Trujay Group LLC Privacy Policy

Effective from 5th March 2019 (prior versions can be found here)

Thank you for your interest in Trujay Group LLC ("Trujay", "we", "us" or "our"), our websites and our services. We collectively refer to our websites and services as "Service Offerings" in this policy. This policy relates to Service Offerings provided by us that include a link to this policy. It describes the information that we collect, including personally identifiable information ("Personal Data"), it describes why we collect that information, and our policies with respect to that information.

This policy also explains your choices about how we use information about you. Your choices include how you can object to certain uses of information about you and how you can access and update certain information about you. If you do not agree with this policy, do not access or use our Service Offerings or interact with any other aspect of our business.

We are committed to protecting your Personal Data and respecting your privacy. If you're visiting us from the EU or Switzerland: we adhere to the Privacy Shield Principles.

Information We Collect and Why

Information from website browsers

If you're just browsing our Service Offerings, we collect the same basic information that most websites collect. We use common internet technologies, such as cookies and web server logs. This is stuff we collect from everybody, whether they have an account or not.

The information we collect about all visitors to our Service Offerings includes the visitor's browser type, language preference, referring site, and the date and time of each visitor request. We also collect potentially personally-identifying information like Internet Protocol (IP) addresses.

Why do we collect this?

We collect this information to better understand how our website visitors use our Service Offerings, and to monitor and protect the security of the Service Offerings.


Information from users with accounts

If you register an account, we require some basic information at the time of registration. We will ask you for a valid email address. We may allow or require you to register by authenticating via a third party service such as Google or HubSpot. When this occurs we automatically collect your email address and name from that service. We receive this same type of information when you integrate or link a third party service with our Service Offerings. You may have the option to give us more information if you want to, and this may include "Personal Data".

If you contact us, for example by completing a web form requesting information about our Service Offerings, we will collect "Personal Data" from you. This generally includes an email address, name and phone number.

"Personal Data" is any information about one of our users which could, alone or together with other information, personally identify him or her. Information such as an email address, a real name, and a phone number are examples of "Personal Data."

Personal Data does not include aggregated, non-personally identifying information. We may use aggregated, non-personally identifying information to operate, improve, and optimize our Service Offerings.

Why we collect this information

  • We need your Personal Data to create your account, to provide the Service Offerings you request, and to respond to sales and support requests.
  • We use your Personal Data, specifically your email address, to uniquely identify you on our Service Offerings.
  • We will use your email address to communicate with you, if you've said that's okay, and only for the reasons you've said that's okay. Please see our section on email communication for more information.
  • We use your User Personal Information for internal purposes, such as to maintain logs for security reasons, and for legal documentation.
  • We limit our use of your Personal Data to the purposes listed in this Privacy Policy. If we need to use your Personal Data for other purposes, we will ask your permission first.

Our legal basis for processing information

Under certain international laws (including GDPR), we are required to notify you about the legal basis on which we process Personal Data. We process Personal Data on the following legal bases:

  • When you create an account on our Service Offerings, you provide your email address and generally your name. We require those data elements for you to enter into the Terms of Use agreement with us, and we process those elements on the basis of performing that contract. We also process your name and email address on other bases. If you have a paid account with us, there will be other data elements we must collect and process on the basis of performing that contract. We do not collect or process a credit card number, but our third-party payment processors do.
  • Generally, the remainder of the processing of Personal Data we perform is necessary for the purposes of our legitimate interests. For example, for security purposes, we must keep logs of IP addresses that access our Service Offerings, and in order to respond to legal process, we are required to keep records of users who have made use of our services.
  • If you would like to request erasure of data we process on the basis of consent or object to our processing of Personal Data, please contact us as detailed here.


Information We Do Not Collect

We do not intentionally collect sensitive Personal Data, such as social security numbers, genetic data, health information, or religious information. Although we do not request or intentionally collect any sensitive Personal Data, we realize that you might store this kind of information in your account for data integration or data processing purposes. If you store any sensitive Personal Data on our servers, you are consenting to our storage of that information on our servers, which are hosted by Amazon Web Services in the United States. You are responsible for complying with any regulatory controls regarding that data.

We do not intentionally collect information that is stored in your account. Information in your account belongs to you, and you are responsible for it, as well as for making sure that your content complies with our Terms of Use. Our employees do not access data in your account unless required to for security or maintenance, or for support reasons, with the consent of the account owner. Any Personal Data you store in your account remains your responsibility.

If you're a child under the age of 13, you may not have an account with us. We do not knowingly collect information from or direct any of our content specifically to children under 13. If we learn or have reason to suspect that you are a user who is under the age of 13, we will unfortunately have to close your account.


