Privacy statement
SureCloud Ltd is committed to protecting and respecting the privacy of you as a user of this marketing website and our platform service websites.
SureCloud platform cookies
We use cookies on our platform in order to provide our service to you. Learn more about SureCloud platform cookies.
Aurora platform cookies
We use cookies on our platform in order to provide our service to you. Learn more about Aurora platform cookies.
Use of your information
We use personal data about you for various purposes connected with our Site and our Services as described below. In order to use your information we must have a legal basis for doing so. The legal basis that we rely upon is explained further below. We will only use your information where it is necessary:
- to fulfil our contract for Services with you (or the customer whom you represent);
- to comply with a legal obligation to which we are subject; or
- for our legitimate business interests that are not overridden by your interests, rights and freedoms.
Where none of the above applies, we will request your consent (which we will ask for before we process your information).
Use of your information
SureCloud Ltd (“we”, “us”, “our”) is committed to protecting and respecting the privacy of you (“you”, “your”) as a user of this website https://www.surecloud.com (“Site”) or if you are a customer (or representative of a customer of ours) to whom we provide Cloud-based Governance, Risk and Compliance Applications and Cyber Security Services (“Services”).
This website privacy policy (together with our Legal Terms and Cookie Policy) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding the personal data that is used by us and how we will treat it.
Site users
We collect and process the following information about you for the following purposes:
Information you provide to us
This is typically your name, the company you work for telephone number and email address in order to:
- Request a demo;
- Register for an event;
- Receive our newsletters;
- Respond to your inquiry (in relation to the services we offer or in relation to a potential employment opportunity);
- Responses to surveys that you choose to participate in which we use for research purposes;
- Other features and services we may offer on our Site from time to time. In such an instance, we may ask you for your personal data in order to provide such services.
Site users
The table below sets out further information about the purposes for which we use data about you, with the corresponding methods of collection and legal basis that we rely upon for its use.
Information we automatically collect:
- Details of your visits to this Site and the resources that you access
For example, we may compile reports and statistical analyses about how many users visited our Site, what pages have been browsed, and from what geographic regions users visited the Site. This may include information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information on Site usage. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual. - Cookies and web beacons
We use cookies to enable you to use this Site and the materials on this Site. Cookies are also used to distinguish you from other users of this Site. This helps us to provide you with a good experience when you browse our Site and also allows us to improve our Site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy. We may also use web beacons (e.g. internet tags, pixel tags or clear GIFs).
Customers
In order to provide Services to our customers, we collect and process personal data, such as:
- Contact information, such as your name, the company you work for (if you are a representative of the customer), your title or position, postal address, email address and telephone number;
- Information you provide to us for the purposes of attending meetings and events, including dietary preferences and access requirements;
- Identification and background information provided by you or collected as part of our customer onboarding procedures;
- Information provided to us by or on behalf of our customers or generated by us in the course or providing services to them, which may include special categories of data;
- Any other information relating to you which you may provide to us.
Third party processors
Download our up-to-date list of sub-processors here.
Site users
Purpose | Legal basis for processing |
To manage and facilitate your use of our Site:
|
Legitimate interests – This processing is necessary in order to provide you with the best experience when visiting our Site or using our Services. |
To communicate with you:
|
Legitimate interests – Processing is necessary to respond to communications that you send to us, inform you of relevant information in relation to the Services that we provide and to improve Services that we offer to you. |
To send you information about our Services:
|
Legitimate interests – Where you have requested information from us, such as newsletters, publications or event invitations, we send such email communications based on response to a request.
You can ask us to stop sending such communications at any time by clicking on the unsubscribe link at the bottom of the message or by contacting us at privacy@surecloud.com. |
To improve and develop our Site we conduct statistical analyses on your usage of the Site e.g., to enable us to improve our Site, offer new features and materials, etc. | Legitimate interests – It is our legitimate business interest to identify ways to improve our Services (and develop new ones) and our Site for our customers. |
Customers
Purpose | Legal basis for processing |
To provide you or our customer with our Services:
|
Contractual – Processing is necessary for the performance of the contract between you and us in relation to our Services. |
|
Contractual and Legal – Processing is necessary for the performance of the contract between you and us in relation to our Services. Processing is also necessary to comply with legal and regulatory requirements we are subject to. |
To share information with trusted third parties for support and marketing purposes. | Legitimate interests – It is our legitimate business interest to share your data with trusted third parties in the provision of the Services. |
To send you information about our services:
|
Legitimate interests – Where you have requested information from us, such as newsletters, publications or event invitations, we send such email communications based on response to a request.
You can ask us to stop sending such communications at any time by clicking on the unsubscribe link at the bottom of the message or by contacting us at |
Telephone call recording
|
Legitimate interests – It is our legitimate business interest to record your calls for quality and staff training purposes, comply with laws to which we are subject and protect our business interests and legal rights. |
Sharing of your information
Site users
We may disclose your personal data to trusted third parties as described below:
- With exception of product update, optional integrations and support messages (further described below), information collected as part of our Services is not shared with any third parties, it is used for SureCloud business activities only.
