Privacy Policy

Last Updated: February 03, 2025

At Truvanta Inc. ("Truvanta", "we", "us", or "our"), we are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, retain, and safeguard your personal information when you use our website and services (collectively, the "Services").

By accessing or using our Services, you agree to the terms of this Privacy Policy. If you do not agree with these terms, please do not use our Services.

1. Information We Collect

a. Personal Information

When you interact with our Services, we may collect personal information that identifies you. This includes:

Contact Information: Your name, email address, phone number, and mailing address.
Account Information: Username, password, and profile details.
Payment Information: Billing address, payment card details, and transaction information when you make purchases.
Usage Data: Information about how you use our Services, such as the pages you visit, features you use, and actions you take. This helps us enhance automation, visibility, and control features central to our Remote Monitoring and Management (RMM) and Unified Endpoint Management (UEM) solutions.
Device Information: Details about the device you use to access our Services, including IP address, browser type, operating system, and unique device identifiers.
Location Data: Approximate location information derived from your IP address or other location-aware technologies.

b. Non-Personal Information

We may also collect non-personal information that does not directly identify you. Aggregated and de-identified data is statistical information about user activities that is derived from personal information but is anonymized and combined with other data in such a way that it cannot reasonably be used to re-identify any individual. This data helps us understand user trends and improve our Services.

c. Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance your experience.

2. How We Use Your Information

We use your information for the following purposes:

Providing and Improving Services: To deliver the Services you request, personalize your experience, and improve our platform's functionality, including enhancing automation, visibility, and control features integral to our RMM and UEM solutions.
Communicating with You: To send important updates, respond to inquiries, provide customer support, and deliver marketing communications if you have opted in.
Processing Payments: To facilitate transactions, process payments, and manage subscriptions.
Security and Compliance: To protect against unauthorized access, fraud, and other illegal activities. We implement industry-standard security measures, such as encryption, access controls, and secure authentication methods, to safeguard your data.
Legal Obligations: To comply with applicable laws, regulations, and legal processes, including responding to requests from public and government authorities.
Aggregated Data Analysis: To generate statistical data that helps us understand user trends and improve our Services. Aggregated data is anonymized and cannot be used to identify individuals.

3. Disclosure of Your Information

We may share your information in the following circumstances:

a. Service Providers

We engage trusted third-party service providers to perform functions and provide services to us, such as:

Payment Processors: To securely process payments.
Cloud Hosting Services: To store and manage data.
Analytics Providers: To analyze usage patterns and improve Services.
Security Services: To detect and prevent fraud, malware, and other security threats.
Customer Support Platforms: To provide customer service.
Marketing and Advertising Partners: To manage marketing campaigns and communications.
Email and Communication Services: To send emails and notifications.
Customer Relationship Management (CRM) Platforms: To manage customer data and interactions.

Categories of Personal Information Shared:

Contact, Account, and Payment Information
Usage, Device, and Location Data

Purpose of Sharing:

Payment Processors: We share contact and payment information with payment processors to securely process transactions.
Cloud Hosting Services: We share account and usage data with cloud hosting services to store and manage data effectively.
Analytics Providers: We share usage and device information with analytics providers, such as Google Analytics, to understand how our Services are used, identify areas for improvement, and measure the effectiveness of our marketing campaigns.
Security Services: We may share device information and usage data with security providers to detect and prevent fraud, malware, and other security threats. We may share IP addresses and device information with security providers to identify and prevent malicious activity, such as attempted unauthorized access or DDoS attacks.
Customer Support Platforms: We share contact and account information with customer support platforms to provide customer support.
Marketing and Advertising Partners: With your consent, we share contact information to manage and deliver marketing campaigns, communications, and targeted advertising.
Email and Communication Services: We share contact information with email and communication services to send transactional emails, service updates, and other communications related to your account and use of the Services.
CRM Platforms: We share contact and account information with CRM platforms to manage customer relationships and improve our Services.

We carefully select our service providers and ensure they have adequate data protection measures in place. They have access to your personal information only to perform tasks on our behalf and are contractually obligated to protect your information and use it solely for the purposes for which it was disclosed. They are prohibited from using your information for any other purpose.

b. Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your personal information may be transferred or assigned as part of that transaction. You will be notified via email and/or a prominent notice on our website of any change in ownership or use of your personal information.

c. Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal requests by public authorities (for example, a subpoena, court order, or government demand).

d. Protection of Rights

We may disclose your information to:

Enforce our Terms of Use.
Protect the rights, property, or safety of Truvanta, our users, or others.
Investigate and prevent fraud, security issues, or other illegal activities.

