Privacy Statement

This Safe Cloud 365 Privacy Statement (Privacy Statement) describes how Safe Cloud 365 International GmbH and its affiliates (together, Safe Cloud 365 or we) collect and process personal information from or about you and the choices you have about how Safe Cloud 365 processes your personal information.

We appreciate that you trust us with your information. Protecting your information is our top priority because we want to keep your trust.

We design our products and services with data protection in mind. We work hard to keep your information secure. We regularly monitor and update our security practices to help better protect your privacy.

Throughout this Privacy Statement, we use the following terms with the following meanings:

• Safe Cloud 365 Services means:
  • public portions of the websites owned and operated by or on behalf of Safe Cloud 365, which include Safe Cloud 365.com (https://www.safecloud365.com)(collectively, Sites)
• controller means the person or entity that determines why and how personal information are processed.
• Customer means managed service providers, distributors and other business customers or other legal or natural persons that or who subscribe to or order the Safe Cloud 365 Services.
• data subject means an identified or identifiable natural person to whom personal information relates, including a Consumer as defined in the Safe Cloud 365 U.S. State Privacy Rights Notice.
• personal information means information that identifies or can be used to identify an individual person. Personal information includes direct identifiers (such as name) and indirect identifiers (such as computer or mobile device ID and IP address).
• processing (and cognates such as processing) means any operation (or set of operations) performed on personal information, such as collecting, combining and storing.
• processor means the person or entity processing personal information on behalf of a controller.
• you or user means the natural person who accesses and uses the Safe Cloud 365 Services, including through a business contract.

How Safe Cloud 365 processes your personal information is subject to the laws in the places in which Safe Cloud 365 operates. Accordingly, Safe Cloud 365 may have different personal information processing practices in different places. Different Safe Cloud 365 entities may act as controller of your personal information. For more information, please see “Choices about Personal Information” below, which includes descriptions of privacy rights in certain key jurisdictions. For more information about Safe Cloud 365’ personal information processing practices in a particular jurisdiction, please contact us at [email protected].

Please read this Privacy Statement carefully. IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY STATEMENT, THEN PLEASE DO NOT PROVIDE YOUR PERSONAL INFORMATION TO Safe Cloud 365 AND PLEASE DO NOT USE THE SERVICES.

Please also see our U.S. State Privacy Rights Notice. Safe Cloud 365’ U.S. State Privacy Rights Notice describes certain privacy rights available under U.S. state privacy laws and how to exercise those privacy rights. The Safe Cloud 365 U.S. State Privacy Rights Notice serves as Safe Cloud 365’ Notice at Collection under the California Consumer Privacy Act.

This Privacy Statement does not apply to Safe Cloud 365’ current and former employees, independent contractors and job applicants. Please contact [email protected] for more information.

1. Where and When this Privacy Statement Applies

When this Privacy Statement applies depends on your relationship with Safe Cloud 365. The Privacy Statement applies:

• When Safe Cloud 365 asks you to acknowledge it. For example:
  • When you visit the Sites
  • When you download Safe Cloud 365 content
  • When you register for an event or webinar
  • When you create an account
• When Safe Cloud 365 collects data that includes personal information for service management purposes, such as to analyze, measure the effectiveness of and improve the Safe Cloud 365 Services, to identify and track and record customer support, to ensure the security and integrity of the Safe Cloud 365 Services and for billing and account management.
• When Safe Cloud 365 receives information about you from third parties, such as part of a corporate transaction (e.g., merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control by Safe Cloud 365 or any affiliate (in each case, whether in whole or in part); as part of a marketing activity (e.g., when we receive information on potential leads) and similar functions; or as part of other initiatives with business partners.
• When you engage with Safe Cloud 365 through social media. (Please contact data-protection-office@Safe Cloud 365.com if you have questions about whether this Privacy Statement applies to personal information connected with a social media platform.).

Safe Cloud 365’ processing of personal information also is described in our enterprise agreements (Customer Agreements) with managed service providers, distributors and other business customers (Business Customers). In Customer Agreements, except when Safe Cloud 365 processes personal information for service management purposes, Safe Cloud 365 acts as a processor. Certain data protection regulations, including GDPR, require controllers and their processors to put agreements into place with their processors and subprocessors that contain rules governing the processing of personal information. Safe Cloud 365 has prepared a standard Data Processing Agreement (DPA) for the parties with whom Safe Cloud 365 has an existing contract and whose data we store. If you are a business customer that would like to receive the Safe Cloud 365 Customer DPA, please contact your Partner account manager or Technical account manager or send a request to data-protection-office@Safe Cloud 365.com or reach to Safe Cloud 365 Customer Service and Support.

If a provision of a Customer Agreement conflicts or otherwise is inconsistent with a provision of this Privacy Statement, then the term of the Customer Agreement will prevail but only to the extent of the conflict or inconsistency.

If a particular part of the Safe Cloud 365 Services (such as the “Careers” portal) or another website or service links to a different privacy policy, then that privacy policy — not the Privacy Statement – applies only when they are inconsistent. (Please make sure to check those other privacy policies to learn how your personal information are processed.)

2. Controller of Personal Information

The controller for personal information collected pursuant to this Privacy Statement is Safe Cloud 365 International GmbH, Rheinweg 9, 8200 Schaffhausen, Switzerland, unless otherwise stated in a separate privacy notice or in a Customer Agreement.

Safe Cloud 365’ EU representative for data protection according to Art. 27 GDPR is Safe Cloud 365 International GmbH, Landsberger Straße 110, 80339 München, Germany, which can be contacted via [email protected].

