Effective date: November 19, 2021
Last updated date: November 19, 2021
Privacy is one of PRIVO’s core values and as such we regularly review our privacy notices to make sure that it is an accurate reflection of our practices, what information we collect, how we use it and how we might share it. The ‘What’s new’ section summarizes the changes made to the previous version. To review previous versions of this policy please contact us using the details below.
This policy covers PRIVO PROTECT which is privoprotect.com (Website), and PRIVO PROTECT Service (Service).
What is PRIVO PROTECT
PRIVO PROTECT is owned and operated by Privacy Vaults Online, Inc. d/b/a PRIVO (“PRIVO”). PRIVO is a leader in online privacy protection solutions. The PRIVO PROTECT Service was developed to help protect digital identities and build responsible digital engagement for minors and their families.
The PRIVO PROTECT Service offers a Safety Tech Directory of resources, guides, and tools for parents and families. Parents will be able to register for the Minors Protection Registry by creating a PRIVO iD and authorizing PRIVO to act on their behalf to help protect their child online. The registry allows parents to put online services on notice that a child is attempting to access an age restricted service or a service that needs to apply privacy protections for a child.
Changes to this Policy
We may make minor nonmaterial changes to this policy from time to time. When we do the last updated date will reflect this and you will continue to be bound by this policy. If we make a material change, that is a change to the way we collect and process personal information we will take reasonable steps to contact you first by email and by alert on login and when necessary, obtain your consent, before making the change effective for you. If you would like to see a past version of this policy, please contact us at email@example.com.
Information We Collect
When you sign up for the friends and family pilot
- First and Last Name
- Email Address
- Phone Number
- Your Role (mother, father, educator, family member)
- How many children you have 12 or under and 13 or older
- How many devices your children have access to
PRIVO retains this data for as long as required to provide the service to you. You can request to have your data deleted by contacting us at: firstname.lastname@example.org.
PRIVO does not collect precise geo location information or biometric data. Only the information listed above is collected.
When a company or organization signs up to be a Privacy Patron for PRIVO PROTECT we collect the following information with your consent:
- Work Email
- First Name
- Last Name
- Job Title
- Organization Website
- Organization Type, for example the sector you work in
When an individual signs up to be a Privacy Patron we collect the following information with your consent:
- First Name
- Last Name
- Job Title
- Organization Website
You are given the opportunity to sign up and receive the PRIVO PROTECT newsletter which contains tips and resources for keeping children and families safe online, and the latest online privacy and safety news.
We collect the following information if you choose to opt in to the PRIVO PROTECT newsletter:
You can opt out of these services at any time by unsubscribing from the newsletter or contacting us as outlined below.
PRIVO works with HubSpot solely to support our services. . Information shared with HubSpot is not used for any other purposes or shared onwards. We use HubSpot to provide analytics information on the use of our website and help us to improve it. The analytics information we collect includes number of page views and pages visited, IP address and non-personal device information. We obtain your consent to collect analytics data.
We also use HubSpot to send emails.
Cookies and Similar Technologies
What We Do With The Information You Provide
Control Over Your Information
We retain the personal information we collect as long as reasonably necessary to provide the service. If you request to have your data deleted this request will be met within 30 days unless there is a legal requirement to retain the information. PRIVO will not retain personal data longer than needed to meet statutory requirements.
PRIVO is SOC2, TYPE 2 certified and uses generally accepted security measures and safeguards and requires that the third parties it works with agree to do the same. The measures and safeguards include limiting access to the data to those persons who need it to complete their work for PRIVO. Access is restricted using technical measures. There is no physical access to user information.
All data is transmitted through an SSL transmission to ensure privacy and security of your information. Data is encrypted at rest. We have put in place industry standard physical, electronic, and managerial procedures to safeguard and help prevent unauthorized access, maintain data security, and correctly use the information we collect online. PRIVO allows users to update their information. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while PRIVO uses reasonable efforts to protect your personal information, we cannot guarantee its absolute security. In the event of a data breach PRIVO will inform affected users where required.
PRIVO uses AWS servers in the United States to store data. For more information on this please contact us at email@example.com.
How to Update or Remove Your Information
PRIVO keeps your information/content for as long as necessary in providing the services. If you want to opt out of services, review your information, or delete your information, please contact us at firstname.lastname@example.org.
Notice For California Users
PRIVO does not disclose personal information to third parties for marketing purposes. For further information about our privacy practices, or to review and request to have deleted any personal information you have shared with us, please contact us at: email@example.com.
Note for EU Citizens
PRIVO complies with the rights given to EU Citizens under the General Data Protection Regulation (GDPR). These rights are as follows:
- to correct the personal data we have about you;
- to withdraw your consent to the processing of your personal data;
- to obtain a copy of the personal data we hold about you;
- to have your personal data deleted;
- to transfer your personal data to another controller to provide you with services;
- to restrict the personal data we have;
- to request we stop processing your personal data.
You can action any of these rights by contacting us at: firstname.lastname@example.org If you are an EU citizen and would like to make a complaint about the way we process your personal data, you can contact the relevant Data Protection Authority (DPA). Please contact us at email@example.com to find out more.
EU-U.S. Privacy Shield Framework
In the context of an onward transfer, a Privacy Shield organization has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. The Privacy Shield organization shall remain liable under the Principles if its agent processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, PRIVO commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact PRIVO at:
17949 Main St., #1025
Dumfries, VA 22026
Attn: Privacy Officer
PRIVO has further committed to refer unresolved Privacy Shield complaints to JAMS an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/file-an-eu-us-privacy-shield-claim for more information or to file a complaint. The services of JAMS are provided at no cost to you. Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
The EU-US Privacy Shield, as a legal basis for transfers of personal data, has been invalidated by a judgment from the Court of Justice of the European Union. However, for as long as PRIVO is self-certified to the Privacy Shield, PRIVO agrees to process EU Data in compliance with the Privacy Shield Principles. PRIVO may transfer your data outside of the EEA however when we do, we do so under agreements that include adequate privacy protections.