Search
Login 800.380.7652 +1.408.717.4955 Blog Blog

Privacy Policy

Revision 4.0 (5/24/2018)

At Pandesa Corporation, doing business as ShareVault ("ShareVault"), we strive to protect the privacy of your information. This privacy statement covers the information management practices of ShareVault controlled public web sites or permission-based services that link to this privacy statement. These include the following websites:

https://www.sharevault.com

https://www.sharevault.net

ShareVault provides a link to this privacy statement on all pages requesting personal information.



Information: What We Collect and How it is Used

When a web site visitor or customer expresses interest in obtaining additional information about ShareVault's services or registers to use a ShareVault service, ShareVault may require the party to provide contact information, such as name, company name, address, phone number, and email address. When a party purchases a ShareVault service, ShareVault may require billing information, such as organization billing name, billing address, phone number, and credit card number. When a party utilizes a service or requests customer support for a service, ShareVault may request information such as name, company name, email address, and phone number. With the exception of credit card information, the information provided is generally stored electronically in secure ShareVault databases.

ShareVault's permission-based services are designed to facilitate repeat use by participants involved in multiple business transactions relying upon the services. Key to the security of these services and the business data contained therein, verification of user’s virtual identity is fundamental to using this service. Participants must provide profile information (name, title, company name, email address, and phone number) in order to utilize and secure the services.

In addition to the profile information collected as described above, ShareVault also collects anonymous information about the use of our public web site, including but not limited to a visitor's IP address, the websites from which visitors access the ShareVault web site, the type of web browsers used to access the website, the time of the visit, and the pages viewed. This collected information does not personally identify individuals and is required to operate the service, for security, to fulfill certain legal requirements and statistical analysis of web site visits.

Cookies

In order to collect the anonymous data described above, or to provide a better user experience for repeat users of our permission-based services, we may use "cookies" that remain in the cookies file of your browser at your option. Cookies are a widely utilized mechanism for storing small pieces of text which modern browsers use to interact with web sites. Your IP address will not be linked to any personal information unless you provide that information through any form on the website.

We, together with Google, also use cookies whose main objective is to identify and secure users and augment their behavior while on our website. We use information from past visits to tailor the advertisement experience on Google and Google partner sites.

ShareVault Services Usage

In the provision of our permission-based services, ShareVault will maintain a history of participant access to the services and actions taken therein and make this available to the owner of a respective vault accordingly as part of our detailed user activity reporting / sharing analytics capabilities. ShareVault also may maintain a log of IP addresses from which users access the services to help secure our users.

Use of Personal Information

ShareVault uses the above collected information to inform our product customers and prospective customers about our solutions, to provide services requested by our customers, and to support our customers as they utilize our services. For example, ShareVault may respond to you, if you fill out a "Contact" form on our website, with information about our services. ShareVault may also use data about ShareVault customers for its own marketing purposes, in order to provide information about product upgrades, user best practices, industry news, promotions or events. ShareVault uses credit card information solely to evaluate the financial qualification of prospective customers and to collect payment for services. ShareVault uses web site navigational information to operate and secure our web sites and to provide personalized information about the company.

Sharing Information

ShareVault will not share, sell or distribute your personal data to unrelated third parties. All personal data may be disclosed only to third parties who directly support the use cases for personal data as summarized above. Owners of respective vaults are responsible for maintaining the access controls over their data and have access to personal user information and user activity related to their vault. This information is required to access and use the ShareVault services but is administered by the owner of each respective vault.

Data Retention

Various data related to the use of the service is retained indefinitely by ShareVault for the duration of each respective service contract. The ShareVault owner may have made copies of access data as part of their own respective management practices and are outside the purview of this policy. Additional information related to financial transactions is retained for a period of seven years.

Commitment to Data Security

To prevent unauthorized access, maintain data integrity, and ensure the correct use of information, ShareVault has instituted a wide array of policies, procedures, and mechanisms to secure and protect the information we collect online. Additional details regarding data security are found in the ShareVault Security Policy.

Correcting and Updating your Information

Users of ShareVault permission-based services may update or change their profile information by logging into the service, selecting the "Preferences: Profile" page, and updating information using the online interface.