3. International Transfers of Personal Information

Use of the Safe Cloud 365 Services sometimes involves transfers and processing of personal information to jurisdictions other than your place of habitual residence. These other jurisdictions may have data protection laws that are different and, in some cases, not as protective (Other Jurisdictions).

Specifically, Safe Cloud 365 may transfer personal information to or from any of the jurisdictions in which we do business. The suppliers and business partners with which we may share personal information (as described below) are located in and transfer personal information to different countries around the world. In some cases, we may allow access to your personal information to individuals outside of the jurisdiction in which we collected that personal information, such as when Safe Cloud 365 personnel or processors based in USA or India that access your personal information to provide customer support.

To protect personal information subject to a cross-border transfer, Safe Cloud 365 has implemented technical and administrative safeguards that protect personal information in accordance with this Privacy Statement and applicable data protection laws. These safeguards include implementing appropriate contracts, such as the European Commission’s Standard Contractual Clauses, the U.K.’s international data transfer agreement and other lawful cross-border transfer mechanisms for transfers of personal information among our affiliates, suppliers, business partners and customers. Please contact us at data-protection-office@Safe Cloud 365.com to request a copy of the safeguards applicable to transfers or your personal information.

In some cases, use of the Safe Cloud 365 Services may involve international transfers of personal information which Safe Cloud 365 does not control, for example, when you enable a third-party integration with our Safe Cloud 365 Services. In such cases, you are responsible for evaluating and confirming the legality of the cross-border transfers.

4. Changes to this Privacy Statement

We may amend this Privacy Statement to reflect new features of the Safe Cloud 365 Services and other business changes and for compliance with applicable laws. When Safe Cloud 365 updates this Privacy Statement, Safe Cloud 365 will post the updated version and change the Effective Date above. Safe Cloud 365 also will take appropriate measures to inform you in advance of changes that we believe reduce your privacy rights so that you have an opportunity to review the revised Privacy Statement before it applies to your personal information. If your consent is required by applicable data protection laws, Safe Cloud 365 will obtain your consent to changes before the revised Privacy Statement applies to your personal information. Otherwise, your continued use of the Safe Cloud 365 Services after the Effective Date constitutes acceptance of the amended Privacy Statement. As of the Effective Date, the then-current Privacy Statement supersedes all previous versions.

5. Personal Information that Safe Cloud 365 Processes and Why

Safe Cloud 365 processes personal information to provide the Safe Cloud 365 Services and for service management purposes relating to Safe Cloud 365’ operation of the Safe Cloud 365 Services. The specific type of personal information that Safe Cloud 365 collects from or about you depends on how you interact with Safe Cloud 365, the Safe Cloud 365 Services used and the applicable law. 

The use of some of our Safe Cloud 365 Services and features may be related to additional privacy considerations or obligations – e.g., collecting and monitoring data via data loss prevention (DLP) functionality. You are responsible for evaluating the applicable regulations and requirements and for ensuring you use the Service in a compliant way, including obtaining necessary consents from or providing notices to data subjects.

a. Information you voluntary give Safe Cloud 365

We process the personal information you choose to share with us. The personal information that you choose to give to us typically includes the following:

Personal information that Safe Cloud 365 Collects directly from You	Why Safe Cloud 365 Collects this Personal information
Contact and account informationName, email address or other username, password, telephone number, postal address and similar contact information (incl. business card details) and other information that you choose to share.	To set up and maintain accounts and create user profilesTo provide Safe Cloud 365 Services to non-registered / guest users, e.g., uploading files to Safe Cloud 365 Cyber Files or if you are using Safe Cloud 365 Files Sync and Share and Notary service, Safe Cloud 365 also may receive your passport details by a qualified trust service provider.To match users with Customer accounts and to customize users’ experience of the Safe Cloud 365 Services (in accordance with applicable data protection laws)To attend one of Safe Cloud 365’ webinars, marketing, training, sports and other eventsTo allow you to download content or attend an eventTo communicate with you and request feedback about the Safe Cloud 365 ServicesTo provide information that you request, such as when you download resources, participate in an event or sign up to receive emails from Safe Cloud 365To promote the Safe Cloud 365 Services, such as through targeted advertising (in accordance with applicable data protection laws).To send information that we think will interest you, which is sometimes personalized based on the information associated with your account (in accordance with applicable data protection laws).To provide training, education and awareness raising activitiesTo enable and communicate on Environmental, social and governance (ESG) initiatives and activitiesTo monitor and enforce compliance with Safe Cloud 365’ legal agreementsTo learn how users interact with our Safe Cloud 365 Services so that we can improve them and develop new featuresFor research and innovation, including to do algorithmic data matching to segment and profile users (in accordance with applicable data protection laws).
Ordering and purchase related informationBilling and delivery address, payment information and similar information necessary to complete a purchase.	To complete a purchase.(Safe Cloud 365 does not collect complete payment card information; payment card information is collected and processed by a third-party payment card processor.)
Information collected in surveys or focus groups	To learn how users interact with the Safe Cloud 365 Services so that Safe Cloud 365 can improve them and develop new featuresTo give Safe Cloud 365 insight and feedback into the Safe Cloud 365 Services and Safe Cloud 365’ other initiatives
Information given during interactions with the customer service team, such as email address, customer name and Service used	For customer support and to troubleshoot problemsTo learn how users interact with the Safe Cloud 365 Services so that Safe Cloud 365 can improve them and develop new features(Sometimes, Safe Cloud 365 monitors or records these interactions for training purposes and for quality assurance. If Safe Cloud 365 records the interaction, Safe Cloud 365 will provide a notice and obtain consent as required by applicable law.)

