Privacy Policy
Last updated – October 27, 2022

Introduction and Background

Vault Vision (“Company” or “We”) respect your privacy and are committed to protecting it through our compliance with this policy. We take care to process your personal data in accordance with applicable data protection laws and contractual obligations. Please read this Privacy Policy and the Cookies Notice (together the “Policy”) to understand how Vault Vision secures personal data, and why and how Vault Vision processes your personal data, and to learn more about your rights and preferences.

This Policy describes the types of information we may collect from you or that you may provide when you visit the websites vaultvision.com, auth.vaultvision.com, manage.vaultvision.com (our “Website“) and our practices for collecting, using, maintaining, protecting, and disclosing that information. If you have any questions about this Policy, please contact us at privacy@vaultvision.com.

This Policy discusses:

  • What this Policy covers.
  • Personal data we process and the sources of personal data.
  • Why and how we process personal data.
  • Personal data sharing and disclosure.
  • Where we process personal data and international transfers.
  • Personal data retention and deletion.
  • Your choices and rights.
  • How to contact Vault Vision about privacy.
  • Changes to this Policy.
  • Additional information for European citizens.
  • Additional information for United States citizens and residents of California.
  • Cookies Notice.

 

Scope of this Policy

What this Policy Covers

This Policy applies where Vault Vision processes data about human beings and business entities in its role as a controller of personal data. This includes where you:

  • Interact with this Website; including:
    • Requesting a demo, download a whitepaper, or contact us.
    • When you visit, use and interact with the Service, including information about your visit, use, or interactions. This information may include monitoring the number of visitors to the Service, peak hours of visits, which pages are visited, the domains our visitors come from, which browsers people use to access the Service, geographical information, and navigation patterns.
  • In email, text, and other electronic messages between you and Vault Vision or the Website.
  • Through mobile and desktop applications you download from this Website, which provide dedicated non-browser-based interaction between you and this Website.
  • Receive communications from us, including emails, phone calls, or text messages.
  • Are a Vault Vision customer or use the Services (as defined below) as a customer or an authorized user.

What this Policy Does Not Cover

This Policy does not apply where we process personal data about our customers’ end users that is input into the Vault Vision platform for processing as part of the Services, where Vault Vision acts as a processor of data.

Vault Vision customers, or their affiliates and end users, use our services to secure user identities and connect users to their applications securely via the Vault Vision identity management platform (the “Services”). We process the personal data of our customers and their end users in accordance with our customers’ instructions. Our customers control the personal data that is made available to us via the Services. We act as a “processor” (for the purposes of the General Data Protection Regulation or “GDPR” in the European Union), or “service provider” (for the purposes of the California Consumer Privacy Act “CCPA”) or similar roles under applicable law on behalf of our customers. Our customers’ privacy policy or agreements with its employees, consultants, or end users will apply to such processing, not this Policy. If you are an employee, end user, consultant or other affiliate of our customer, please contact the customer’s organization directly for that information.

Personal Data We Process and Sources of Personal Data

Information You Give Us Directly

  • Contact, Biographical and Payment Information– including your contact details, financial and credit card information if you are a customer paying directly through our Website or Services, company name and position, login and password details, and information you share in feedback forms, customer service request. This may include audio or video recordings if you participate in a customer interview.
  • Employment and Professional Information– if you apply for a job at Vault Vision, this includes your resume or curriculum vitae, or other details about your education and employment history in relation to recruitment.

Information We Automatically Collect From Your Interactions With Us

  • Technical Information Related To Your Visit To Our Sites or Services– this includes your internet protocol (IP) address, which can provide general information about your location, country, region, or city, but not a precise location, login information, device data such as device and/or browser type and version, time zone setting, and the operating system and platform you use when visiting our Websites or Services.
  • Information About Your Use of Our Site and Services, and Your Activities and Your Interaction with Our Marketing– this may include the web address of the page you were on prior to coming to our Website and the page you visit after you leave. We may also process information about what you do on our Sites, page response times, download errors, length of visits to certain pages, page interaction information (including scrolling, clicks, downloads and mouse-overs), methods used to browse away from the page, and data relating to whether you engage with our marketing materials (for example, web beacons). See our Cookies Notice for more information about your choices in relation to cookies technology.

Information We Obtain From Other Sources

  • Marketing and Sales Information– this includes biographical information and job information, contact details, sales orders from third party lead resources and marketing vendors, or from publicly available sources such as LinkedIn. We may receive information from partners about your browsing activities on websites other than Vault Vision. We also receive information from marketing partners and event sponsors where we co-host events and webinars and from digital advertising partners, business partners, advertising networks, analytics providers, and search information providers.
  • Log-In/Authentication Information and Other Information Related To Our Provision of the Services– If you engage in Third Party Integration to send identity management information or other information, we will receive information that you, or the customer on your behalf, have authorized for sharing.
  • Employment/Educational History/Background Check Information– If you apply for a job at Vault Vision, our service providers, partners, or affiliates such as recruitment agencies may provide information in relation to you application for employment with Vault Vision, including information about immigration status, criminal allegations, or offenses in relation to compulsory background checks where legally permissible.