We may share your information with third parties when you provide explicit consent to such disclosure.

4. Data Security

We take the security of your personal information seriously and implement industry-standard security measures, including:

Encryption: Data encryption both in transit (using SSL/TLS) and at rest.
Access Controls: Role-based access controls and multi-factor authentication to limit access to your information.
Regular Audits: Routine security assessments, vulnerability scans, and penetration testing.
Secure Infrastructure: Use of secure data centers with physical security measures and redundancy.

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security.

5. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

Legal Obligations: Compliance with legal and regulatory requirements.
Business Needs: Operational considerations and the need to resolve disputes or enforce agreements.
User Preferences: Your choices regarding your information, including account deletion requests.

Examples of Retention Periods (these are illustrative examples and specific retention periods may vary based on individual circumstances and applicable legal requirements):

Account Information: Retained for as long as your account is active and for up to seven (7) years thereafter to comply with legal obligations and for record-keeping purposes.
Payment Information: Transaction records are retained for seven (7) years for audit and tax purposes.
Usage Data: Retained for up to three (3) years for analytics and Service improvement.

We may retain anonymized or aggregated data indefinitely.

After the retention period expires, we will securely delete or anonymize your personal information. If you close your account, we will delete your personal information promptly, except where retention is required by law or legitimate business interests as outlined in this Privacy Policy.

Your Choices:

You may contact us at sales@truvanta.com to:

Request specific retention periods for different types of data, subject to our legal and contractual obligations.
Request the deletion of your account and associated personal information.

6. Cookies and Similar Technologies

We use cookies and similar technologies to collect information, personalize your experience, and analyze our traffic. Cookies are small data files stored on your device when you visit a website. We use the following types of cookies:

Essential Cookies: Necessary for the functioning of the Services (for example, to facilitate login and access to secure areas).
Performance Cookies: Collect information about how you use our Services to improve performance (for example, which pages are visited most often).
Functional Cookies: Remember your preferences to personalize your experience (for example, language selection).
Marketing Cookies: Used to deliver relevant advertisements and track ad campaign performance.

Managing Cookies:

Cookie Preferences: You can manage your cookie preferences through our Cookie Management Tool or adjust settings in your browser.
Browser Settings: Most browsers allow you to control cookies through their settings preferences. Disabling cookies may affect the functionality of our Services.

7. Your Rights

We respect your privacy rights and are committed to helping you exercise them. Depending on your location and applicable laws, such as the California Consumer Privacy Act (CCPA), California Privacy Rights Act (CPRA), Nevada privacy laws, and the General Data Protection Regulation (GDPR), you may have certain rights regarding your personal information.

a. Your Rights Under CCPA/CPRA (For California Residents)

California residents have the following rights:

Right to Know: Request information about the categories and specific pieces of personal information we have collected about you, the categories of sources, purposes for collecting the information, and the categories of third parties with whom we share it.
Right to Delete: Request deletion of personal information we have collected from you, subject to certain exceptions.
Right to Correct: Request correction of inaccurate personal information without undue delay.
Right to Opt-Out of Sale/Sharing: We do not, and will not, sell personal information as defined under CCPA/CPRA. We do not share personal information with third parties for cross-context behavioral advertising.
Right to Limit Use of Sensitive Personal Information: To the extent applicable, you have the right to limit the use and disclosure of sensitive personal information.
Right to Limit Use and Disclosure of Sensitive Personal Information: You have the right to direct us to limit our use and disclosure of sensitive personal information (as defined by the CPRA) to that which is necessary to perform the Services or provide the goods reasonably expected by an average consumer who requests those goods or services, to perform certain specific purposes permitted by the CPRA, and as authorized by regulations. Truvanta only uses and discloses sensitive personal information for purposes permitted by the CPRA and its implementing regulations.

