Privacy Policy

SecureLink, Inc. and our affiliates (together, “our”, “we”, “us”, “company”, or “SecureLink”) are committed to protecting the privacy and security of your personal information. This privacy policy (“Policy”) describes how we collect, use, and otherwise handle personal information about you and is directed to our current and prospective customers, partners, and suppliers, employees, job candidates and applicants, end users of any Products (defined below), and users of our Sites (defined below). As used in this Privacy Policy, ‘personal information’ or ‘personal data’ means information that relates to an identified individual or to an identifiable individual.

We provide network and system access management solutions (“Products”) to enterprise customers. Typically, our Products are used by our customers and partners on their own premises and in their own environments and we generally do not have access to the information processed by the Products unless we are providing configuration services, customer support or success services, quality assurance, testing or other professional services, or for administrative purposes. When we do have access to personal information of individuals, it is typically as a service provider or supplier to our customers and partners, with limited exceptions, such as, for example when we collect information:

• Through our website https://www.securelink.com/, related sub-sites and other websites and mobile applications that we provide (the “Sites,” which are included in the Products).
• For our advertising, marketing, promotion, industry outreach and educational efforts (which are primarily in a business-to-business context versus direct to individual consumers).
• In our relationships with employees, contractors, applicants and administrative and operational vendors and suppliers.

In our role as a service provider and supplier, we only process personal information of our customers and partners as necessary to fulfill our obligations under our agreements with such parties and under applicable law.

Additional terms may apply for specific Products. If such terms apply, they will control over any conflicting terms in this Policy to the extent permitted under applicable law.

Table of Contents

• Information We May Collect and How it is Collected
• Purposes of Processing Personal Information
• Marketing
• With Whom Do We Share Personal Information?
• Security and Retention
• Employees, Contractors, and Applicants
• Capacity
• Cookies
• Your California Privacy Rights

Information We May Collect and How it is Collected

We may collect the following types and categories of personal information from the following categories of sources.

Information you provide to us

In general, you can visit the Site without telling us who you are or revealing any personal information about yourself.

We collect your personal information when you decide to interact with us and which you submit using the contact options provided on this Site. You can also provide us with personal information via email, post, and telephone. The categories of personal information we may collect include personal contact information such as your name, email address, postal address, and phone number; work contact information such as job title, position, and work telephone number; and electronic information such as IP address of the device you used to access the Sites or when you used the Products. We may collect additional categories of personal information about you, including special or sensitive categories of personal information, when you apply for a job with SecureLink or an affiliate or enter into an agreement with SecureLink. See below for further information on Employees, Candidates, and Applicants for personal information we process in the recruiting and employment context.

Information provided by third parties or publicly available sources

We may collect or receive personal information about you from third parties including from our affiliates, marketing companies, job posting websites and recruiting firms. The categories of personal information collected from third parties include the categories indicated above and below.

Purposes of Processing Personal Information

To the extent that you provide us with any personal information, through or in connection with this Site (i.e., via telephone, email, or post), or we receive it through other means, we may use such information for the following categories of business purposes:

• To provide you the Products you have requested or ordered and to maintain, distribute, install, operate, or upgrade the Products.
• To provide customer service, technical support, consulting, or professional services.
• To provide training related to the Products or otherwise (whether in-person or online).
• For our administration, research, development, and business operation purposes.
• To keep a record of your relationship with us.
• To respond to your inquiries or requests including to verify your identity to respond to such inquiries or requests.
• To process your inquiries about employment opportunities at SecureLink.
• To manage litigation and conduct internal audits and investigations.
• To administer and protect our business and this website.
• To market, advertise, and promote Products, including to make suggestions and recommendations to you about goods or services that may be of interest to you.
• To operate, customize, secure, and optimize the Sites and Products.
• Other legitimate purposes as required or permitted by applicable law.

Marketing

We will send you direct marketing communications as permitted by applicable law (including obtaining your prior consent to the extent required by applicable law) or to keep you informed of our Products in which you might be interested. You may opt-in to certain kinds of marketing at any time by emailing marketing@SecureLink.com. You can also click on the “opt-out” link provided in our marketing emails.

With Whom Do We Share Personal Information?

Your personal information may be shared with and processed by:

• certain service providers as necessary to fulfill the purposes set out in this Policy, including professional advisors, recruitment firms, consultants, technology companies, and data hosting providers;
• supplier and vendors; and
• partners, distributors, and resellers.