- Where we are under an obligation to disclose your personal data to regulatory authorities, courts, tribunals, government agencies or law enforcement agencies or in order to enforce our terms of business or legal rights;
- Our professional advisers and auditors in order to manage and administer our business;
- Third party service providers which provide us with services e.g., IT providers, analytics providers, marketing service providers, customer verification providers, credit checking companies, debt collection agencies and hosting companies, etc.
- If our assets, or substantially all of our assets are merged or acquired by a third party, in which case your personal data may form part of the transferred or merged assets.
If you would like to receive a full list of our suppliers and other third parties who we share your data with then you can get in touch with us using the details provided in the section Contact Us section.
In some instances, we may intend to use your information in ways that are not described above. However, we will inform you before doing so and if necessary seek your consent to do so.
Customers
Where personal data is processed as part of our Services it will not transferred outside of your chosen platform location; Europe or North America, with the exception of product update and support notifications as described in the “Sharing of your information” section above
Product update and support messages: We may use Service user contact information, such as name and email addresses to send out product and support information. This may be communicated through email marketing cloud service providers, such as SalesForce.com and HubSpot.
If you would like to receive a full list of our suppliers and other third parties who we share your data with then you can get in touch with us using the details provided in the Contact Us section.
In some instances, we may intend to use your information in ways that are not described above. However, we will inform you before doing so and if necessary seek your consent to do so.
Transfers of your personal data
Site users
We are part of an international group of entities and, as such, your personal data may be transferred to and stored at a destination outside the European Union (“EU”) depending on the nature of the Services we provide to you. The entities within our group are:
- SureCloud Limited (UK based business)
- SureCloud, Inc (US based business)
Your personal data may also be processed outside the EU by one of our service providers.
Where we process your personal data outside of the EU, we will ensure that your personal data is protected by implementing appropriate safeguards, such as a European Commission adequacy decision, the EU-US Privacy Shield Certification or the EU Commission approved Standard Contractual Clauses. If you would like more information about any of the data transfer safeguards we implement you can get in touch with us using the details provided in the section Contact Us section.
For US only: When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email or home address. We (or service providers on our behalf) may then send communications and marketing to these email or home addresses. You may opt out of receiving this advertising by visiting https://app.retention.com/optout
Customers
Where personal data is processed as part of our Services it will not transferred outside of your chosen platform location; Europe or North America, with the exception of product update and support notifications as described in the “Sharing of your information” section above.
In some instances, we may intend to use your information in ways that are not described above. However, we will inform you before doing so and if necessary seek your consent to do so.
How we protect your information
We implement appropriate technical and organizational measures to protect personal data that we hold from unauthorized disclosure, use, alteration or destruction. Where appropriate, we use encryption and other technologies that assist in securing the data you provide. We also require our service providers to comply with strict data privacy requirements.
How long we keep your information for
The period for which we may retain your information will depend on the purposes for which the data was collected, whether you have requested deletion of the data, applicable limitation periods for legal action, whether any legal or regulatory obligations require the retention of the data and good practice or our business interests. We will not retain data about you for longer than is necessary to fulfil the purposes for which the data was collected.
Your rights
You may have some or all of the following rights in respect of the information about you that we process:
- request us to give you access to it
- request us to rectify it or update it (where it is inaccurate or incomplete)
- request us to restrict our using it, in certain circumstances
- request us to erase it, in certain circumstances
- object to our using it, in certain circumstances
- withdraw your consent to our using it
- data portability, in certain circumstances
- opt out from our using it for direct marketing; and
- lodge a complaint with the relevant supervisory authority (in the UK, the Information Commissioner’s Office ico.org.uk )
These rights are explained in more detail in the table below:
Your right | Further detail (note: certain legal limits to all these rights apply) |
to request us to give you access to it | This is confirmation of:
On your request we will provide you with a copy of the data we hold. |
to request us to rectify or update it | This applies if the data we hold is inaccurate or incomplete. |
to request us to erase it | This applies if:
|
to request us to restrict our processing of it |
This right applies, temporarily while we look into your case, if you:
(if you make use of your right in these cases, we will tell you before we use the data again). This right applies also if:
|
to object to our processing it |
You have two rights here:
|
to withdraw your consent to our using it |
This right applies to any data which we have collected and process based on your consent. You have the right at any time to withdraw the consent you have provided to us. |
to data portability |
This right applies:
If both (1) and (2) apply, you have the right to receive the data from us in a commonly used format, and the right to require us to transmit the data to someone else if it is technically feasible. |
to lodge a complaint with the Information Commissioner’s Office or other supervisory authority in your country or take your complaint to a national court | Each EU country has a supervisory authority responsible for upholding data protection rights. In the UK, this is the Information Commissioners Office.
You can find their contact details here. You also have the right to obtain a remedy from a national court. |
Contact us
If you have any questions, would like to exercise any of your rights in relation to your information or need further information about our privacy practices, please contact us at privacy@surecloud.com
Changes to this policy
We may update this policy from time to time as shown below. We will notify you of the changes where required by applicable law to do so.
Last modified 10th August 2023.