Beyond Encryption Ltd (“We” or “Us”) are committed to respecting your privacy and the confidentiality of your personal data, usage data and communications content.
References in this notice to "Data Protection Law" mean (as applicable) the Data Protection Act 2018, the General Data Protection Regulation (Regulation (EU) 2016/679) and all related data protection legislation having effect in the United Kingdom from time to time.
References in this notice to "Personal Data" or "Information" include "Sensitive Personal Data " and "Special Categories of Data" (as defined in Our “Data Protection Policy” where applicable).
For the purposes of data protection law, Beyond Encryption Limited (company number 08814096), having its registered office at 1 Gloster Court, Fareham, Hants, PO15 5SH (ICO Registration ZA038105)
In processing your data, we will always comply with our obligations under Data Protection Law. Although you control the release of your information, We may disclose information if required to do so by law or in the good faith belief that such disclosure is reasonably necessary to comply with legal process, enforce our Terms and Conditions or protect the rights, property or safety of Beyond Encryption, its users, or the public.
By submitting your personal information to us you are confirming that all the details provided by you are up to date and accurate at that time. Any changes to your personal information should be updated in your account by contacting firstname.lastname@example.org.
The Information Collected.
Information we collect from you.
When you create an account with us and use our service, we gather and use the following information about you:
If you work for one of our Suppliers, Introducer Affiliates or Resellers, or other Business Partners, we may collect your contact details, such as name, email address, work address and phone number.
Information we collect about you:
While on our site, we automatically log certain information about how you're using our site. This information may include the URL that you came from (source data), your IP address and the pages you visit while on our site.
When you use our site, one of our applications or access a file sent using our service, the following data about these processes is stored in a database (for technical and statistical purposes only):
Information we collect from third parties.
We may engage the services of third-party analytic providers to track and analyse usage and volume statistical information from our users and visitors to our site. We may also place a pixel on pages on our site, or those of our partners. This enables us to record in our server logs that a specific user ID has visited a particular page. This data allows us to analyse and determine our User’s behavioural characteristics, which helps us to optimise our site.
We may also use third parties to provide services in connection with sales on our site, such as payment service providers and credit reference agencies and we may receive information about you from them.
What do we process your information for?
If you are a customer our primary purpose in collecting information is to provide you with a safe, efficient, personalised experience. We collect and use personal data relating to you as permitted or necessary to:
If you are a Supplier, Reseller, Introducer Affiliate or other Business Partner:
Whether you are a Customer, Suppler, Reseller, Introducer Affiliate or other business partner:
If you have purchased our Services as part of a promotion or discounted rate with a Network or an Affiliate, we may share, your usage data of our Services only, upon request from the Network or Affiliate.
What are the Legal Grounds for processing your information?
By accepting our terms and conditions in this policy, our End User License Agreement and Acceptable Use Policy, we are processing your data on the following legal grounds:
You may choose not to provide accurate or complete personal data. In such instances you may not be able to use all of the functionalities of our website; where we ask for consent and you chose not to provide it, or you block, disable or delete cookies, we may not be able to provide you with the information or service requested.
How long do we keep your personal information?
We only keep your information for so long as it is reasonably necessary. When setting our data retention periods, we consider the amount, nature, and sensitivity of the information we hold, the potential risk of harm from unauthorised use or disclosure of the information and the purposes for which we process the information (including whether we can achieve those purposes by other means). We also take into account our other legal obligations to keep or securely dispose of personal information.
Generally speaking, we retain your information for the following periods of time:
If we need to keep your information e.g. if requested by any regulatory authority for a longer period, then we will notify you of the reason and grounds for doing so.
Where we store your information.
We will do everything possible to ensure that the data that we collect from you will be stored at a destination inside the European Economic Area ("EEA"). If there is ever a requirement to transfer your information outside the EEA, this will only be done after obtaining your agreement and we will make sure your data is protected in a manner that is consistent with how your information will be protected by us. In all cases we will ensure that any transfer of your information is compliant with Data Protection Law.
Information Sharing and Disclosure.