When third parties are given access to personal information, we will take appropriate contractual, technical and organizational measures designed to ensure that personal information is processed only to the extent that such processing is necessary, consistent with this Policy, and in accordance with applicable law. We may share your personal information with the above categories of recipients for the following categories of business purposes:

• To provide you the Products you have requested or ordered and to maintain, distribute, install, operate, or upgrade the Products.
• To provide customer service, technical support, consulting, or professional services.
• To provide training related to the Products or otherwise (whether in-person or online).
• For our administration, research, development, and business operation purposes.
• To keep a record of your relationship with us.
• To respond to your inquiries or requests including to verify your identity to respond to such inquiries or requests.
• To process your inquiries about employment opportunities at SecureLink.
• To manage litigation and conduct internal audits and investigations.
• To market, advertise, and promote Products, including to make suggestions and recommendations to you about goods or services that may be of interest to you, including goods or services from service providers and partners.
• To operate, customize, secure, and optimize the Sites and Products.
• To work with our partners (including suppliers, vendors, resellers, distributors and other third parties) pursuant to legal agreements.
• When we have your consent to share the information.
• In connection with blogs, message boards, chat rooms or other similar forums, whether publicly shared or shared by or with customers, partners or end users interacting with login access, including related to feedback or suggestions for improvements to our Products.
• As part of a joint sales promotion or joint sales process with third parties.
• In response to a lawful request for information by a competent authority, if we believe disclosure is in accordance with, or is otherwise required by, any applicable law, regulation or legal process, including to meet national security or law enforcement requirements.
• With law enforcement officials, government authorities or other third parties as necessary to protect the rights, property or safety of us, our business partners, you or others, or as otherwise required by applicable law.
• In an aggregated and de-identified or anonymized form.
• In connection with, or during the negotiation of, any merger, sale of company assets, consolidation or restructuring, financing or acquisition of all or a portion of our business by or to another company, including the transfer of contact information and data of customers, partners and end users.
• For other legitimate purposes required or permitted by applicable law.

Security and Retention

We are committed to protecting the personal information you entrust to us. We implement appropriate physical, administrative and technical security measures and technologies designed to secure your personal information on our systems. In addition, we limit access to your personal information to those employees, agents, contractors, and other third parties who have a business need to know. They are subject to terms that require them to only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to address any suspected security incident leading to the misappropriation or accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, your personal information transmitted, stored or otherwise processed on our systems that compromises the confidentiality, integrity or availability of your personal information and will notify you and any applicable regulator of such an incident where we are legally required to do so.

Notwithstanding our efforts to protect your information, no security system is completely impenetrable, so we cannot guarantee the absolute security of your personal information, nor can we guarantee that information you supply to us will not be intercepted while in transit to us. Any transmission of information or data by you to or through this Site, Products, or other means is at your sole risk.

We will keep your personal information only for as long as is reasonably necessary for the purposes set out in this Policy unless a longer retention period is required by applicable law. We will not keep more information than we need for those purposes.

Employees, Contractors and Applicants

We may process the following categories of personal information if you submit a job application, inquire about opportunities at SecureLink, provide us your information at a recruiting event or if we receive information about you from third parties in connection with our recruiting activities:

• Name and contact information such as phone number, email address and postal address.
• Employment history such as prior employers and dates of employment.
• Education history such as degrees earned and institutions attended.
• Resume, CV, educational transcripts and any information contained in or with such documentation.
  Job qualifications and work eligibility information such as country of residence, visa and immigration status, and citizenship.
• Reference information, such as name and contact details of your references.
  Compensation information that you voluntarily provide and which may depend on your region and applicable laws and regulations.
• Background check information, subject to applicable law.
• Sensitive personal information that you provide voluntarily or which we request on a non-mandatory basis in order to comply with applicable law.

We may process the above information to:

• Review and evaluate an application you submit.
• Communicate with you regarding your application or other interest in SecureLink opportunities.
• Process your onboarding if you are hired.
• Operate, improve and maintain the security of our recruiting systems and platforms.
• Comply with applicable laws and otherwise operate our business.

Capacity

This site is only intended for individuals who are at least 16 years of age and is not targeted at individuals under the age of 16. We do not knowingly encourage or solicit visitors to this site who are under the age of 16 or knowingly collect personal information from anyone under the age of 16 without parental consent. If we learn we have collected or received personal information from an individual under the age of 16, we will delete that information. If you believe we have collected personal information of an individual under the age of 16, please contact us as set forth below with sufficient information so that we can act accordingly. Please do not provide any sensitive or special information such as social security number or other government identifier.