Why and How We Process Personal Data

We use personal data in accordance with applicable legal requirements, including for the following purposes:

  • To provide the Services and send you any information you request about our Services;
  • To respond to your inquiries, comments, feedback, or questions;
  • To send administrative information to you, for example, information regarding the Services and changes to our terms, conditions, and policies;
  • To analyze how you interact with our Services;
  • To maintain and improve the Services;
  • To develop new products and services;
  • To conduct employment purposes;
  • To conduct marketing, including direct marketing and sales activities;
  • To prevent fraud, criminal activity, or misuses of our Services, and to ensure the security of our IT systems, architecture, and networks; and
  • To comply with legal obligations and legal process and to protect our rights, privacy, safety, and property, and/or that of our affiliates, users, customers, or third parties.

Aggregated Information

We may aggregate personal data and use the aggregated information to analyze the effectiveness of our Service, to improve and add features to our Service, and for other similar purposes.  We may collect aggregated information through the Service, through cookies, and through other means described in this Privacy Policy.

Sharing and Disclosure of Personal Data

Updating Your Information

Please contact us at privacy@vaultvision.com if you need to change or correct your Personal Data.

Children

Our Services are not directed to children who are under the age of 18. Vault Vision does not knowingly collect Personal Data from children under the age of 18. If you have reason to believe that a child under the age of 18 had provided Personal Data to Vault Vision through the Services or Website, please contact us at privacy@vaultvision.com and we will endeavor to delete that information from our databases.

Security

You use the Services and the Website of Vault Vision at your own risk. We implement commercially reasonable technical, administrative, and organizational measures to protect Personal Data both online and offline from loss, misuse, unauthorized access, disclosure, alteration, or destruction. However, no internet transmission, electronic mail, or other communication method is ever fully secure or error free. In particular, electronic mail sent to or from us may not be secure. Therefore, you should take special care in deciding what information you send to us via the Service or electronic mail. Please keep this in mind when disclosing any Personal Data to Vault Vision via the internet. In addition, we are not responsible for circumvention of any privacy settings or security measures contained on the Service, Website, or third party websites.

International Users

Storage

Vault Vision primarily stores your Personal Data in the United States and the European Economic Area (EEA). Personal Data that is transferred to, or stored at, a destination outside the EEA may not be subject to data protection laws that provide the same level of protection as those in your jurisdiction.

Transfer

Where your personal data originates from the EEA, the United Kingdom, or Switzerland, and is transferred outside of your jurisdiction, we ensure that your personal data is subject to appropriate safeguards, such as a recognized legal adequacy mechanism or standard contractual clauses with third parties or between Vault Vision group companies and affiliates that process your Personal Data on our behalf, and that is treated securely and in accordance with this Policy.

If you are a customer and have questions about transfers of personal data from the EEA, the United Kingdom, or Switzerland to the United States by Vault Vision, please review our Platform Security Pamphlet, Customer Information for International Data Transfers, and our EU Data Transfers to the United States and Applicable US Laws FAQ.

Your Choices

In certain circumstances, providing Personal Data is optional. However, if you choose not to provide Personal Data that is necessary to use certain features of our Services or Website, you may be unable to use those features. You can contact us at privacy@vaultvision.com to ask us to update or correct your personal data.

Changes to The Privacy Policy

The Services and our business may change from time to time. As a result, we may change this Privacy Policy at any time. When we do, we will post and updated version on this page, unless another type of notice is required by applicable law. By continuing to use our Services or providing us with Personal Data after we have posted an updated Privacy Policy, or notified you by other means if applicable, you consent to the revised Privacy Policy and the practices described therein.

Contact Us

If you have any questions about our Privacy Policy or information management and protection practices, please feel free to contact us at: 7550 E 53RD PL, Unit 172174 Denver, CO 80217-7480 or privacy@vaultvision.com

Additional Information- Europe (including Switzerland and the UK)

This section applies to individuals located in the EEA, the UK or in Switzerland and outlines additional information about your rights and choices regarding Vault Vision’s processing of your personal data under the GDPR or equivalent laws in Switzerland and UK.

Legal Basis

We collect and process personal data about you only where we have a legal basis for doing so under applicable data protection laws. Our legal bases include processing personal data as follows:

With your consent: Where appropriate or legally required, we collect and use personal data about you subject to your consent (e.g. where legally required for direct marketing activities or to process your application for employment).