We do not give, rent, lend or sell individual information to any third party for marketing purposes. Furthermore, we will not disclose any information about individual users, except as described below:
Beyond Encryption and its processes are certificated to ISO 27001:2013 International Information Security standard and is committed to protecting your personal information. All information that you provide to us is stored on our secure Microsoft Azure hosted Cloud servers. Access to any personalised area of the site is password-protected for your privacy and security. While we do everything reasonable to protect your personal information Beyond Encryption cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk.
You are responsible for maintaining the secrecy of your passwords and/or any account information. If your personal information changes, or you need to update your password, you should promptly update your individual account information by logging into the website and updating your account details.
Browser Communications Encryption.
We employ SSL certificates with Extended Validation. This is currently the most secure certificate available. With this certificate more modern browsers are able to use 256-bit encryption and for older browsers it ensures that 128-bit encryption is possible. Click on the lock icon in your browser's status bar to learn more.
Information Security and Firewalls.
Our operational IT security infrastructure is protected by firewalls and malware detection software which meets Cyber Essential Plus requirements.
All your data is securely stored in Microsoft Azure Cloud Storage facilities. Further information on Microsoft’s Cloud Security infrastructure can be found at https://docs.microsoft.com/en-us/azure/security.
Network Intrusion Detection Systems.
Network-based IDS (intrusion detection system) provides 24x7 network monitoring and alerts security personnel to any external attacks on the network.
Cookies are small files that contain a string of characters (text) that are sent to your browser from a website’s server. The cookie may contain a unique identifier, but it does not contain personally identifiable information such as your name or email address. The browser stores the cookie on your computer’s hard drive, and this may be accessed next time you visit the site.
By restricting or blocking cookies this will impact the functionality and your access to our website. Further information can be found at www.aboutcookies.org.uk
Under Data Protection Law you have the following rights:
For further information on your rights under data protection law and how to exercise them, you can contact the Citizens Advice Bureau (www.citizensadvice.org.uk) or the Information Commissioner's Office (www.ico.org.uk).
Access to Information.
Under Data Protection Law you can exercise your right of access (SAR) by making a written request to receive copies of the information we hold on you. Details of the process can be found in our Subject Access Request policy (SAR). As part of this process You must send us proof of your identity, or proof of authority if making the request on behalf of someone else, before we can supply the information to you. Requests should be sent to us using the contact details at the end of this policy below. The information will be sent to you in a machine-readable format.
If you are requesting copies of documents you already possess, we may charge our reasonable administrative costs. We will also be allowed to charge you for our reasonable administrative costs in collating and providing you with details of the requested information which we hold about you if your request is clearly unfounded or excessive. In very limited circumstances, we are also entitled to refuse to comply with your request if it is particularly onerous.
Consent from Children.
If you are aged 16 or under (or under 13 if you are in the United Kingdom), please get your parent/guardian's permission beforehand whenever you want to consent to us using your personal information. Users under this age are too young to consent.
This Policy will be regularly reviewed to incorporate any legislation or regulatory changes. Any changes or updates to the Policy will be published on our website. By accepting this Policy, you confirm your agreement to regularly check the website for updates which are legally binding to you. Some of the provisions contained in this policy may also be superseded by provisions or notices published elsewhere.
Unsubscribing from our Contact List.
If you sign up for our newsletter, we process your personal data to send you the newsletter which may include marketing and promotional communications. If you would rather not receive these marketing and promotional communications there will be a link at the bottom of each marketing newsletter, which will allow you to unsubscribe, or alternatively you can contact us at email@example.com and we will help you.
If you have purchased either a Mailock or a Unipass Mailock licence, we will subscribe you to our newsletter. If you do not wish to receive the newsletter you can unsubscribe by using the link within the newsletter or by contacting salessupport@beyondencryption. As indicated above we still have a legal obligation to contact you regarding service, product or policy changes.
Deactivating your account.
If you want to change your email address for the delivery of your email subscriptions or unsubscribe contact firstname.lastname@example.org. who, subject to your agreed Terms and Conditions, will guide you through this process and advice you of the notice period required for you to cancel. Please refer also to Section 15 - Term and Termination of your End User Licence Agreement.
V5. This Policy was last updated January 2020.