b. Information automatically collected by the Safe Cloud 365 Services

Safe Cloud 365 automatically collects information about how the Safe Cloud 365 Services are used, the computer or mobile device used to access the Safe Cloud 365 Services and other information automatically generated while Safe Cloud 365 is providing the Safe Cloud 365 Services. This information is collected in order to deliver the Safe Cloud 365 Services, to analyze, measure the effectiveness of and improve the Safe Cloud 365 Services, to identify and track and record support, to ensure the security and integrity of the Safe Cloud 365 Services, to diagnose and fix technology problems, for billing and account management, for research and innovation and similar business purposes in accordance with applicable data protection laws.

Some of this information is personal information under certain data protection laws. Safe Cloud 365 may link automatically-collected information with other personal information that Safe Cloud 365 handles.

Category of Personal Data that Safe Cloud 365 Automatically Collects	Types of Personal information that Safe Cloud 365 automatically collects
Safe Cloud 365 Services usage information	How a computer or device interacts with the Safe Cloud 365 Services, including the date and time the Safe Cloud 365 Services are accessed, search requests and results, mouse clicks and movementsDate/time stamps associated with installations, updates and integrationsHow often the Safe Cloud 365 Services are used and in which circumstances and similar performance metricsFeatures used and the results of their operations and disabled features, such as specific webpages accessed and links clicked
Service operational information	Some of data collected depends on the specific feature you use in our Safe Cloud 365 Services, e.g., we collect:Information about software installed on a computer or device, such as version and manufacturer information as part of providing vulnerability assessments and patch management functionalityNames of potentially-malicious files together with their hashes and full paths and blocked website URLs collected to provide antivirus and URL filtering functionality offered through certain of the Safe Cloud 365 ServicesEmail contents if identified as malicious as part of Safe Cloud 365’ email security servicesInformation about errors and the activity that preceded or caused the errorsSystems and user’s activity logs with the respective date and content to provide you Safe Cloud 365 Services, such as endpoint detection and response (EDR) and DLP functionality.Information required to establish connection with the third-party integrations you have chosen to use and information required to operate such integrations
Device informationSafe Cloud 365 automatically collects information from and about the computers and other devices used to access the Safe Cloud 365 Services.	Hardware and software informationBrowser typeOperating system version, device-specific settings and operating system settings, characteristics and configurationDevice or component ID, type and architectureInformation about ISP, wireless or mobile network connection, such as signal strengthIP address and broad geographic device location (e.g., country or city-level location)Data obtained from locally-installed software or endpointsIdentifiers associated with cookies or other technologies that may uniquely identify your device or browser
Activity and audit logsSafe Cloud 365’ servers automatically collect and store data in logs. Some logs include metadata which may contain personal information, such as names of files and folders if the names are personal information.	Search queries and Internet Protocol (IP) addressBrowser type and languageTime zones, date and time of request and referral URLCertain necessary cookies that may identify a browser or account
Information collected through cookies, pixel, web beacons and other similar technologies. (Where required by applicable laws and regulations, we will provide you additional information (notice) and/or ask for your consent for such processing.)	Traffic and usage measurements, such as to monitor the traffic patterns from one webpage to another and to understand whether users visit the Safe Cloud 365 Services after seeing an online advertisement displayed on a third-party websiteData about the third-party sites or services accessed before interacting with the Safe Cloud 365 Services, which is used to make advertising more relevant for usersInteractions with our marketing communications, such as whether and when an Safe Cloud 365 email is opened to help Safe Cloud 365 measure the success of our email marketing campaign

Safe Cloud 365 automatically collects some information using cookies, pixel, web beacons and similar technology tools (collectively, data collection technology). Please see Safe Cloud 365’ Cookie Notice for more information.

The Safe Cloud 365 Services uses Google Analytics and Enhanced Conversions, which are provided by Google.

Google Analytics: Google Analytics offers a suite of tools that help Safe Cloud 365 collect and analyze data related to use and performance of certain Safe Cloud 365 Services so that Safe Cloud 365 better understands users’ behavior and interactions with the Safe Cloud 365 Services. Safe Cloud 365 uses this information to help improve Safe Cloud 365’ marketing campaigns and targeted advertising (which Google sometimes refers to as ‘remarketing’). Safe Cloud 365 uses both Universal Analytics properties and Google Analytics 4. For more details on the differences between Universal Analytics and Google Analytics 4, please visit https://support.google.com/google-ads/answer/13881440?hl=en&ref_topic=3121765&sjid=17792924726686772507-EU

Google Tag Manager allows Safe Cloud 365 to deploy technologies like “conversion” pixels that record certain user actions (or “events”), such as “Whitepaper Downloaded” or “Product Purchased” based on the webpage visited or button clicked.

Targeted ad campaign tracking data are URL parameters added to a web address that include the campaign name, source, medium and a coded description of the type of ad that was run. Conversion events are recorded when a click is made or a page viewed, e.g., if a user from a Google Search ad clicks to a landing page and makes a purchase, Google Tag Manager, Google Analytics and the Google conversion pixel work together to show in Google Analytics that a campaign click resulted in a purchase. Safe Cloud 365 uses Google’s IP anonymization.

On behalf of Safe Cloud 365, Google will use this information in Google Analytics to compile reports for Safe Cloud 365 and third parties that help operate and provide the Safe Cloud 365 Services.

