Last updated: Jun 26, 2023
Privacy Policy
1. Introduction
This Privacy Policy (“Policy”) explains how Xecurify, and its affiliates and subsidiaries collect, store, use, disclose and otherwise process the information relating to individuals (“Personal Data”) and to learn about your rights and choices regarding our processing of your Personal Data in the course of our business. In this Privacy Policy, “Xecurify,” “miniOrange” ,“we,” “our,” and “us” each mean Xecurify and the applicable Xecurify affiliate(s) involved in the processing activity. Our business (collectively, our “Services”) includes when you visit our website, www.miniorange.com (the “Website”), with “Xecurify” that link to this Policy, use our software-as-a-service (“SaaS”) services, application and programs as a Customer / Subscriber and through other means including partner programs, sales and marketing activities.
We provide our Services to our Customers/Subscribers under an Agreement located on our “Terms of Use” webpage; it governs use by a Customer's / Subscriber’s Authorized Users only and allows those Authorized Users to enter data into the Service. Because the Service is SaaS-based, the Authorized Users may access and use the Service from anywhere in the world, subject to Xecurify’s Terms of Use and any applicable laws.
We recommend you read and understand this Policy completely, including the additional documents included at the links provided.
2. Xecurify’s Roles & Responsibilities
Please note that this Privacy Policy does not apply to the extent that we process Personal Data in the role of a processor (or a comparable role such as a “service provider” in certain jurisdictions) on behalf of our customers, including where we offer to our customers various cloud products and services, through which our customers (and/or their affiliates) connect their own websites and applications to our hosted platform, sell or offer their own products and services, send electronic communications to other individuals, or otherwise collect, use, share or process Personal Data via our cloud products and services.
Each of our customers, not Xecurify, controls whether they provide you with an account or other access to the Xecurify identity cloud service through their subscription, and if they provide you with such accounts or other access through their subscription, they control what information about you that they submit to our service. This content may include contact information (such as your first and last name, email address, and phone number), professional information (such as the department you work for at your place of employment), or other types of information that a customer chooses to submit. Use of this content by Xecurify is governed by agreements between Xecurify and the Customer. Xecurify processes this data as a Service provider and when a customer chooses to process this information. Xecurify will not be responsible for the privacy of the customer's personal information that is not described in this privacy policy.
For detailed privacy information applicable to situations where an Xecurify customer (and/or a customer affiliate) who uses Xecurify’s cloud products and services is the controller, please reach out to the respective customer directly. We are not responsible for the privacy or data security practices of our customers, which may differ from those set forth in this Privacy Policy. If not stated otherwise either in this Privacy Policy or in a separate disclosure, we process such Personal Data in the role of a processor or service provider on behalf of a customer (and/or its affiliates), who is the responsible controller of the applicable Personal Data.
3. Information You Provide
The personal information we collect when you use the Services, including when you sign up to the Service and the reasons why you are asked to provide it are explained when we ask you to provide your personal information. Xecurify will tell you prior to collection whether providing personal information is necessary or voluntary.
When using the Services, we may collect your name, email, postal address, phone number and other information you provide via the Services when, for example, you submit inquiries, request more information about our services, complete surveys or download Xecurify documents, provide feedback about our Services or register for sales events or marketing activities.
When you register to use our Services, we may collect your personal information (like your full name and contact information). We may share some of this information if you have asked us to work with a Third Party of your choosing. We do not sell any personal information.
Information you provide us:
- A. Account signup: When you sign up for an account to access one or more of our services, we ask for information like your name, contact number, email address, company name and country to complete the account signup process. You'll also be required to choose a unique username and a password for accessing the created account. You may also provide us with more information such as your time zone and language, but we don’t require that information to sign up for an account. After signing up, you will have the option of choosing a security question and an answer to the security question — if you provide these, they will be used only while resetting your password. If you attend an event, we may also receive contact and professional details about you when you register for any event, including webinars or seminars, (ii) subscribe to our newsletter or any other mailing list, (iii) you choose to scan your attendee badge or by providing a business card or other method, (iv) submit a form in order to download any product, whitepaper, or other materials, (v) participate in contests or respond to surveys, or (vi) submit a form to request customer support, get a quote or to contact Xecurify for any other purpose.