How We Share the Information We Collect

We do not share, sell, rent, or trade Personal Data with third parties for their commercial purposes, except where you have explicitly requested us to do so.

We do not disclose Personal Data outside our Service Offerings, except in the situations listed in this section or in the section below on Compelled Disclosure.

We do share certain aggregated, non-personally identifying information with others about how our users, collectively, use our Service Offerings. For example, we may compile statistics on the number of data processing jobs executed by our Service Offerings. However, we do not sell this information to advertisers or marketers.

We do not host advertising on our Service Offerings. We may occasionally embed content from third party sites, such as YouTube, and that content may include ads. While we try to minimize the amount of ads our embedded content contains, we can't always control what third parties show.

Our Service Offerings support employees can view basic Personal Data in order to support your use of our Service Offerings. Specifically this includes the email address used when registering with us and account name if supplied.

If you engage our Professional Services consultants all project work will be performed under dedicated Services Agreement supplied by us. This agreement includes data privacy topics such as data confidentiality and data destruction. Professional Services consultants we assign to your project will have access to any Personal Data you provide in relation to that project.

We may share Personal Data with your permission, so we can perform services you have requested.

We may share Personal Data with a limited number of third party vendors who process it on our behalf to provide or improve our service, and who have agreed to privacy restrictions similar to our own Privacy Policy by signing data protection agreements. Our vendors perform services such as payment processing, customer support messaging and other similar services. When we transfer your data to our vendors under Privacy Shield, we remain responsible for it. If you would like to know who our third party vendors are, please see our page on Subprocessors.

At times we retain contractors to perform services for us internally in the course of our business. They may have a level of access similar to our employees. Such limited access would be available only to the extent needed to perform the services, under the terms of an executed confidentiality and non-disclosure agreement with us, with the requirement that such contractors keep the information strictly confidential and use the information solely on our behalf.

We may share Personal Data if we are involved in a merger, sale, or acquisition. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of Personal Data, and we will notify you on our website or by email before any transfer of your Personal Data. The organization receiving any Personal Data will have to honor any promises we have made in our Privacy Policy or in our Terms of Use.

Third party applications

Within some of our Service Offerings you have the option of enabling or connecting third party applications to your account. When you elect to do this, to facilitate the connection, we may share your Personal Data, such as your email address, with that application. You are responsible for your use of the third party application and for the amount Personal Data you choose to share with it.


Our Use of Cookies and Tracking

Cookies

We use cookies (and similar technologies, like HTML5 localStorage) to make interactions with our service easy and meaningful. We use cookies to keep you logged in and remember your preferences. We also use cookies for web analytics, and on our website chat.

A cookie is a small piece of text that a web server stores on your computer or mobile device, which your browser sends to us when you return to our site. Cookies do not necessarily identify you if you are merely visiting our Service Offerings; however, a cookie may store a unique identifier for each logged in user. Some cookies are essential for the Service Offerings to operate. Others are used for performance, functionality and web analytics.

If you decline the use of cookies with our Service Offerings you will generally be able browse the Service Offerings and functionality that is dependant on cookies, including signing in, will be disabled.


Web Analytics

We use a third party web analytics service to collect information about how our Service Offerings perform and how users navigate through and use pages on our Service Offerings. This helps us evaluate our users' use of our Service Offerings; compile statistical reports on activity; and improve our content and Service Offerings performance.

Web analytics services gather certain information over time, such as your IP address, browser type, internet service provider, referring and exit pages, time stamp, and similar data about your use of our Service Offerings. This information may be associated with other Personal Data we collect.

You have the ability to accept or decline cookies on our Service Offerings. If you decline cookies the web analytics will be disabled.

Certain pages on our site may set other third party cookies. For example, we may embed content, such as videos, from another site that sets a cookie. While we try to minimize these third party cookies, we can't always control what cookies this third party content sets.

Please see our section on email communication to learn about our use of pixel tags in marketing emails.


Website Chat

We use website chat messaging provided by a third party service, allowing you to message with us directly from our Service Offerings. This feature makes use of cookies and can collect Personal Data. If you decline the use of cookies the chat messaging features will be disabled.


Social Media Features

On some pages our Service Offerings include Social Media Features. This includes features such as the Facebook Like button and the LinkedIn share button. These features may collect your IP address, which page you are visiting on our sites, and may set a cookie to enable the feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our Websites. This Privacy Policy does not apply to these features. Your interactions with these features are governed by the privacy policy and other policies of the companies providing them.