Safe Cloud 365 does apply Google Consent Mode, Advanced tier. Consent mode communicates users’ cookie or app identifier consent status to Google. Tags adjust their behavior and respect users’ choices. For more information on Google Consent mode, please visit Google’s dedicated page: https://support.google.com/google-ads/answer/10000067?hl=en

Enhanced Conversions: Enhanced conversions is a feature used by Safe Cloud 365 to improve the accuracy of our conversion measurements for enabling sales and marketing activities. It supplements existing conversion tags by sending hashed first-party conversion data from our websites to Google in a privacy safe way. Safe Cloud 365 is capturing conversion data from our website – e.g., email, hash it, and send it to Google in a hashed form, so that we receive enhanced conversion insights. The feature uses a secure one-way hashing algorithm called SHA256.

For more information on enhanced conversions, please visit https://support.google.com/google-ads/answer/9888656?hl=en

Certain Safe Cloud 365 Services also may embed videos from YouTube (a Google company) by framing. This means that, after you click the button to play a YouTube video through the Safe Cloud 365 Services, a connection between the Safe Cloud 365 Services and the YouTube servers is established. Then, an HTML link provided by YouTube is inserted into the code of the Safe Cloud 365 Services to create a playback frame. The video stored on the YouTube servers is then played by the frame in the Safe Cloud 365 Services. YouTube also receives information that informs YouTube that you are currently using the Safe Cloud 365 Services: your IP address, browser information, the operating system and settings of the device you are using, the URL of the current web page, previously-visited web pages if you have followed a link, and the videos you watched. If you are logged into your YouTube account, the information may be associated with your YouTube user profile. You can prevent this association by logging out of your YouTube account before using the Safe Cloud 365 Services and deleting the corresponding cookies.

For more information about how Google collects, uses and shares your information, please visit https://www.google.com/policies/privacy/partners/ or Google’s Privacy Policy: https://policies.google.com/privacy.

For more information about how Google uses cookies in advertising, please visit Google’s Advertising (https://policies.google.com/technologies/ads) page.

To prevent Google Analytics from using your data, you can install Google’s opt-out browser add-on (https://tools.google.com/dlpage/gaoptout).

To opt out of ads on Google that are targeted to your interests, use your Google Ads settings (https://adssettings.google.com/).

If you are located in the EEA, Switzerland or UK, please note in particular that, if you allow Google’s cookies in the Safe Cloud 365 Privacy Preference Center, the information generated by those cookies about use of the Safe Cloud 365 Services is transmitted to and stored by Google on servers in the United States.

To learn more about personal information transfers by Google from the EU/UK to the U.S., please review Google’s Data Privacy Framework Certification.

c. Safe Cloud 365 Customer Experience Programs

Safe Cloud 365 collects certain personal information as part of the Safe Cloud 365 customer experience programs. The information collected through the Safe Cloud 365 customer experience programs helps Safe Cloud 365 provide more specific feedback and guidance about the Safe Cloud 365 Services and features operation and better analyze and improve the Safe Cloud 365 Services. Depending in the Safe Cloud 365 Services that you access and use, Safe Cloud 365 will ask for your consent. If you access and use the Safe Cloud 365 Services through a Customer Agreement, please contact the Customer for details.

For example, when we create a feature for our products, we track its usage, so that we understand if it is actually used and whether it works correctly. Another example is tracking how a new feature affects the product stability and the protected workload itself.

d. Voice data

Some of our Safe Cloud 365 Services offer voice control options. If you use voice control options, the Safe Cloud 365 Services allow you to request permission to activate a Google Chrome browser extension (see https://chrome.google.com/webstore/category/extensions for more information). This extension captures voice data using your device microphone and transfers the voice data to Google for processing. Safe Cloud 365 receives only a text version of voice commands, not voice data. Safe Cloud 365 uses the voice commands text for command execution. Since your voice data are processed by Google, how Google processes your voice data depends on your Google account settings and preferences. To learn more about how Google processes your voice data, please carefully read the Google’s Privacy Policy & Terms currently available at https://policies.google.com/privacy.

e. Information collected from third parties

We receive information about you from resellers, distributors and other business partners. We also receive information about you from the third parties that help us operate the Safe Cloud 365 Services, such as for fraud detection, digital forensics, marketing services (such as when we acquire information on potential leads) and similar functions. When you allow it, Safe Cloud 365 also may receive information associated with your use of one of the Mobile Apps.

We may receive information from third parties who provide integrations with Safe Cloud 365 Services you choose to use. In such cases, we process the data as assumed by the integration.

Safe Cloud 365 may link personal information that we hold with personal information that we receive from third parties and with personal information available in public databases.

f. Other information with your consent

We also collect personal information when you give us consent at the time of collection for the purposes disclosed, such as if you decide to enable the in-product onboarding and interactive help feature.

Safe Cloud 365 does not need sensitive personal information to provide the Safe Cloud 365 Services. Safe Cloud 365 does not wish to receive sensitive personal information, such as precise geolocation; racial or ethnic origin; religious or philosophical beliefs, trade union membership, biometric or genetic data used to identify an individual data concerning health, sex life or sexual orientation and similar information considered sensitive or especially private. Unless Safe Cloud 365 specifically requests it, please do not submit sensitive personal information to or though the Safe Cloud 365 Services. If you choose to provide Safe Cloud 365 with unsolicited sensitive personal information, you Safe Cloud 365 will process it only as necessary to establish, exercise or defend legal claims. In the rare circumstances in which Safe Cloud 365 does seek to collect sensitive personal information, Safe Cloud 365 will do so in accordance with data protection laws. To the maximum extent permitted by law, you release Safe Cloud 365 and hold Safe Cloud 365 harmless from claims arising from or related to your unsolicited sensitive personal information.