- B. Contract and Payment Data: We may receive contract details (like signatures) from you or your organization and use payment processing services to collect payment and billing information, which may contain Personal Data such as billing name, billing address and payment card details, in connection with some of our products and services. When you submit your card information, we store the name and address of the cardholder, the expiry date and the last four digits of the credit card number. We do not store the actual credit card number. For quick processing of future payments, if you have given us your approval, we may store your credit card information or other payment information in an encrypted format in the secured servers of our Payment Gateway Service Providers.
- a. Interactions with Xecurify: If you attend any Xecurify in-person or virtual event or agree to be recorded in a telephone or video meeting, we may record some or all of that event or meeting. For events, we may document the event in various ways, such as by taking photos at the event, interviewing you at the event, or recording your participation in a live question-and-answer or other interactive session.
- b. Testimonials: We can use the information for business and marketing purposes to better inform the public about Xecurify, its events, and provide testimonials about our products and services.When you authorize us to post testimonials about our products and services on websites, we may include your name and other personal information in the testimonial. You will be given an opportunity to review and approve the testimonial before we post it.
4. Information We Automatically Collect
When using the Services, we automatically collect certain information when you visit or use the Service, including your use of this website.
- A. Information from Browsers, Devices and Servers:
When you visit our websites, we collect the information that may reveal your identity and may include information about the specific computer or device you are using, such as your computer’s operating system and Internet Protocol (IP) address, browser type, language preference, time zone, referring URL, date and time of access, operating system, mobile device manufacturer and mobile network information.
- B. Information from cookies and Tracking Technologies:
We also automatically collect and store information about your activities on our websites, such as information about how you came to and used our Services, event information (like access times and browser type and language) and data collected through cookies and other similar technologies that uniquely identify your browser, computer and/or other device. We use temporary and permanent cookies to identify users of our services and to enhance user experience. For more information on the use of cookies and other tracking technologies please see our Cookie Statement with our website, www.miniorange.com
- C. Information from Service Data, Application Logs and Mobile Analytics:
When using the services, we automatically collect certain data relating to the performance and configuration of our services and our subscribers, Authorized users consumption, use of, and interaction with the Services (collectively, “Service Data”). While service Data usually does not involve personal information, it may include such data in the following instances:
- a. Technical Information or data from either application programming interfaces (“API’s”), hosting services, Internet of Things(“IoT”), sensors or devices, or other products, services or devices that access our Services, including relevant log files;
- b. Data and Metadata about an Authorized User’s activities and Behaviour within our service, such as click Patterns and feature use.
Service Data is used by Company for (a) providing, supporting and operating our products and services, (b) network and information security and (c) to analyze, develop and improve our products and services.
5. Information We Receive from Third Parties
From time to time, we may obtain information about you from third party sources, such as public databases and websites, resellers and distributors, joint marketing or business partners, security and fraud detection firms and social media platforms. Examples of the information we may receive from other sources include: account information; page-view information; contact information from business partners with whom we operate co-branded events, services and marketing campaigns or joint offerings; search results and links, including paid listings (like sponsored links); and if relevant, credit history information from credit bureaus.
A. Referrals: If someone has referred any of our products or services to you through any of our referral programs, that person may have provided us your name, email address and other personal information. If you provide us information about another person, or if another person gives us your information, we will only use that information for the specific reason for which it was provided to us.
B. Information from our reselling partners and service provider: If you contact any of our reselling partners, or otherwise express interest in any of our products or services to them, the reselling partner may pass your name, email address, company name and other information to Xecurify. If you register for or attend an event that is sponsored by Xecurify, the event organizer may share your information with us. Xecurify may also receive information about you from review sites if you comment on any review of our products and services, and from other third-party service providers that we engage for marketing our products and services.
