E Secure 360 is aware of the privacy concerns of its customers. Our policy for collecting and using personal information is detailed below.
General Data Protection Regulation (“GDPR”), EU-US Privacy Shield & Swiss-US Privacy Shield
Privacy and data security are a top priority at E Secure 360. We have implemented policies designed to address GDPR and help us better protect your information.
E Secure 360 recognizes that the EEA has established strict protections regarding the handling of EEA Personal Data, including requirements to provide adequate protection for EEA Personal Data transferred outside of the EEA. To provide adequate protection for certain EEA Personal Data about Customers received in the US, E Secure 360 has elected to self-certify to the EU-US Privacy Shield Framework administered by the US Department of Commerce (“Privacy Shield”). E Secure 360 adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement, and Liability.
E Secure 360 also complies with the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from Switzerland.
For purposes of enforcing compliance with the Privacy Shield, E Secure 360 is subject to the investigatory and enforcement authority of the US Federal Trade Commission. For more information about the Privacy Shield, see the US Department of Commerce’s Privacy Shield website located at: https://www.privacyshield.gov. To review E Secure 360’ representation on the Privacy Shield list, see the US Department of Commerce’s Privacy Shield self-certification list located at: https://www.privacyshield.gov/list
E Secure 360 collects information about its Customers from Customers and from third parties such as acquiring banks, merchant service providers, and independent sales organizations (collectively “MSPs”), with whom the Customer has a contractual relationship and through its website and related eCommerce services at several points. The data that we collect include:
- E Secure 360 may collect information related to user information of Customer contacts as part of the services performed for a Customer including name, email address, phone number, address, fax numbers, and other contact information related to the user.
- E Secure 360 allows Customers to add additional users to a Customer’s account. Customer agrees that E Secure 360 may allow an MSP from whom it received Customer’s information to be added as an additional user on a user’s account with rights to make changes to the account.
- Payment information provided by the Customer is processed in accordance with PCI DSS guidelines and may be tokenized for future use depending on the services.
- E Secure 360 also collects data related to a Customer data security as requested by the Customer when purchasing the services. This data includes answers to self-assessment questionnaires, vulnerability scan data, and which security services the Customer purchases.
- E Secure 360 collects information that is not personally identifiable to the user, such as referring URL addresses, time spent in certain areas of E Secure 360’ website, actions taken while on E Secure 360’ website, and origination of the user.
- Certain information such as your IP address, browser type, domain names, and access times may also be collected.
- To receive products and services sold or provided by E Secure 360, contact information is required for billing, communicating about the services, and to perform the services.
We use information that we collect that Customer’s provide to us, including any personal information to:
- Present our website and its contents to our Customers
- Report certain Customer compliance with data security standards to a Customer’s merchant service provider, health network, or other entity; this reporting requires contact information of an individual at the Customer.
- To provide you with information, products, or services that you request from us.
- To fulfill any other purpose for which you provide it.
- To carry out our obligations and enforce our rights arising from any contracts entered into between the Customer and us.
- To notify Customers of any changes to our website or any products and services that we offer or provide through it.
- To provide data contractually required by regulatory agencies like the Payment Card Industry Security Standards Council (“PCI SSC”), with whom E Secure 360 is certified as an Approved Scanning Vendor in order to provide certain scanning services.
- To provide notifications regarding the Customer’s services, accounts, fulfillment of transactions, information about E Secure 360’ websites, service changes, special offers, legal notices, and newsletters.
- For any other purposes with your consent.
E Secure 360 may use the information and data submitted by users and customers for any other purposes related to E Secure 360’ business that are compatible with the purposes for which your information was collected by E Secure 360, including, but not limited to, conducting market research, improving its products and services, sending surveys, and notifying customers of product upgrades and updates, new products, special offers, seminars and conventions and any other changes within E Secure 360 that may affect customers and users.
We process EEA Personal Data for the purposes stated above. E Secure 360 will only process EEA Personal Data in ways that are compatible with the purpose that E Secure 360 collected it for, or for purposes the individual later authorizes. Before we use your EEA Personal Data for a purpose that is materially different than the purpose we collected it for or that you later authorized, we will notify you and provide you with the opportunity to opt out.