Note: Safe Cloud 365 may process sensitive personal information, if provided by our Customers, who are using Safe Cloud 365 products (e.g., as part of their backups in content data). Safe Cloud 365 is not processing that sensitive personal information as a controller but as a processor subject to the respective Customer Agreements.

6. Data Collection Technology

Cookies are small text files that are sent to or accessed from your web browser or your computer’s hard drive. To learn more about cookies and other data collection technologies, visit www.allaboutcookies.org or Safe Cloud 365’ Cookie Notice. The Cookie Notice contains detailed description of the specific cookies and other data collection technology used in the Safe Cloud 365 Services, including their purpose and expiration period, are described.

Do Not Track Signals
Some web browsers (including Safari, Internet Explorer, Firefox, and Chrome) incorporate a “Do Not Track” (DNT) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain personal information about the browser’s user. Not all browsers offer a DNT option, and DNT signals are not yet uniform. For this reason, many website operators, including Safe Cloud 365, do not respond to DNT signals universally or if not required by law.

Safe Cloud 365 relies on third-party providers for obtaining geo-IP location information about its users.

If at any time you believe that Safe Cloud 365 has not adhered to its specific privacy obligations, please contact us at [email protected]. We will use good faith efforts to determine and correct the problem.

7. How Safe Cloud 365 Processes Personal Information

How Safe Cloud 365 processes personal information depends on your relationship with Safe Cloud 365 and the nature of the Safe Cloud 365 Services you use. Personal information is processed for the following purposes:

• To verify identity and eligibility and set up user accounts
• To provide and operate the Safe Cloud 365 Services, such as personalizing and improving user experience; notifying users about updates and new versions, including via digital adoption platforms; completing transactions; providing training and customer service, and responding to issues and inquiries
• To analyze, improve and upgrade the functionality of the Safe Cloud 365 Services and develop new features, including users’ preferences analysis through Safe Cloud 365 customer experience programs and other quality assurance programs
• For data analytics, research and product development and that enable us to better understand our users and offer innovations for them
• To create anonymized or pseudonymized data, that are used as permitted by contract and law
• To provide access to online or offline events, content and blogs, forums and similar online and interactive experiences
• To promote Safe Cloud 365’ products and services, including through targeted advertising (also sometimes referred to as personalized or interest-based advertising) based on information generated by a user’s online activity, such as visiting websites that contain our advertising partners’ ads or cookies, some of which are based on geo-location or based on business card details, explicitly provided to Safe Cloud 365
• To manage our contractual relationships and review compliance with applicable agreements and policies
• To ensure the security and integrity of the Safe Cloud 365 Services and protect them from unauthorized use
• For detection and prevention against fraud, abusive and unauthorized use of the Safe Cloud 365 Services
• To protect our rights and property
• For risk management and compliance with laws applicable to Safe Cloud 365
• For education and awareness raising activities.

8. How and Why Safe Cloud 365 Shares Personal Information

Safe Cloud 365 shares personal information, subject to this Privacy Statement for various operational and legal purposes depending on the Safe Cloud 365 Services used and context. This includes the following categories of recipients:

• With Safe Cloud 365 affiliates: Safe Cloud 365 shares personal information with its affiliates that process personal information for purposes consistent with this Privacy Statement or notified at the time of collection. For example, Safe Cloud 365 may share contact information of event attendees with our affiliates to maintain accurate marketing data. Access to personal information is restricted and granted on a need-to-know basis. Sharing of personal information is subject to the appropriate intracompany arrangements, policies and security safeguards.
• With suppliers: Safe Cloud 365 shares information with suppliers to enable them to perform services for Safe Cloud 365, such as customer service, data analytics, business intelligence, digital adoption, ML, AI and marketing services that from time to time supplement personal information that we already have, ecommerce operations, surveys and research and security testing. Safe Cloud 365 requires that any supplier with which we share personal information agrees to safeguard it.
• With resellers, distributors and channel partners: We share personal information with our resellers and other third parties that promote, resell, distribute and/or white-label the Safe Cloud 365 Services and receive personal information in connection with doing so.
• With professional advisors: We share personal information with lawyers, accountants, insurers and other professional advisers as needed for them to provide their advice.
• As part of a corporate transaction: We may share and transfer personal information if we are involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control by Safe Cloud 365 or any affiliate (in each case, whether in whole or in part). We will use our best efforts to ensure that the terms of this Privacy Statement apply to personal information after the transaction or that our customers receive advance notice of changes to personal information processing.
• When required by law: In certain circumstances, personal information may be subject to disclosure to government agencies in accordance with judicial proceedings, court orders or legal processes. Safe Cloud 365 reserves the right to disclose personal information to any competent government authority when we believe disclosure is necessary, such as when Safe Cloud 365 suspects that data contain prohibited content or are used for illegal purposes. When reasonably possible, Safe Cloud 365 will provide notice of any required or requested disclosure and reasonably cooperate to limit such disclosure to the extent allowed by law.
• To protect legal rights: We also share information (i) as necessary to protect legal rights of Safe Cloud 365, users, Business Customers, suppliers, business partners or other interested parties; (ii) if disclosure would mitigate Safe Cloud 365’ liability in an actual or threatened lawsuit; (iii) to pursue available remedies or limit damages; (iv) to enforce our agreements; and (v) to respond to an emergency.
• Other third parties with your permission, including third parties you decided to use through integrations with our Safe Cloud 365 Services.