Cookies

A cookie is an alphanumeric set of characters that a website transfers to the cookie file of the browser on your computer so that a website can remember who you are to, for example, customize website content and create a better browsing experience. A cookie will typically contain the name of the domain or website that created the cookie, the “lifetime” of the cookie, and an alphanumeric value, usually a randomly generated unique number to identify the cookie.

Similar technologies may be used instead of or in conjunction with cookies, such as web beacons, which are small, non-recognizable pictures downloaded to your computer when a specific website is loaded.

When you visit our Sites, we may use cookies and similar technologies for the following purposes:

• To help us recognize you as a unique visitor (just an alphanumeric identifier) when you return to our Sites.
• To allow us to tailor content or advertisements to match your preferred interests.
• To avoid showing you the same advertisements repeatedly.
• To support sales activities and provide direct marketing communications to you if you have consented to receive such communications.
• To compile statistics that allow us to understand how users interact with our Sites, such as from which web page a user visited prior to arriving at our Sites, how long users remained on one of our Sites’ pages, and what website users visited directly after they left the Securelink.com domain of our Sites.
• To help us improve our Sites.
• To protect the security of our Sites.

Cookies we use may collect such information as IP address, mobile identifier and the browser and type of operating system of the device you used to access our Site and certain activity data of the device, such as pages viewed and links clicked.

Our Sites use the following categories of cookies:

• Required Cookies: Required cookies are necessary for the operation, maintenance and/or security of our Sites.
• Performance and Functionality Cookies: Performance cookies collect information about how visitors use our Sites, such as which pages visitors go to most often and if they receive error messages from web pages. For example, we may use third parties to help us understand how visitors engage with our Sites. This means that when you visit our Sites, your browser automatically sends certain information to these third parties. This includes, for example, the web address of the page you’re visiting and your IP address. Functionality cookies remember choices you make (such as your language or the region you are in) and provide enhanced or more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages you can customize.
• Targeting and Advertising Cookies: These cookies are used to deliver advertising more relevant to you and your interests. They are also used to limit the number of times you see a certain advertisement as well as help measure the effectiveness of the advertising campaigns. They are usually placed by third-party advertising networks with our permission. They remember that you have visited a website and may share this information with other organizations such as advertisers.

Two types of cookies may be used on our Sites: session cookies (which are temporary cookies that remain in the cookie file of your browser until you leave the site) and persistent cookies (which remain in the cookie file of your browser for longer though the time period will depend on the lifetime of the specific cookie).

Disabling and Enabling Cookies

You can use your browser or device settings to review and erase or delete cookies at any time. Note that by disabling certain categories of cookies you may be prevented from accessing some features of our Sites, certain content or functionality may not be available, or the Sites may not operate correctly.

Depending on your location, you may also opt out of third-party cookies relating to behavioral advertising by visiting the following websites:

• European Interactive Digital Advertising Alliance (EDAA): www.youronlinechoices.eu and https://www.edaa.eu/
• Digital Advertising Alliance (DAA): https://www.aboutads.info/choices/
• Network Advertising Initiative (NAI): https://optout.networkadvertising.org

Opting out does not mean you will no longer receive online advertising. It does mean that the company or companies from which you opted out will no longer deliver ads tailored to your browsing preferences and usage patterns. You may temporarily continue to see some tailored ads produced from ongoing advertising campaigns.

The above opt-out tools rely on the use of cookies, and to the extent your browser settings impact use of third-party cookies, the above tools may not operate correctly. The above tools also apply only to the browser on which they are exercised. If you want to apply these tools to multiple devices or multiple browsers, you must exercise these tools on each browser and/or device.

Do Not Track

There are different ways to prevent tracking of online activities. Some web browsers may allow you to enable a do-not-track feature that alerts the websites you visit that you do not want your online activities to be tracked. Our Sites may not recognize or react in response to do-not-track signals. At present, no generally accepted standards exist on how companies must respond to do-not-track signals. In the event a final standard is established, we will assess and provide an appropriate response to these signals.

Your California Privacy Rights

If you are a California resident and have any concerns about how we process your data or would like to exercise any of your California privacy rights, including those described below, you can contact us by email or post as set forth below with “Attention: Legal” in the heading or address. Please identify yourself as a California resident and provide sufficient information so we can take appropriate action, such as your name, email address or any additional information required. Finally, if we are processing your personal information as a service provider for a customer or partner, we may ask you to contact our customer or partner directly, to the extent permitted under applicable law.

“Shine the Light” Law

California residents may request certain information regarding our disclosure (if any) of personal information to third parties for their direct marketing purposes, pursuant to California Civil Code Section 1798.83 (the California “Shine the Light” law). To make such a request, please contact us, identify yourself as a California resident and provide sufficient information so we can take appropriate action, such as your name, email address or any additional information required.