Third parties with whom E Secure 360 Shares Information
E Secure 360’ policy in relation to information collected through registration, testing, and/or any other means is to respect and protect the privacy and confidentiality of our users. E Secure 360 does not disclose, rent, or sell email addresses, security test results, or any other information that we may receive to any third party, unless:
- requested by the customer;
- to report compliance and security-related information to the Customer’s merchant service providers as part of the services provided by E Secure 360 to the Customer;
- requested or required by applicable credit card associations, acquiring banks, credit card processors, credit card acquirers, credit card processors, or merchant service providers with which E Secure 360 has a contractual agreement;
- in response to duly authorized information requests of governmental authorities or where required by law;
- in connection with any legal proceedings where disclosure of such data has been requested or required; or
- to an agent of E Secure 360 acting on behalf of E Secure 360 (e.g., for database hosting, data processing or mailing services). In this case, E Secure 360 will make certain that the agent complies with the GDPR and Privacy Shield principles (as defined above) and our commitments in this policy.
Under certain circumstances, we may remain liable for the acts of our third-party agents or service providers who perform services on our behalf for their handling of EEA Personal Data that we transfer to them.
Access to Information
E Secure 360 understands the importance of maintaining accurate information. Data subjects may exercise the following rights:
- Right to Access – E Secure 360 will provide Customers with the Personal Data collected in association with their account.
- Right to Rectification – E Secure 360 allows Customers to update their information on E Secure 360 websites through those websites.
- Right to Erasure: Customers may choose to remove information collected by E Secure 360
- Right to be informed – E Secure 360 will inform the Customer of the Personal Data collected by E Secure 360.
- Right to Object – A contact at a Customer may object to E Secure 360 processing his/her data.
- Right to Restrict Processing – a contact at a Customer may restrict E Secure 360’ processing of personal data.
- Right to Data Portability – a contact at a Customer may request that their Personal Data be moved to another company.
- Right to be Informed – a contact at a Customer may request to be informed about the completion of rectification, erasure (before the erasure takes place), or restriction of processing within 30 days of the request.
If you would like to exercise one of these rights, please contact us by email at [email protected] E Secure 360 will respond to the request within thirty (30) days.
E Secure 360 retains information for as long as an account is active or as needed to provide the services requested by the Customer, and for five to seven years, depending on the data, after the account is not active. E Secure 360 will also retain information as needed to comply with legal or tax obligations, comply with industry regulations, resolve disputes, and enforce agreements.
Privacy Questions or Complaints
You can direct any questions or complaints about the use or disclosure of your EEA Personal Data to us at [email protected] We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your EEA Personal Data within 30 days of receiving your complaint. We can be reached at: [email protected]
E Secure 360 maintains reasonable and appropriate security measures to protect EEA Personal Data from loss, misuse, unauthorized access, disclosure, alteration, or destruction in accordance with the Privacy Shield.
If you do not wish to have your contact information used by E Secure 360 to promote our own products or services, you can opt-out by checking the relevant box located on the form on which we collect your data or at any other time by sending us an email stating your request to [email protected] If we have sent you a promotional email, you may send us a return email asking to be omitted from future email distributions, or by following the opt-out instruction in the email. This opt out does not apply to information provided to E Secure 360 as a result of a(n) product purchase, account updates, product service experience, service expiration, or other transactions.
To access your information, ask questions about our privacy practices, request to limit the disclosure of your personal information, or issue a complaint, contact us at:
E Secure 360
401, Premier,HITEC City, Hyderabad
+91 934 934 3300
Effective Date: May 25, 2018
Changes to Services or Rates
E Secure 360 reserves the right to change the Services, prices, or charges at any time without notice. If you do not accept these changes, you have the right to cancel the Services, but cancellation fees may apply. If you continue to use the Services after these changes have been applied, then you be deemed to have accepted these changes.
Users are strictly forbidden to use the Services or the Website to perform security tests on computers, servers, or devices that they do not have permission or authorization to test. If Customer uses a third party hosting service, Customer must notify the service and receive permission for E Secure 360 to perform security testing. Customer agrees to hold E Secure 360 harmless for any failure to obtain any necessary permission.
Customer may not use the Services or the Website:
- In any way that violates any applicable federal, state, local, or international law or regulation (including, without limitation, any laws regarding the export of data or software to and from the US or other countries).
- For the purpose of exploiting, harming, or attempting to exploit or harm minors in any way by exposing them to inappropriate content, asking for personally identifiable information or otherwise.
- To impersonate or attempt to personate E Secure 360, a E Secure 360 employee, another user, or any other person or entity (including, without limitation, by using email addresses associated with any of the foregoing).