Performance of contract: We collect and use personal data about you to contract with you or to perform a contract that you have with us.

To protect the legitimate interests of Vault Vision, you or other parties: We process personal data for our legitimate interests such as to improve our Site or Services; deliver content; optimize your experience; market our Services; provide appropriate security for the Services; and to protect you, Vault Vision and other third parties.

Where necessary for compliance with laws: We may process personal data about you: (1) as required by law, such as to comply with a subpoena or similar legal process; (2) when we believe in good faith that disclosure is necessary to protect our rights or property, to protect your health and safety or the health and safety of others; (3) to investigate fraud or respond to a government request; or (4) if we are involved in a merger, acquisition, or sale of all or a portion of our assets.

Data Subject Rights

You have certain rights related to the personal data we hold about you in our capacity as “controller.” Some of these rights may be subject to limitations and qualifications including (1) where fulfilling your request would adversely affect other individuals, company trade secrets or intellectual property; (2) where there are overriding public interest reasons; or (3) where we are required by law to retain your personal data.

  • Right of Access: You have the right to access personal data held by us.
  • Right to Rectification: You have the right to rectify personal data that is inaccurate or incomplete.
  • Right to Data Portability: You have the right to request a copy of certain personal data we hold about you in a structured, machine readable format, and to ask us to share this information with another entity.
  • Right to Erasure: You have the right to have personal data deleted where: (1) you believe that it is no longer necessary for us to hold your personal data; (2) we are processing your personal data based on legitimate interests and you object to such processing and we cannot demonstrate an overriding legitimate ground for the processing; (3) you have provided your personal data to us with your consent and you wish to withdraw your consent and there is no other ground under which we can process your personal data; or (4) where you believe the personal data we hold about you is being unlawfully processed by us.
  • Right to Restrict Processing: You have the right to ask us to restrict (stop any active) processing of your personal data where: (1) you believe the personal data we hold about you is inaccurate and while we verify accuracy; (2) we want to erase your personal data as the processing is unlawful, but you want us to continue to store it; (3) we no longer need your personal data for our processing, but you require us to retain the data for the establishment, exercise, or defense of legal claims; or (4) you have objected to us processing your personal data based on our legitimate interests and we are considering your objection.
  • Right to Object: You can object to our processing of your personal data based on our legitimate interests. We will no longer process your personal data unless we can demonstrate an overriding legitimate purpose.
  • Objection to Direct Marketing, Automated Decision Making, and Profiling: You have the right to object to our processing of personal data for direct marketing communications, and profiling related to direct marketing. We will stop processing the personal data for that purpose.
  • Automated Profiling: In the event that we conduct automated decision making that has a legal or other significant impact we will tell you about this and you have the right to challenge such decisions and request that it is reviewed by a human.
  • Withdrawal of Consent: Where the processing of your personal data by us is based on consent, you have the right to withdraw that consent without detriment at any time by emailing privacy@vaultvision.com or other means provided.

Exercising your Rights

If you would like to exercise the rights set forth above, please contact us at privacy@vaultvision.com . Before we respond to requests for personal data, we will require that you verify your identity or the identity of any data subject for whom you are requesting personal data. Our verification methods may include requesting that you log into your account, confirm your contact information or email address, and/or provide documents for identity verification depending on the nature of your relationship with us.

We will fulfil your request within one month of receipt unless an exception applies. If you have concerns unresolved by Vault Vision, you may also address any grievance directly with the relevant Supervisory Authority or the ICO for UK-based individuals.

We will fulfil your request within one month of receipt unless an exception applies. If you have concerns unresolved by Vault Vision, you may also address any grievance directly with the relevant Supervisory Authority or the ICO for UK-based individuals.

Contact Details for Vault Vision’s Data Protection Officer and EU Representative

Vault Vision is the controller for personal data collected in connection with the use of the Site and Services in the EEA, the UK and Switzerland. Our Data Protection Officer can be contacted at privacy@vaultvision.com

For EU personal data protection, Vault Vision has nominated a GDPR Representative who may be contacted at:

Neil Proctor
7550 E 53RD PL, Unit 172174
Denver, CO 80217-7480
privacy@vaultvision.com

Additional Information- Residents of California

This section applies to California residents and outlines your rights and choices with respect to Vault Vision’s processing of your personal data under the CCPA.

For business purposes, we may have collected, used, and shared personal data about you as described in this Policy. To learn more about the personal data we collect, including the specific pieces of personal data collected, sources of collection, our purposes for collection, and the categories of service providers with whom we share personal data, please see the Personal data we process and sources of personal data, Why and how we process personal data and Personal data sharing and disclosure sections of this Policy.

We do not sell personal data for business or commercial purposes.