Safe Cloud 365 may aggregate information collected through the Safe Cloud 365 Services and remove identifiers so that the information no longer identifies or can be used to directly identify an individual, household or device (Aggregated Information). Safe Cloud 365 may share Aggregated Information with third parties that agree in writing not to re-identify the Aggregated Information.

9. Legal Basis for Processing Personal Information

In some jurisdictions, processing of personal information requires a legal basis. The legal bases on which Safe Cloud 365 relies for its lawful processing of personal information vary depending on the context in which the personal information is processed, the purpose for the processing and applicable law.

The different legal bases on which Safe Cloud 365 relies are:

• Performance of the contract between Safe Cloud 365 and a user or Customer. We rely on this legal basis to process contact and payment details, to permit access to the Safe Cloud 365 Services, to provide customer support, to manage a Customer Agreement; to perform our obligations or exercise our rights or to manage our contractual relationship with you.
• Processing is in our legitimate business interests. We also process personal information when the processing is in the legitimate interests of Safe Cloud 365 or a third party and not overridden by privacy or other fundamental rights and freedoms. Legitimate interests include conducting and organizing our business operation, such as marketing of the Safe Cloud 365 Services (if permitted by applicable laws) and other Safe Cloud 365 products, protecting Safe Cloud 365’ legal interests, securing Safe Cloud 365’ IT platform or addressing the requirements of Customers and users. For example, we may process personal information to understand your use of the Sites and to improve them; to authorize and manages access to certain Safe Cloud 365 Services; to respond to queries; to combine contact information together with information about an event you attended or content you accessed to enhance our marketing and business intelligence; to customize our interactions with you; to promote the Safe Cloud 365 Services and other Safe Cloud 365 products; and to operate, maintain and secure the Safe Cloud 365 Services for users and Customers. We also may have other legitimate interests and, if appropriate, we will make them clear at the relevant time.
• Processing based on consent. We may ask for consent to process personal information for certain reasons, such as for direct marketing. You may withdraw your consent at any time by contacting us at [email protected] or by navigating through the particular Settings menu, e.g., by clicking our “Unsubscribe” link at the bottom of promotional emails. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.
• Processing for a legal obligation. In some cases, Safe Cloud 365 processes personal information based on a legal obligation. For example, Safe Cloud 365 must process personal information to comply with a court order or subpoena or applicable anti-money laundering laws may require Safe Cloud 365 or its agent to collect and report certain information. Safe Cloud 365 will notify you when providing your personal information is mandatory and inform you on the possible consequences if you do not provide your personal information.

If you have questions about or need further information concerning the legal basis for Safe Cloud 365’ processing of personal information, please contact [email protected].

10. Choices about Personal Information

You can make choices about Safe Cloud 365’ processing of your personal information. You can exercise your privacy rights by contacting Safe Cloud 365 as described in this section or using various tools that Safe Cloud 365 makes available. In some cases, your ability to access or control your personal information is limited by applicable law.

Mobile Device Preferences
Mobile operating systems and app platforms (e.g., Google Play, App Store) have permission settings for specific types of mobile device data and notifications, such as for geo-location services and push notifications. Your settings in your mobile device’s operating system allow you consent to or deny certain information collection and/or push notifications. Certain Mobile Apps also may have settings that allow you to change permissions and push notification settings.

You can stop all information collection from a Mobile App by uninstalling it. If you uninstall the Mobile App, please also consider checking your operating system’s settings to confirm that the unique identifier and other activity associated with your use of the Mobile App is deleted from your mobile device.

Supplementary term of data processing in the Safe Cloud 365 Services
In some of our Safe Cloud 365 Services, we provide you with a choice about certain data processing, such as for our use of cookies.

Opting out of Marketing Emails and Text Messages
To stop receiving promotional emails from Safe Cloud 365, please click the “Unsubscribe” link at the bottom of the email. After you opt out, Safe Cloud 365 may send you non-promotional communications, such as receipts for purchases or administrative information about your account.

To stop receiving promotional text messages (SMS or MMS), please send a text message back to Safe Cloud 365 indicating that you wish to stop receiving promotional text messages from us.

FOLLOWING IS INFORMATION ABOUT PRIVACY RIGHTS AND CHOICES FOR SPECIFIC JURISDICTIONS. WE ENCOURAGE YOU TO REVIEW THE RELEVANT SECTIONS.

IF YOU ARE LOCATED IN A JURISDICTION WITH DATA PROTECTION LAWS THAT OFFER YOU PRIVACY RIGHTS NOT DESCRIBED IN THIS PRIVACY STATEMENT, PLEASE CONTACT US AT [email protected]. We respect your privacy rights and will do our best to accommodate your requests.

If you are located in Argentina

To the extent provided under the privacy laws applicable to you, you have the following rights with respect to your personal information:

• Right to Information about Processing
• Right of Access
• Right to Correct your Personal Information
• Right to Erasure or Deletion of your Personal Information

You can exercise your privacy rights by submitting your request via email to [email protected]

In your request, please make clear the personal information to which your request relates. Please also attach a copy of your National Identity Document. For your protection, we may verify your identity and geographic residency before fulfilling your request. Legal Representatives must attach the documentation that proves the validity of the legal representation. We will comply with your request as soon as reasonably practicable.

