data directly with the data fiduciary (the organization collecting your data). This means you can use readily available mechanisms to raise concerns before potentially escalating them to the Data Protection Board (DPB), a regulatory body established by the Act.
Right to Nominate a Representative: You have the right to nominate another person to exercise your rights on your behalf in the event of your death or incapacity. This appointed individual can then act on your behalf to request access, correction, erasure, or address grievances related to your personal data.
LEGAL BASIS
Where applicable under the GDPR or similar laws, the legal basis for our collection and use of your personal data may include any of the following:
Performance of a contract. We process your personal data as necessary to perform our obligations under any contract with you, such as to provide our website or services to you or complete transactions.
Consent. We may ask for your consent to use your personal data, including if we need your consent to engage in certain marketing activities. If we obtain your consent as a legal basis for processing, you may withdraw your consent at any time.
Legitimate interests. We have a legitimate interest in using your personal data for our business purposes, including operating, improving, and marketing our business, Website and services.
Compliance with a legal obligation. We may need to use your personal data to comply with applicable legal requirements.
We will only retain your Personal Information for as long as necessary to fulfil the purposes for which we collected it, including to satisfy any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the volume, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information, and whether we can achieve those purposes through other means, and the applicable legal requirements.
SECURITY OF YOUR INFORMATION
We maintain administrative, technical, and physical safeguards designed to protect against unauthorized access, use, modification, and disclosure of your personal data in our custody and control. No data, on the Internet or otherwise, can be guaranteed to be 100% secure. While we strive to protect your information from unauthorized access, use, or disclosure, GoTrust cannot and does not ensure or warrant the security of your personal data.
CHILDREN’S PRIVACY
Our website is not directed to children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and you believe that your child has provided us with personal information, please contact us. If we learn that we have collected personal information from a child under 16, we will delete that information from our records.
CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on the Website. You are advised to review this Privacy Policy periodically for any changes.