Consumer Rights

The CCPA grants California consumers certain rights in connection with the personal data collected by businesses, as described below:

  • Right to Know: You have the right to know the categories and specific pieces of personal data we have collected about you in the previous 12 months.
  • Right to Deletion: You have the right to request that we delete any personal data we have collected about you.
  • Right to Request Information: You have the right to request information about our collection, sale, and disclosure of your personal data from the previous 12 months.
  • Right to Opt-out of the Sale of Personal Data: You have the right to opt-out of the sale of personal data we have collected about you. As of the date of this Policy, Vault Vision does not sell the personal data we have collected about you.
  • Right to Non-Discrimination: You have the right to not receive discriminatory treatment for exercising any of your CCPA rights. We will not treat you differently for exercising any of the rights described above.

Exercising Your Rights

To exercise any of the CCPA rights above, please contact us by emailing privacy@vaultvision.com . We will fulfill your request within 45 days of receiving your request. Some of these rights may be subject to limitations and qualifications, such as where fulfilling the request would conflict with federal, state or local law, regulatory inquiries, subpoenas or Vault Vision’s ability to defend against legal claims.

We will verify your request using your email address. If you’ve created an account with us, we will also verify your request using the information associated with your account, including billing information. Government identification may be required. We cannot respond to your request if we cannot verify your identity and/or authority to make the request on behalf of another and confirm the personal data relates to you. Making a verifiable consumer request does not require you to create an account with us.

If you wish to use an authorized agent to submit a request to opt-out on your behalf, you must provide the authorized agent written permission signed by you, the consumer. We may deny a request from an authorized agent if the agent cannot provide to Vault Vision your signed permission demonstrating that they have been authorized to act on your behalf.

Cookies and other technologies use by Vault Vision

We use cookies and/or other similar technologies such as pixel tags or web beacons on our Site and Services to collect and store certain information. We use different types of cookies as listed below.

Cookies and similar technologies enable you to be remembered when using that computer or device to interact with the Site and Services and can be used to manage a range of features and content as well as storing searches and presenting personalized content. Our Site and Services use cookies and similar technologies to distinguish you from other users of our Site and Services. Specifically we use cookies to:

  • Administer and secure the Site and our Services
  • Provide certain functionality within our Services
  • Enhance user experience
  • Analyze the Site and Services usage and trends
  • Analyze browsing behavior outside of Site
  • Track users’ movements around the Site and the Services
  • Gather demographic data about users
  • Deliver advertisements such as online and offline targeted advertising on the Site and inform other marketing communication
  • Perform analytics and marketing integration
  • A number of cookies and similar technologies we use last only for the duration of your web or app session and expire when you close your browser (“session cookies”). Others are used to remember you when you return to the site and will last for longer (“persistent cookies”). A further distinction is between first party cookies which are served directly by us to your Device and third-party cookies which are served by a third party on our behalf.

How to manage cookies

Most web browsers automatically accept cookies and similar technologies, but if you prefer, you can change your browser to prevent this. However, you may not be able to take full advantage of our Site and Services if you do so.

See here for information about managing cookies, including opting out, on different browsers:

Google Chrome
https://support.google.com/chrome/answer/95647

Mozilla Firefox
https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer

Safari
https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac

Most advertising networks also offer you the option to opt out of targeted advertising. For more info, visit YourAdChoices or Your Online Choices.

To opt-out of Google Analytics, visit here. If you have accounts with third-party providers, such as Facebook or LinkedIn you may be able to control your ad preferences through your account. To learn more about preference-based advertising, change your preferences, or to opt-out, visit NAI Opt-out or DAA Opt-out.

Cookies that have been set in the past

If you disable one or more cookies we may continue to use information collected from cookies before they were disabled. However, disabling cookies will prevent further collection of any information. This does not impact any of your rights as detailed elsewhere in the Policy.

Types of Cookies used

Strictly Necessary Cookies

These cookies are necessary for the Sites and Services to function. Cookies categorized as Strictly Necessary cannot be turned off. These cookies are essential in order to enable visitors to move around the Site and Services and use their features, such as accessing secure areas of the Site. Without these cookies, some key services cannot be provided.

Performance Cookies

These cookies collect information about how visitors use the Site or Services, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that on its own individually identifies a Site visitor or Service user.

Functional Cookies

These cookies enable the Site to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to the pages of our Sites.

If you do not allow these cookies then some or all of these services may not function properly.

For example, Vault Vision uses Matomo Analytics to track and optimize our Site’s and Services’ performance and marketing activities. Matomo Analytics first-party cookies collect information about how users use our Sites. This information is used to compile reports and to help us improve our Site. The reports disclose website trends without identifying individual visitors.

Targeting Cookies

These cookies may be set through our Site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites.

They do not store directly personal data, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.