C. Information from your Feedback and Review: When you provide feedback or reviews about our products, interact, or engage with us on marketplaces, review sites or social media sites such as Facebook, Twitter, LinkedIn and Instagram through posts, comments, questions and other interactions, we may collect such publicly available information, including profile information, to allow us to connect with you, improve our products, better understand user reactions and issues, or to reproduce and publish your feedback on our websites. We must tell you that once collected, this information may remain with us even if you delete it from these sites. Xecurify may also add and update information about you, from other publicly available sources.
D. Personal and/or Anonymous Data Collected By Third Parties:
a. We may receive Personal and/or Anonymous Data about you from other sources, including companies that provide our Products by way of a co-branded or private-labeled website or companies that offer their products and/or services on our website ("Third Party Companies"). Those Third Party Companies may supply us with Personal Data, such as your calendars and address book information, in order to help us establish the account. We may add this information to the information we have already collected from you via our website in order to improve the Products we provide.
b. Our provision of a link to any other website or location is for your convenience and does not signify our endorsement of such other website or location or its contents. When you click on such a link, you will leave our site and go to another site. During this process, another entity may collect Personal Data or Anonymous Data from you.
c. We have no control over, do not review, and cannot be responsible for, outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of data after you click on links to such outside websites. You may determine whether or not we are responsible for the content of a website by reviewing the URL and confirming the ownership of the applicable domain by means of a service such as online tracking.
6. Use of Information we collect
We use personal information collected via the Services and through other means (e.g., in person) for the following purposes:
- a. Operate Audit and Improve our Services;
- b. Provide Customer Service and Support;
- c. Provide and facilitate the delivery of products and services you request;
- d. Send you related information, including confirmations, invoices, technical notices, updates, security alerts, training and support and administrative messages;
- e. Maintain your License Account;
- f. Enhance security, monitor and verify identity or service access, combat fraud, spam, malware or other network and/or information security risks;
- g. Detect bugs, report errors and perform activities to maintain the quality or safety of our services;
- h. Conduct research and development;
- i. Understand you and your preferences to enhance and personalize your experience and enjoyment when using our Services;
- j. Develop and send you marketing, sales and promotional communications (where this is in accordance with your marketing preferences);
- k. Communicate with you about one of our events or our partner events, including webinars and demos;
- l. Respond to your comments or questions or provide information requested by you;
- m. Link or combine it with other personal information we get from third parties, to help understand your needs, provide you with better service and to prevent fraud;
- n. Process and deliver contest entries and rewards;
- o. Display and measure engagement with advertisements across different devices and websites;
- p. Maintain legal and regulatory compliance; and
- q. Process your information for other legitimate business purposes, such as customer surveys, data analysis, audits, collecting and assessing feedback, identifying usage trends, determining the effectiveness of our marketing campaigns and to evaluate and improve our products, services, marketing and customer relationships.
7. Sharing of Personal Information
We do not share personal information with third parties other than as follows:
- a. Where it has been de-identified, including through aggregation and anonymization;
- b. When you instruct us to do so;
- c. With your consent, for example, when you agree to our sharing your information with other third parties for their own marketing purposes subject to their separate privacy policies;
- d. With company affiliates, in such case the information will be processed as otherwise described in this Policy;
- e. With third party vendors, consultants and other service providers who work for us and need access to your information to do that work. Examples include vendors and service providers who provide assistance with marketing, billing, processing credit card payments, data analysis, fraud prevention, network and information security, technical support and customer service;
- f. With third party business partners, such as delivery and/or referral partners, who are involved in providing services to our prospects and/or customers, to fulfill product and information requests and to provide customers and prospective customers with information about our Company and its Services.From time to time, we may engage in joint sales or product promotions with select business partners. If you purchase or specifically express an interest in a partner promotion or service, we may share relevant personal information with those partner(s). Where you have given your consent to do so, these business partners may send you marketing communications about their own products and services. In those circumstances, our partners are responsible for managing their own use of the personal information collected in these circumstances. We recommend you review the partner’s privacy notices to find out more about their handling of your personal information.