The controller of your personal information is: Safe Cloud 365 International GmbH

If you are located in Brazil

To the extent provided under the privacy laws applicable to you, you have the following rights with respect to your personal information:

• Information about Processing of your Personal Information
• Confirmation of Processing of your Personal Information
• Access to your Personal Information
• Correction of your Personal Information
• Deletion of your Personal Information
• Portability of your Personal Information
• Object to Processing of your Personal Information
• Restriction of Processing of your Personal Information

You can exercise your privacy rights by submitting your request via email to [email protected]

In your request, please make clear the personal information to which your request relates. For your protection, we may verify your identity and geographic residency before fulfilling your request. We will comply with your request as soon as reasonably practicable.

The controller of your personal information is: Safe Cloud 365 International GmbH

You may contact our Data Protection Officer at [email protected].

If you are located in EEA, Switzerland or UK

Your data protection rights: For personal information for which we are the data controller, please contact our Data Protection Officer at [email protected] to submit a request about your personal information. We may not allow you to review certain data for legal, security or other reasons.

Specifically:

• You have the right to access personal information that Safe Cloud 365 holds about you. If you would like to access the personal information that Safe Cloud 365 maintains about you, please contact Safe Cloud 365 at [email protected]. If you are a registered user, you can review certain personal information that you provided to Safe Cloud 365 by logging in to your account. If you are not a registered user, Safe Cloud 365 may take reasonable steps to verify your identity before providing access to personal information.
• You have the right to receive a copy of your personal information: If you would like to receive an electronic copy of your personal information for purposes of transmitting it to another company, please contact us at [email protected]. If you are a registered user, you can download certain personal information that you provided to Safe Cloud 365 by logging in to your account. If you are not a registered user, Safe Cloud 365 may take reasonable steps to verify your identity before providing your personal information to you.
• You have the right to correct or delete personal information, to restrict or object to some of our processing of your personal information. The easiest way to correct or delete certain account-related personal information that you have provided to the Safe Cloud 365 Services is to log in to your account and enter the necessary changes in your profile settings. Otherwise, please contact Safe Cloud 365 at [email protected].
• You have the right to data portability. This means you have the right to receive your personal information in a structured, commonly used and machine-readable format and have it transmitted to another controller provided that the processing is based on your respective consent or to execute a contractual relationship or a relationship prior to entering into contract with you.
• You have the right to withdraw previously given consent for processing of your personal information for that specific purpose. You may withdraw your consent at any time by contacting us at [email protected] or by navigating through the Settings menu. Withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal.

Safe Cloud 365 does not carry out automated decision-making or profiling that significantly affects the legal rights of data subjects.

In your request, please make clear what personal information you would like to have changed or to what processing you object, whether you would like to have your personal information deleted or what other limitations you would like to put on Safe Cloud 365’ use of your personal information. We will respond your request as soon as reasonably practicable and in accordance with data protection regulations.

We may reject some requests, including if the request is unlawful, duplicative or if it may infringe on privacy rights of a third party.

Please note that we often need to retain certain data for recordkeeping purposes and/or to complete any transaction that you began prior to requesting a change or deletion (e.g., when you make a purchase, you may not be able to change or delete the personal information provided until after the completion of such purchase). Our databases and other records may have residual data which will not be removed. If you have additional questions regarding the correction or deletion of the personal information we hold about you, please contact us at [email protected].

If the Safe Cloud 365 Services are made available to you by a Business Customer pursuant to a Customer Agreement, your eligibility to receive incentives and rewards, if any are offered, may be adversely affected by your election to remove personal information about you. Please contact the Business Customer for further information.

Accountability: you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how we process your personal information. To exercise such right and lodge a complaint, you can contact the supervisory authority competent for your place of residence or the one competent for our place of business. Please see https://edpb.europa.eu/about-edpb/board/members_en.

If you are a resident of the United Kingdom, please note that Safe Cloud 365 is registered at the Information Commissioner’s Office (ICO) (https://ico.org.uk/ESDWebPages/Search). You have the right to lodge a complaint to ICO. For more details, please see https://ico.org.uk/make-a-complaint/.

If you are located in Japan

Safe Cloud 365 shares personal information collected from or about residents of Japan or otherwise subject to the privacy laws of Japan under the following terms:

• All personal information described in this Privacy Statement is used jointly (within the meaning of the privacy laws of Japan)
• Safe Cloud 365 International GmbH is responsible for the management of personal information under this Privacy Statement

If you are located in Singapore

Applicable law may give you the following rights with respect to your personal information:

• Information about Processing of your Personal Information, including the right to notification of a data breach that results or is likely to result in significant harm to you
• Access to your Personal Information
• Correction of your Personal Information
• Deletion of your Personal Information
• Portability of your Personal Information
• Right to withdraw your consent to Processing of your Personal Information
• Restriction of Processing of your Personal Information

The controller of your personal information is: Safe Cloud 365 Asia Pte. Ltd., 8 Temasek Boulevard, Suntec Tower 3, #30-01, Singapore 038988

You may contact our Data Protection Officer at [email protected].

If you believe that Safe Cloud 365’s processing of your personal information violates applicable law, you have the right to lodge a complaint with:
Personal Data Protection Commission Singapore
Address: 10 Pasir Panjang Road, #03-01 Mapletree Business City Singapore 117438
Website: https://www.pdpc.gov.sg/

If you are located in the U.S.

Please also see our U.S. State Privacy Rights Notice, which applies to “Consumers” (as defined in that notice). Safe Cloud 365’ U.S. State Privacy Rights Notice describes certain privacy rights available under U.S. state privacy laws and how to exercise those privacy rights.