Sensitive Personal Information under CPRA includes information such as your social security number, driver’s license number, state identification card, passport number, precise geolocation, racial or ethnic origin, religious or philosophical beliefs, union membership, contents of mail, email, and text messages unless the business is the intended recipient, genetic data, biometric information, health information, and information concerning sex life or sexual orientation.

Right to Non-Discrimination: You will not receive discriminatory treatment for exercising your privacy rights. We do not discriminate against users who exercise their CCPA/CPRA rights in pricing or levels of service.
Authorized Agent: You may designate an authorized agent to make a request on your behalf.

Exercising Your Rights (California Residents):

To exercise your rights, please:

Submit a request via email at legal@truvanta.com with the subject line "California Privacy Rights".

An authorized agent must provide proof of their authorization when submitting a request on your behalf. Proof of authorization may include a signed permission document, power of attorney, or other legally recognized form of authorization.

Residents of the European Economic Area (EEA) have the following rights:

Right of Access: Obtain confirmation whether we process your personal information and access a copy.
Right to Rectification: Request correction of inaccurate or incomplete information without undue delay.
Right to Erasure: Request deletion of your personal information under certain conditions without undue delay.
Right to Restrict Processing: Request to restrict processing under certain circumstances.
Right to Data Portability: Receive your personal information in a structured, commonly used, and machine-readable format.
Right to Object: Object to processing of your personal information, including for marketing purposes.
Right to Withdraw Consent: Withdraw consent at any time if processing is based on consent.
Right to Lodge a Complaint: Complain directly to a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you believe your rights have been violated.

Exercising Your Rights (EEA Residents):

To exercise your rights, please contact us at legal@truvanta.com.

c. Your Rights Under Nevada Law (For Nevada Residents)

Nevada residents may request that we do not sell certain personal information. While we do not sell personal information as defined by Nevada law, you can submit a request to opt-out by contacting us at legal@truvanta.com with the subject line "Nevada Privacy Rights". Please specify whether your request applies to currently collected information or any future collection of information.

d. Verification Process

We may need to verify your identity before processing your request to protect your privacy and security. This may include requesting additional information or documentation. We may use a third-party verification service to verify your identity. If we are unable to verify your identity, we may deny the request.

e. Limitations

Your rights may be subject to certain limitations under applicable laws. For example, we may retain certain information for legal compliance or legitimate business purposes.

8. International Data Transfers

Your personal information may be transferred to, stored, or processed in countries other than your country of residence, including the United States. We will only transfer personal data to countries outside the EEA, UK, or Switzerland if appropriate safeguards are in place, as required by applicable law. We ensure that appropriate safeguards are in place to protect your information consistent with this Privacy Policy and applicable data protection laws.

Mechanisms for Data Transfers:

Standard Contractual Clauses (SCCs): We use SCCs approved by relevant authorities to ensure adequate protection for personal data transferred outside the EEA, UK, or Switzerland. We will provide a copy of the SCCs upon request. Where necessary, we have also implemented supplementary measures to ensure an adequate level of protection for transferred data.
Adequacy Decisions: Transfers to countries recognized by the European Commission as providing an adequate level of data protection.
Supplementary Measures: Implement additional technical and organizational measures where necessary to ensure data protection.

If you would like more information about the safeguards we use for international data transfers, or the specific safeguards used for transfers to specific countries, please contact us at legal@truvanta.com.

By using our Services, you acknowledge and consent to the transfer of your personal information to countries outside of your country of residence.

9. Third-Party Links

Our Services may contain links to third-party websites or services. This Privacy Policy does not apply to those external sites. We encourage you to review the privacy policies of any third-party sites you visit, as we are not responsible for their content, privacy practices, or handling of personal information. We are also not responsible for the security practices or measures employed by these third parties.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. We will notify you of significant changes by:

Posting the updated Privacy Policy on this page with a new "Last Updated" date at the top of the Privacy Policy.
Providing a prominent notice within the Services or via email if the changes are material.

Your continued use of the Services after the notice period (which will be specified in the notice) constitutes your acceptance of the updated Privacy Policy.

11. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If you become aware that a minor has provided us with personal information, please contact us at legal@truvanta.com, and we will take steps to delete such information.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Truvanta Inc.
Email: legal@truvanta.com
Address: 30 N Gould St, #46211, Sheridan, WY 82801

13. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the State of Wyoming, USA, without regard to conflict of law principles.