- g. To comply with laws or to respond to lawful requests and legal process, to protect our rights and property and that of our agents, customers, members and other including to enforce our agreements, policies and terms of use or in an emergency to protect the personal safety of any person;
- h. In order to protect any individual’s vital interests, but only where we believe it necessary in order to protect the vital interests of any person; and
- i. In connection with or during negotiation of any business transfer, merger, financing, acquisition, or dissolution transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets to another company.
8. Legal Bases for Processing Personal Data (for United Kingdom and European Economic Area and other relevant jurisdictions)
If you are an individual in the United Kingdom, the European Economic Area (EEA), or of another relevant jurisdiction, we collect and process information about you only where we have a legal basis or bases for doing so under applicable laws. The legal bases depend on the products and services that your organization has purchased from Xecurify, how such products and services are used, and how you choose to interact and communicate with Xecurify’s websites, systems, and whether you attend Xecurify events. This means we collect and use your Personal Data only where:
- a. We need it to operate and provide you with our products and services, provide customer support and personalized features, and to protect the safety and security of our products and services;
- b. It satisfies a legitimate interest of Xecurify’s (which is not overridden by your data protection interests and rights), such as for research and development, to provide information to you about our products and services that we believe you and your organization may find useful, and to protect our legal rights and interests;
- c. You give us consent to do so for a specific purpose; or
- d. We need to comply with a legal obligation.
If you have consented to our use of Personal Data about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your Personal Data because we or another entity (for example, your employer) have a legitimate interest to do so, you have the right to object to that use; however, in some cases, this may mean that you no longer use our products and services.
In the event that we de-identify any Personal Data for further use, we commit to maintain and use the information in de-identified form and will not attempt to re-identify the information, except for the purpose of determining if our de-identification processes satisfy applicable legal requirements.
9. Your Rights, Choices and Correcting your personal information
You have the following rights with respect to information that Xecurify holds about you. Xecurify undertakes to provide you the same rights no matter where you choose to live.
- a. Right to access: You have the right to access (and obtain a copy of, if required) the categories of personal information that we hold about you, including the information's source, purpose and period of processing, and the persons to whom the information is shared.
- b. Right to rectification: You have the right to update the information we hold about you or to rectify any inaccuracies. Based on the purpose for which we use your information, you can instruct us to add supplemental information about you in our database.
- c. Right to erasure: You have the right to request that we delete your personal information in certain circumstances, such as when it is no longer necessary for the purpose for which it was originally collected.
- d. Right to restriction of processing: You may also have the right to request to restrict the use of your information in certain circumstances, such as when you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- e. Right to erasure: You have the right to request that we delete your personal information in certain circumstances, such as when it is no longer necessary for the purpose for which it was originally collected.
- f. Right to restriction of processing: You may also have the right to request to restrict the use of your information in certain circumstances, such as when you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- g. Right to data portability: You have the right to transfer your information to a third party in a structured, commonly used and machine-readable format, in circumstances where the information is processed with your consent or by automated means.
- h. Right to object: You have the right to object to the use of your information in certain circumstances, such as the use of your personal information for direct marketing.
- i. Right to complain: You have the right to complain to the appropriate supervisory authority if you have any grievance against the way we collect, use or share your information. This right may not be available to you if there is no supervisory authority dealing with data protection in your country.
10. Data Retention
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to comply with applicable legal, tax or accounting requirements, to enforce our agreements or comply with our legal obligations).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing, until deletion is possible.
When processing Subscriber Data on behalf of our Subscribers, we will retain Subscriber Data for as long as the Subscriber instructs us to and/or as required by applicable law.