How We Secure Your Information

We take all measures reasonably necessary to protect Personal Data from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of Personal Data. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.

In the event of a data breach that affects your Personal Data, we will act promptly to mitigate the impact of a breach and notify any affected users without undue delay.

No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.


Our Global Privacy Practices

Information that we collect will be stored and processed in the United States in accordance with this Privacy Policy (our subprocessors may store and process data outside the United States). However, we understand that we have users from different countries and regions with different privacy expectations, and we try to meet those needs.

We provide the same standard of privacy protection to all our users around the world, regardless of their country of origin or location. We work hard to comply with the applicable data privacy laws wherever we do business. Additionally, we require that if our vendors or affiliates have access to Personal Data, they must comply with our privacy policies and with applicable data privacy laws, including signing data transfer agreements such as Standard Contractual Clause agreements.

In particular:

  • We provide clear methods of unambiguous, informed consent at the time of data collection, when we do collect your personal data.
  • We collect only the minimum amount of Personal Data necessary, unless you choose to provide more. We encourage you to only give us the amount of data you are comfortable sharing.
  • We offer you simple methods of accessing or deleting the data we have collected.
  • We provide our users notice, choice, accountability, security, and access, and we limit the purpose for processing. We also provide our users a method of recourse and enforcement. These are the Privacy Shield Principles, but they are also just good practices.
  • Trujay Group LLC complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Trujay Group LLC has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/


Resolving Complaints

In compliance with the Privacy Shield Principles, Trujay Group LLC commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Trujay Group LLC by emailing us directly at privacypolicy@trujaygroup.com. You can also write to us at our postal address here. We will respond within 45 days at the latest.

Dispute Resolution Process

Trujay Group LLC has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit JAMS for more information or to file a complaint. The services of JAMS are provided at no cost to you.

Independent Arbitration

Under certain circumstances, EU and Swiss individuals may invoke binding Privacy Shield arbitration as a last resort if all other forms of dispute resolution have been unsuccessful. To learn more about this method of resolution and its availability to you, please read more about Privacy Shield.

We are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).


How We Respond to Compelled Disclosure

We may disclose personally-identifying information or other information we collect about you in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In complying with court orders and similar legal processes, we strive for transparency. When permitted, we will make a reasonable effort to notify users of any disclosure of their information, unless we are prohibited by law or court order from doing so, or in rare, exigent circumstances.


How You Can Access and Control the Information We Collect

If you're already a user of our Service Offerings, you may access, update, or delete your account at any time.

Data Access

You have the right to access any Personal Data we have collected about you. You can access and update Service Offerings data directly from within your account. If you would like to access or update other Personal Data we have collected about you, such as sales related contact information, please contact us as detailed here and we will respond promptly - within 45 days at the latest.

Data Retention and Deletion

We will retain Personal Data for as long as your account is active or as needed to provide you services. If you register an account with us we generally regard your account as active if you have signed in, or used our Service Offerings in some manner (e.g. for background data processing) within the last 180 days. We may automatically delete your account, along with information stored in your account, after it is deemed inactive.

We may retain certain Personal Data indefinitely, unless you delete it or request its deletion. For example, some of our Service Offerings don't automatically delete inactive user accounts, so unless you choose to delete your account, in such cases we will retain your account information indefinitely.

If you would like to cancel your account or delete your Personal Data, you may do so by signing into your account and choosing to delete your account. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your account (within reason) within 60 days.

If you engage our Professional Services consultants all project work will be performed under dedicated Services Agreement supplied by us. The Services Agreement details our approach to data retention in the context of Professional Services project work.


How We Communicate With You

We will use the email address associated with your account as our primary means of communicating with you.

Some of our Service Offerings you use may send you automated notification emails, for example, about data processing events. You can manage or disable these notifications from within the the Service Offerings settings area.

We also send marketing emails, but only with your consent. There's an unsubscribe link located at the bottom of each of the emails we send you.

Our emails might contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we're not sending you unwanted email. If you prefer not to receive pixel tags, please opt out of marketing emails.


Changes to our Privacy Policy

Although most changes are likely to be minor, we may change our Privacy Policy from time to time. We will provide notification to Users of material changes to this Privacy Policy through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the email address specified in your account. For changes to this Privacy Policy that do not affect your rights, we encourage visitors to check this page frequently.


Contacting Trujay About Privacy

If you have any questions about this Privacy Policy, or our information practices, you may contact:

Privacy Officer
Trujay Group LLC
3267 Bee Caves Rd, Suite 107
Austin, Texas 78746
email privacypolicy@trujaygroup.com

We will respond to valid enquiries within 45 days at the latest.