California Consumer Privacy Act (CCPA)

We generally process personal information as a service provider for our customers and partners, many of whom are large enterprises who have a direct relationship with individuals using our Products. This means that, in addition to other exceptions under the CCPA that may apply (including for employees, contractors and business contacts), our processing of personal information as a service provider may not involve a sale of personal information of a consumer.

Right of Access (CCPA):

Certain California consumers may have the right to disclosure of information about our collection, sale or disclosure for a business purpose of their personal information, including, to the extent applicable, the following:

• The categories of personal information we have collected about such consumer.
• The categories of sources from which such personal information has been collected.
• The categories of third parties with whom we have shared such personal information.
• The business or commercial purpose for collecting or selling such personal information.
• The categories of such consumer’s personal information we have sold or disclosed for a business purpose, by category for each category of third parties to whom the personal information was sold or disclosed, or we will state that we have not sold or disclosed for a business purpose such consumer’s personal information.
• The specific pieces of personal information we have collected about such consumer.

We will provide appropriate disclosures upon receipt of a verifiable request, to the extent required by law (or in our discretion if not required by law) and as permitted by our contracts, confidentiality obligations and applicable laws and regulations. We may not be able to provide all of the information requested, such as, for example: (1) if the personal information was collected for a single one-time transaction and if, in the ordinary course of business, such information was not retained; (2) we would be required to reidentify or otherwise link any data that, in the ordinary course of business, was not maintained in a manner that would be considered personal information; (3) the consumer used different browsers, devices or identifying information and we have not linked all such information together; or (4) if the information was collected, sold or disclosed prior to January 1, 2019 or twelve (12) months prior to the receipt of such verifiable consumer request, whichever is later. If we receive more than two requests for disclosure from a particular consumer within a twelve (12)-month period, we may decline to respond to such additional requests to the extent permitted under applicable law and regulations.

Right to Opt Out (CCPA):

Certain California consumers may also have the right to opt out of the sale of their personal information by contacting us and providing the verification information and other details we need in order to handle the request appropriately. We may, to the extent permitted under applicable law and regulations, continue to process data: (1) that is not personal information of a California consumer, including aggregate information, deidentified information or publicly available information; (2) where such processing is otherwise permitted under the CCPA, including without limitation where we are acting as a “service provider” under the CCPA, or where the processing of data is otherwise exempt; (3) where such processing is required under applicable law or regulations; (4) to protect our legal rights; (5) to comply with our contractual requirements or other applicable laws or regulations, or (6) where information is not covered by CCPA or another CCPA exception applies. Due to technological limitations, we also may not be able to recognize opt-out requests if a consumer accesses our Sites or our software, platforms or applications using a new browser, a new device or new or modified personal information. If you believe we are selling your personal information despite your opt-out request, please contact us.

Right to Deletion (CCPA):

Certain California consumers have the right to request deletion of their personal information by contacting us and providing the required verification information and other details we need in order to handle the request appropriately. We may, to the extent permitted under applicable law and regulations, retain and continue to process data: (1) that is not personal information of a California consumer; (2) where such processing is otherwise permitted under the CCPA, including without limitation where we are acting as a “service provider” under the CCPA, or where the data or processing is otherwise exempt under the CCPA; (3) where such processing is required under applicable law or regulations; (4) to protect our legal rights; (5) to comply with our contractual requirements or other applicable laws or regulations, or (6) where another CCPA exception applies.

Non-Discrimination (CCPA):

California consumers have the right not to receive discriminatory treatment for exercising any of the privacy rights conferred by the CCPA, except as permitted under the CCPA. If you believe you have received discriminatory treatment for exercising your CCPA privacy rights, please contact us.

Transfers of Personal Information Outside the EEA

For information on our processing of personal information of individuals located in the European Economic Area (“EEA”), please visit our European Privacy Notice.

We may amend this Policy from time to time, and if we make changes that affect the way we use your personal information, we will notify you by posting a revised statement on our Sites or Products. Where appropriate, we will notify you by additional means.

Changes to this Policy

Question and Comments

If you have any comments or questions about our privacy practices or this Policy, please do not hesitate to contact SecureLink at +1 (888) 897-4498, extension 900 or +1 (512) 637-7700, email privacy@SecureLink.com, or by post at SecureLink, Inc., Attn: Privacy, 11402 Bee Cave Road, Austin, TX 78738 USA.

August 2020 Update