11. Security of Personal Information
We take all reasonable steps to protect your personal information to prevent loss, misuse, unauthorized access, disclosure, alteration or destruction. We use appropriate technical and organizational measures to protect your personal information, including: physical access controls, encryption, firewalls, intrusion detection and network monitoring appropriate to the type and scope of data processing. This information is held in confidence. Please check with our security practices below:
Security Practices
12. International Data Transfer
Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country, and in some cases, may not be as protective. Specifically, our Servers are located in the U.S., Europe and Australia, However , all the data is stored and processed on the servers in the US, it may be changed upon Customers request to servers in Europe or Australia, we may process your information in jurisdictions where our affiliates/partners and third-party service providers are located.
We have taken appropriate safeguards to require that your personal information remain protected in accordance with this Policy. These safeguards include the protections under the European Commission’s Standard Contractual Clauses for transfers of personal information between us and others where the personal information of the European Economic Area (EEA), United Kingdom or Switzerland personal information is covered by applicable data protection laws.
13. General
- A. Data Processing Addendum
To enable you to be compliant with your data protection obligations, we are prepared to sign an appropriate Data Processing Addendum (DPA). You can request a DPA from Xecurify. Once we get your request, we'll forward the DPA to you for your signature.
- B. Data subject requests
If you are from the European Economic Area and you believe that we store, use or process your information on behalf of one of our customers, please contact the customer if you would like to access, rectify, erase, restrict or object to processing, or export your personal data. We will extend our support to our customer in responding to your request within a reasonable timeframe.
- C. Children’s personal information
Xecurify’s websites are not directed at children. We do not knowingly collect Personal Data from children under the age of 16. If you are a parent or guardian and believe that your child has provided us with Personal Data without your consent, please write to us at info@xecurify.com and we will take steps to delete such Personal Data from our systems.
- D. Disclosures in compliance with legal obligations
We may be required by law to preserve or disclose your personal information and service data to comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements.
- E. Enforcement of our rights
We may disclose personal information and service data to a third party if we believe that such disclosure is necessary for preventing fraud, spam filtering, investigating any suspected illegal activity, enforcing our agreements or policies, or protecting the safety of our users.
- F. Compliance with this Privacy Policy
We make every effort, including periodic reviews, to ensure that personal information you provide is used in conformity with this Privacy Policy. If you have any concerns about our adherence to this Privacy Policy or the manner in which your personal information is used, kindly write to us info@xecurify.com. We'll contact you, and if required, coordinate with the appropriate regulatory authorities to effectively address your concerns.
- G. Blogs and forums
We offer publicly accessible blogs and forums on our websites. Please be aware that any information you provide on these blogs and forums may be used to contact you with unsolicited messages. We urge you to be cautious in disclosing personal information in our blogs and forums. Xecurify is not responsible for the personal information you elect to disclose publicly. Your posts and certain profile information may remain even after you terminate your account with Xecurify. To request the removal of your information from our blogs and forums, you can contact us at info@xecurify.com
- H. Social media widgets
Our websites include social media widgets such as Facebook "like" buttons and Twitter "tweet" buttons that let you share articles and other information. These widgets may collect information such as your IP address and the pages you navigate in the website, and may set a cookie to enable the widgets to function properly. Your interactions with these widgets are governed by the privacy policies of the companies providing them.
- I. External links on our websites
Some pages of our websites may contain links to websites that are not linked to this Privacy Policy. If you submit your personal information to any of these third-party sites, your personal information is governed by their privacy policies. As a safety measure, we recommend that you do not share any personal information with these third parties unless you've checked their privacy policies and assured yourself of their privacy practices.
14. Changes in the Policy
We post all changes we make to our privacy policy on this page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for periodically visiting our Services and this privacy policy to check for any changes. We are committed to security and the protection of your personal information and we will not materially change our policies and practices to make them less protective of your personal information collected in the past without your consent.
15. Contact
If you would like to contact us with questions or concerns about our privacy policies and practices, you may contact us via any of the following methods:
Email us at: info@xecurify.com
Or call us at: +1 978 658 9387
Or you can fill form with your question/concern: Contact us