- Telephone number
- Email address
- IP address
- Other data that could directly or indirectly identify you
We commit to manage your personal information in an open, clear, and straightforward manner. However, if at any time you have questions about our privacy practices or any of your privacy rights, you may reach our privacy team at firstname.lastname@example.org.
What Information Do We Collect?
The personal information we collect is determined by your relationship with Rootshell Security. In this way we strive to never collect more personal information than is necessary to provide you with our products, services and industry information.
Rootshell Customers and Network Participants
To provide our vendor risk products and services we must collect a limited amount of personal information to satisfy our contractual obligations. This personal information is provided to us by our customers and network participants for communication purposes to support: the assessment process; to establish an audit record for compliance purposes; and, to otherwise manage and service your account(s). This personal information is never used for any other purpose, and includes:
- Business email address
- Business role
- Business telephone number
- Business IP address
- General Personal Information We Collect and Use
For all non-customer and network communications, Rootshell Security collects information about your interactions with us and with some of our business partners, including information about your use of the products and services that we offer. We may combine information about you that we have with information we obtain from business partners or other companies.
Rootshell Security uses information for the following general purposes: to customise the content you see, fulfil your requests for products and services, improve our services, contact you, and conduct research.
How we Secure, Store and Retain Your Personal Information
We retain personal information for a period no longer than is reasonably necessary to provide the services you have requested and thereafter for legitimate legal or business purposes. These retention periods include:
- Those required by law, contract or similar obligations applicable to our business operations
- To preserve, resolve, defend or enforce our legal/contractual rights
- As necessary to maintain adequate and accurate business, compliance, and financial records
- Compliance with Legal, Regulatory and Law Enforcement Requests
We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (such as subpoena requests), to protect our property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity we consider to be illegal or unethical.
Transfer of Personal Information Abroad
Confidentiality and Security
We limit access to personal information about you to only those employees and consultants who we believe reasonably need to use that information to provide products or services to you, or to do their jobs.
We have physical, electronic, and procedural safeguards that comply with federal regulations to protect personal information about you.
As we collect and use information about our customers, we may contract with vendors to assist us in processing that information. These vendors are required to maintain the confidentiality of the information and are restricted from using the information for any purpose other than helping to provide Rootshell Security’s services to our customers.
Our services are available for purchase only for those over the age of 18. Our services are not targeted to or intended to be consumed by or designed to entice individuals under the age of 18. If you know of or have reason to believe anyone under the age of 18 has provided us with any personal data, please contact us.
How You can Access, Update or Delete your Personal Information
Customers and network participants can easily access, view, update or delete their personal information by signing into their account and visiting “Account Settings”. All other subscribers or individuals may make a request to view, update or delete their personal information by contacting us through one of the ways described in the Contact Us section below.
Note – If you make a request to delete your personal information and that information is necessary for the products or services you have purchased, the request will be honoured only to the extent it is no longer necessary for any services purchased or required for our legitimate business purposes or legal or contractual record keeping requirements.
By Mail: Attn: Data Privacy Officer, 6 Lindenwood, Chineham Park, Basingstoke, RG24 8QY
By Phone: +44 1256 976721