Organizations seeking to update information, to discontinue their ShareVault account, to have their private information returned to them please email, have questions, or need help should contact ShareVault by sending an email to support@sharevault.net, or calling (408) 717-4955, ext. 2. Should you decline to receive mail or email from ShareVault that does not relate directly to your access to or use of ShareVault permission-based services, please visit our unsubscribe page and fill out the form.

Your Acceptance

By using our websites and/or services, you signify your agreement to the privacy polices described above.

If you have any questions about this privacy statement, please email us at privacy@sharevault.com.



General Data Protection Regulation (GDPR)

As of May 25, 2018, the General Data Protection Regulation (GDPR) became enforceable in the European Union (EU).

As a citizen or resident of the EU, your personal data are protected by the terms of the GDPR. In order for ShareVault and ShareVault's customers to comply with the GDPR, you are required to grant consent in order to gain access to ShareVault and to exercise additional privacy rights. Most provisions extended under the GDPR are described in the statements above with additional options and features described below.

GDPR Data Rights

The GDPR provides the following data rights for individual citizens or residents of the EU:

1. The Right to be Informed

Should there be a breach of private information, you will be notified using the contact information in your user profile. We will also notify the appropriate privacy authority for your home country.

2. The Right of Access

In addition to accessing user profile information (see above), your use events may be obtained by contacting the owner of the respective vaults you have access to. Detailed records of technical mechanisms related to enabling those access events are not generally accessible.

3. The Right to Rectification

Users may access and update personal information as detailed above under Correcting and updating your information.

4. The Right to Erasure

Users may at any time chose to remove themselves from the ShareVault service. Users should first contact the ShareVault owner / administrator in order to exercise the right to erasure. In the event that the ShareVault owner / administrator cannot be reached, users can send an email to privacy@sharevault.com

5. The right to Restrict Processing

See above

6. The Right to Data Portability

Users may request copies of their personal information from a ShareVault owner / administrator but such requests are subject to the respective rights and control of that owner as may be stated within the privacy policy they have published for that ShareVault.

7. The Right to Object

Users may object to the collection and use of personal information by first contacting the ShareVault owner / administrator. In the event that the ShareVault owner / administrator cannot be reached, users can send an email to privacy@sharevault.com.

8. Rights in Relation to Automated Decision Making and Profiling.

Automated decision making and profiling is not applicable to the use of ShareVault Services.

Exercising Rights

Users may exercise rights related to the collection and use of personal information per the statements above or by email at privacy@sharevault.com.

After granting consent, users can subsequently change / withdraw their consent to the collection, use and storage of personal information by emailing privacy@sharevault.com.

Legal Basis

Legal basis for the collection and use of personal information is detailed in the above statements and generally starts with explicit consent by a user, followed by additional requirements to support the terms of the ShareVault service contracts, support the secure function of the ShareVault service, and as required for legal reasons, specifically to comply with the requirements of the GDPR and various US legal statutes.

Data Controllers/Processors

ShareVault provides services to customers who use these services to in turn support their own individual business functions. These ShareVault owners / administrators are considered data controllers for certain types of user data related to their respective vaults.

ShareVault is thus the processor for that data. ShareVault customers (owners / administrators) share the responsibility for this category of data and are provided the tools to fulfill that obligation for their users who are eligible for the additional GDPR privacy rights. Affiliated third party providers also share responsibility in a similar manner. All parties are appropriately bound by contract to be compliant.

Help for Admins / Owners with GDPR Compliance

GDPR compliance is a shared responsibility between ShareVault customers (owners / administrators) and ShareVault. Owners / administrators can request help from ShareVault for complying with GDPR compliance, including support for users who wish to exercise any of their rights under the GDPR, by sending an email to privacy@sharevault.com.

Changes to This Privacy Statement

All personal information (defined as any information that identifies or can be used to identify the person to whom such information pertains) that we collect and maintain will be subject to this privacy statement, as amended from time to time. ShareVault may change this privacy statement from time to time at its sole discretion and will provide notice of all changes in this online document and via the footer of the web pages with authorized links to this document. If as the result of such changes you want to alter the ways in which ShareVault is allowed to use your personal information, you can do so by following the procedure described under Correcting and updating your information, above.