Privacy Policy

Our Policy on data collection, storage and use

Privacy Policy

This policy was last updated on April 2, 2020

Westgate Cyber Security Limited (“Westgate”, “we”, “us”, “our”) owns and licences software called Enclave. For more information about Westgate and Enclave, please visit our website, https://enclave.io/ (the “Website”). Your access to and use of Enclave is governed by the Enclave Terms and Conditions.

We take your privacy seriously and are committed to protecting and respecting your personal data. This privacy policy (“Privacy Policy”) sets out the basis on which the personal data collected from you, or that you provide to us, will be processed by us. Please read the following carefully to understand how we will use your personal data. For the purpose of data protection legislation in the UK, we are the controller of the personal data collected through your use of Enclave.

In this Privacy Policy, Enclave together with any services we may offer in the future from time to time, will be collectively referred to as the “Services”.

What personal data do we collect and process, and how do we use it?

When you use Enclave or interact with our Website, you may provide us with the following personal data, and we may collect and process such personal data in accordance with this Privacy Policy and for the following purposes:

Personal data we process Why we process this data Our lawful basis for processing
Identity Data: this includes your title, first name, surname, date of birth, identity documentation, nationality.
  • To set up your account and enable you to use the Services
  • To maintain comprehensive and accurate records
  • To fulfil our contractual obligations to you
  • To comply with a legal obligation
Contact Data: this includes your address (business and/or residential), phone number(s), email address and any other contact details you may provide.
  • To set up your account and enable you to use our Services
  • To contact you if you have any problems or queries
  • To provide our customer support services
  • To inform you of any changes we make to any of the Services, the terms that govern them or this Privacy Policy
  • To maintain comprehensive and accurate records
  • Marketing: to inform you of any new features or products, or updates to existing services, we may make available from time to time
  • To fulfil our contractual obligations to you
  • To comply with a legal obligation
  • We will only process your Contact Data for marketing purposes if you have provided your express consent for us to do so
Account Data: this includes data you upload to and related to your Account including licence key orders, portal access and versions of the software you operate.
  • To manage and operate our Services
  • To analyse and improve our existing Services
  • To identify and develop new Services
  • To satisfy our legitimate interests
Usage Data: we may process data regarding your use of the Services, including your computer’s Internet Protocol address (IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
  • To identify any problems, defects or issues with the Services
  • To optimise the performance of the Services to ensure you have the best user experience
  • To provide and improve our customer services
  • To satisfy our legitimate interests
  • To fulfil our contractual obligations to you

Who do we share your personal data with?

When you use the Services, we may need to disclose your personal data to the following categories of third parties:

  • Payment processing service providers;
  • Fraud prevention and identity verification;
  • Our other service providers, such as marketing providers, technology platforms, IT support and compliance services; and
  • Other third parties with your express consent or instruction to do so.

The personal data we share with these third parties will in each case be limited to that strictly necessary to satisfy the reasons set out in the table above. Examples of such third parties may include: CloudFlare, Google, Google Analytics, Google Adwords, HubSpot, LeadFeeder, LinkedIn, or Amazon Web Services (AWS).

Transfers of your personal data

We will not transfer your personal data outside of the EU (or the UK to the extent the UK is no longer part of the EU) except to selected third parties that we have instructed to help us provide the Services to you. Such third parties may process and store your personal data in geographically distributed data centres.

In the case of transfers of your personal data outside of the EU (or the UK to the extent the UK is no longer part of the EU), where the transfers are not to countries that provide an adequate level of protection (for example, we may rely on a Privacy Shield certification where the transfer contains a US entity), we will put in place appropriate safeguards to cover transfers of your personal data which may include, for example, signing standard contractual clauses/data protection clauses adopted by the European Commission. Please click here for a link to the standard contractual/data protection clauses and click here for more information about the Privacy Shield for US companies.

Cookies

Cookies are small text files that are placed on your device by websites that you visit. For more information about the cookies that we use on our Website please have a look at our cookies policy.

Our website

Our Website may contain links to third party websites and apps. If you follow a link to a third party website or app, please note that this Privacy Policy does not apply to that website or app. We are not responsible or liable for the privacy policies or practices of any third party websites or apps, so check their policies before you submit any personal data to those websites.

Data retention

We store your personal data in line with legal, regulatory, financial and good-practice requirements, and unless we have a legal or regulatory obligation to keep that data, until it is no longer necessary to provide our services or until you ask us to delete your personal data. If you delete your account, we will delete the data you provided to us during the set up and operation of your account. We may be required to retain certain information in order to comply with local laws. For further details regarding how long we keep each specific category of personal data, please contact us for a copy of our data retention policy.

Disclosure of your data

Westgate Cyber Security Limited may disclose some, or all of your data in the good faith belief that such action is necessary to:

  • To comply with a legal obligation
  • To protect and defend the rights or property of Westgate Cyber Security Limited
  • To prevent or investigate possible wrongdoing in connection with the Service
  • To protect the personal safety of users of the Service or the public
  • To protect against legal liability

Minimum age of our users

Our Services do not address anyone under the age of 18 (“Children”).

We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

Accessing your personal data and your rights

As a result of us collecting and processing your personal data, you have the following legal rights:

  • to access personal data held about you;
  • to request us to make any changes to your personal data if it is inaccurate or incomplete;
  • to request your personal data is erased where we do not have a compelling reason to continue to process such data in certain circumstances;
  • to receive your personal data provided to us as a data controller in a structured, commonly used and machine-readable format where our processing of the data is carried out by automated means, and it is based on: (i) your consent; (ii) our necessity for performance of a contract to which you are a party to; or (iii) steps taken at your request prior to entering into a contract with us;
  • to object to, or restrict, our processing of your personal data in certain circumstances;
  • if we ever use your personal data for direct marketing, you can ask us to stop and we will comply with your request;
  • if we use your personal data on the basis of having a legitimate interest (as set out in the table above), you can object to our use of it for those purposes, giving an explanation of your particular situation, and we will consider your objection;
  • to object to, and not be subject to a decision which is based solely on, automated processing (including profiling), which produces legal effects or could significantly affect you; and
  • to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

To exercise any of your rights set out above, including to withdraw your consent where we have stated we are processing your personal data based on your consent, please contact us at [email protected]

Contacting us and changes to your personal data

Please keep us informed of any changes to your personal data at any time by updating your details in your account. If you have any questions, comments and requests about this Privacy Policy or your personal data, please contact: [email protected]

Changes to our privacy policy

Any changes we may make to this Privacy Policy in the future will be reflected in this document, and where appropriate, notified to you by email. Please check back regularly to keep informed of updates or changes to this Privacy Policy.