- To transmit, or procure the sending of, any advertising or promotional material including any junk mail, chain letter, or spam or any other similar solicitation.
- To engage in any other conduct that restricts or inhibits anyone’s use or enjoyment of E Secure 360 Websites, or may harm E Secure 360 or any of its users
Additionally, you agree not to:
- Use any robot, spider, or other automatic device, process, or means to access this Website for any purpose, including monitoring or copying any of the material on the Website.
- Introduce any viruses, Trojan horses, worms, logic bombs or other material which is malicious or technologically harmful.
- Attack the Website via a denial-of-service attack or a distributed denial-of-service attack.
- Attempt to gain unauthorized access to, interfere with, damage or disrupt any parts of the Website or any user’s use of the Website.
- Otherwise attempt to interfere with the proper working of the Website.
E Secure 360 will provide Customer with written or online reports, data, policies, templates, checklists, and other materials (collectively, “Materials”) in connection with the Services. Customer agrees that all intellectual property rights in the Materials, including trade secrets, copyrights, patents and trademarks, are exclusively owned by E Secure 360 and its licensors. Customer shall hold in confidence all Materials marked as “confidential” and shall use the Materials solely for the purposes for which they are disclosed. All Materials are licensed to Customer only for its own use and Customer does not have any rights to copy, distribute or make derivative works of the Materials without the prior written authorization of E Secure 360. Dissemination, distribution, copying or use of the Materials in whole or in part by a E Secure 360 competitor or their agents is strictly prohibited.
Customer agrees to pay all charges for the Services provided to Customer, unless Customer’s acquirer, payment processor, or other entity has entered into an agreement with E Secure 360 to pay for those services. If Customer’s acquirer, processor or other entity has an agreement with E Secure 360 to pay for the Services, then Customer authorizes its acquiring bank or other merchant service provider to bill Customer for the Services. If Customer has provided E Secure 360 with credit card information (“Card Information”), Customer authorizes E Secure 360 to charge Customer the price of the Services, as provided in the invoice or order confirmation sent by E Secure 360, using the Card Information. Customer also authorizes E Secure 360 to charge any cancellation fee associated with the cancellation of the Services. If Customer is purchasing online Compliance services, Customer also authorizes E Secure 360 to automatically charge the price of Services for each renewal term of this Agreement using the Card Information. Customer agrees to give E Secure 360 prompt notice of any changes to the Card Information.
For Customers that have purchased packages of services that contain Managed Firewall Services, a cancellation fee will apply if Customer cancels the Managed Firewall Services before the end of the three-year term. The cancellation fee will cover the costs of hardware and the setup fees and may vary depending on the circumstances of the cancellation.
If E Secure 360 uses a collection agency or attorney to collect money owed by you, you agree to pay the reasonable costs of collection, including, but not limited to, any collection agency’s fees, reasonable attorneys’ fees, and arbitration or court costs.
If an acquirer or merchant service provider pays for the Services, refunds may not apply. Refunds for the unused portion of services may be obtained by contacting the Account Renewals team at E Secure 360. Refunds will be processed within 5 business days.
E Secure 360 owns and operates the servers that host this web site. Contact information for E Secure 360 may be obtained by clicking the “Contact Us” link at the top of any page.
Accuracy of Information
Customer’s compliance depends entirely upon the accuracy of information provided to E Secure 360 by Customer. Customer agrees that if Customer provides incomplete or inaccurate information this may affect the Services, Customer’s compliance status, and E Secure 360 will not be held liable for any damages incurred as a result of incomplete or inaccurate information provided by customer. A scan result from E Secure 360 only indicates the compliance status of the systems that E Secure 360 has scanned and does not represent Customer’s overall compliance status with the PCI Data Security Standards. Customer also agrees to give E Secure 360 prompt notice if any information affecting data security previously provided to E Secure 360 has changed, is changing or will change. Customer understands and agrees that any threat designated as a false positive by Customer is done at Customer’s own risk. In no event shall E Secure 360 be liable for any damages incurred by Customer as a result of Customer’s designation of a threat as a false positive.
Customer authorizes E Secure 360 to contact Customer through email, phone or fax to notify Customer of changes in Customer’s compliance status or Services. Customer also authorizes E Secure 360 to contact Customer in regards to payment, renewal, cancellation, or the Services.