If you are located in any Other Jurisdiction

Safe Cloud 365 will honor your legal right to review, correct, update or modify personal information you have previously provided or any other privacy right provided under applicable law. To exercise the rights available to you, please contact [email protected]. In your request, please make clear what personal information you would like to have changed, whether you would like to have your personal information suppressed from our database or other limitations you would like to put on our use of your personal information. For your protection, we may need to verify your identity and geographic residency before fulfilling your request. We will comply with your request as soon as reasonably possible and within the time periods required by applicable law. If Safe Cloud 365 has valid reasons not to honor your request, we will provide you with a written explanation.

If at any time you believe that Safe Cloud 365 has not adhered to this Privacy Statement, please contact us at [email protected]. We will use good faith efforts to determine and correct the problem.

11. Links to other Websites

Except as specifically described in this Privacy Statement, personal information collected by a third-party website or service that you access through the Safe Cloud 365 Services is not governed by this Privacy Statement. Those third-party websites and services post and follow their own privacy policies, not this Privacy Statement.

The Safe Cloud 365 Services may include links to third-party websites and services that are not operated by us. When you click these links, you will be directed away from the Safe Cloud 365 Services. A link to a third-party website or service does not mean that we endorse it or the quality or accuracy of information presented on it. If you decide to visit a third-party website or service, you are subject to its privacy practices and policies, not ours. This Privacy Statement does not apply to any personal information that you provide to these other websites and services.

12. Protection and Retention of Personal Information

We take precautions intended to help protect personal information that we process. We use a variety of measures to protect personal information from unauthorized access and use. Our safeguards are designed to provide a level of security appropriate to the risk of processing your personal information and include (as applicable) measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and a procedure for regularly testing, assessing, and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing of personal information.

Safe Cloud 365 also expects that Customers and users will use appropriate security measures to protect information. Safe Cloud 365 may suspend your use of all or part of the Safe Cloud 365 Services without notice if we suspect or detect any breach of security. If you believe that information you provided to us is no longer secure, please notify us immediately at [email protected]. If we become aware of an incident that affects the security of your personal information, we will provide you with notice as required by applicable law. When permitted by applicable law, Safe Cloud 365 will provide this notice to you through the email address associated with your account.

We retain personal information only as long as we need it for legitimate business purposes and as permitted by applicable law. In practice, this means that we delete or anonymize personal information in your account to which we have access within the thirty (30) days from your explicit request or not later than after three (3) years of continuous inactivity unless we must keep your data (or part of it) to comply with applicable law or because an issue, claim or dispute is not yet resolved. We can keep certain data, if we can’t prove inactivity, like for accounts with registered perpetual licenses which don’t require interaction with our Cloud Safe Cloud 365 Services.
After you delete your account, Safe Cloud 365 may still keep certain information about you – if required by applicable law or if we have another lawful basis to do so, such as if you provide us consent.

13. Children’s Privacy

The Safe Cloud 365 Services are not directed to or intended for use by minors. If we learn that we received personal information directly from a minor under age 16, we will use that personal information only to inform the minor that he/she/they cannot use the Safe Cloud 365 Services.

14. Google Workspace terms and conditions*

Safe Cloud 365 utilizes certain Google APIs to provide backup and recovery services for your data in the following Google Workspace products: Gmail, Google Contacts, Google Calendar, Google Drive, Google Team Drives (collectively, “Google User Data”). In order to provide such backup and recovery Safe Cloud 365 Services to you, Safe Cloud 365 requires read-only access to the lists of users and Team Drives in your G Suite organizational structure as well as reading and writing access to all other Google User Data.

Safe Cloud 365 stores the Google User Data in data centers operated by Safe Cloud 365 or Safe Cloud 365’s data center providers.

Safe Cloud 365 does not share the Google User Data with third parties without appropriate consent except as follows:

• For Corporate Transactions: We may share and transfer Google User Data if we are involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control by Safe Cloud 365 or any affiliated company (in each case, whether in whole or in part);
• When Required by Law: Safe Cloud 365 or Safe Cloud 365’s affiliates may use servers and other equipment to provide the Safe Cloud 365 Services that are located in countries where litigants, law enforcement, courts, and other agencies of the government may have the right to access Google User Data stored within their jurisdictions upon terms and conditions provided by local law. Safe Cloud 365 may also provide access to your Google User Data to government authorities if Safe Cloud 365 suspects or believes that the Google User Data contains child pornography or other prohibited content or data or that the Google User Data is being used for illegal purposes. Safe Cloud 365 reserves the right, consistent with data privacy and other user data protection requirements applicable to the jurisdiction where Google User Data is stored, and if mandated by applicable law, regulation, legal process, or governmental order, to disclose Google User Data, but only to the extent required to satisfy those laws, regulations or orders. Unless prohibited by law or other order, Safe Cloud 365 will provide you with reasonable notice of any such required or requested disclosure and reasonably cooperate to limit such disclosure to the extent allowed by law.
• Other Lawful Disclosures: We also share Google User Data (i) if disclosure would mitigate Safe Cloud 365’ liability in an actual or threatened lawsuit; (ii) as necessary to protect legal rights of Safe Cloud 365, users, Business Customers, vendors, business partners or other interested parties; (iii) to pursue available remedies or limit the damages; (iv) to enforce our agreements; and (v) to respond to an emergency.

15. How to Contact Safe Cloud 365

If you have questions about this Privacy Statement, please contact us [email protected]