Reliance on Information Posted
The information presented on or through the Website is made available solely for general information purposes. E Secure 360 does not warrant the accuracy, completeness or usefulness of this information. Any reliance you place on such information is strictly at your own risk. E Secure 360 disclaims all liability arising from any reliance placed on such materials by you or any other visitor to the Website or by anyone who may be informed of any of its contents.
Information About You and Your Visits to the Website
DUE TO THE NATURE OF THE COMPUTER SECURITY BUSINESS, NO SECURITY COMPANY CAN GUARANTEE THAT IT WILL DETECT EVERY VULNERABILITY OR SECURITY PROBLEM. E SECURE 360 PROVIDES ITS SERVICES ON AN “AS IS” BASIS AND WITHOUT ANY WARRANTIES WHATSOEVER. E SECURE 360 DISCLAIMS ANY AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION WARRANTIES OF MERCHANTABILITY, NON-INFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE, WITH RESPECT TO ITS SERVICES, MATERIALS AND PRODUCTS. E SECURE 360 DOES NOT WARRANT THAT THE SERVICES WILL DETECT EVERY VULNERABILITY ON CUSTOMER’S SYSTEM, OR THAT E SECURE 360’ VULNERABILITY ASSESSMENTS, SUGGESTED SOLUTIONS OR ADVICE WILL BE ERROR-FREE OR COMPLETE. CUSTOMER AGREES THAT E SECURE 360 SHALL NOT BE RESPONSIBLE OR LIABLE FOR THE ACCURACY OR USEFULNESS OF ANY INFORMATION PROVIDED BY IT, OR FOR ANY USE OF SUCH INFORMATION.
Limitation of Liability
Customer acknowledges that use of the Services does not guarantee compliance with the PCI DSS, or that its Systems are secure from unauthorized access. This is due to, and Customer acknowledges that, the Services being dependent upon multiple variables, which include the information provided by Customer, and Customer’s level of cooperation with policies regarding compliance with the PCI DSS or the validation thereof.
CUSTOMER ACKNOWLEDGES THAT THE RATE OF BRINGING CUSTOMER AND ITS SYSTEM IN COMPLIANCE WITH PCI DSS IS DEPENDENT UPON MULTIPLE VARIABLES, WHICH INCLUDE CUSTOMER’S LEVEL OF COOPERATION WITH POLICIES REGARDING COMPLIANCE. UNDER NO CIRCUMSTANCES SHALL E SECURE 360, ITS AFFILIATES OR THEIR LICENSORS, SERVICE PROVIDERS, EMPLOYEES, AGENTS, OFFICERS, OR DIRECTORS BE LIABLE FOR DAMAGES OF ANY KIND, UNDER ANY LEGAL THEORY, ARISING OUT OF IN CONNECTION WITH CUSTOMER’S USE, OR INABILITY TO USE, THE WEBSITE, ANY WEBSITES LINKED TO IT, ANY CONTENT ON THE WEBSITE OR SUCH OTHER WEBSITES OR ANY SERVICES ON OR OBTAINED THROUGH THE WEBSITE, DELAY IN BECOMING OR CUSTOMER’S FAILURE TO BECOME COMPLIANT. IN NO EVENT SHALL E SECURE 360 OR ITS AGENTS BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL, INCIDENTAL, CONSEQUENTIAL OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO, PERSONAL INJURY, PAIN AND SUFFERING, EMOTIONAL DISTRESS, LOSS OF REVENUE, LOSS OF PROFITS, LOSS OF BUSINESS OR ANTICIPATED SAVINGS, LOSS OF USE, LOSS OF GOODWILL, LOSS OF DATA, AND WHETHER CAUSED BY TORT (INCLUDING NEGLIGENCE), BREACH OF CONTRACT OR OTHERWISE, EVEN IF FORESEEABLE.
THE FOREGOING DOES NOT AFFECT ANY LIABILITY WHICH CANNOT BE EXCLUDED OR LIMITED UNDER APPLICABLE LAW.
None of the information contained within our Services, or within the content E Secure 360 makes available through our Services, should be regarded as Legal Advice. The distribution and publication of our Services, and the content made available with our Services, does not create an attorney-client relationship between Customer and E Secure 360.
E Secure 360 reserves the right to modify or terminate the Services and E Secure 360’ Websites or to terminate Customer’s access to the Services and E Secure 360’ Website, in whole or in part, at any time.
Do you believe some form of E Secure 360 scanning service abuse is occurring?
Please email us ([email protected])