Data Protection Policy
VD Custodian™ Monitoring Software
INFORMATION WE COLLECT
The categories and types of information we collect about you depend on the nature and extent of your interactions with VD Custodian and the Service. This section describes the categories of information we may collect and the sources from which such information may be obtained. The information described below is collected and processed for the purposes of providing, maintaining, and improving the Service, as well as for the other purposes described in this Data Protection Policy.
Information You Provide To Us
If you are a website visitor, customer, or administrator, we collect information that you provide directly to us through various channels and interactions. For example, you share information directly with us when you create an account, purchase a subscription, complete contact forms on our website, request customer support, or otherwise communicate with us. The types of personal information we may collect include:
Contact Information: This may include your full name, business email address, telephone number, and business mailing address as provided by you during account registration, subscription purchase, or support interactions.
Account and Organization Information: This may include account credentials, company or organization name, department affiliation, job title, and organizational information relevant to the deployment and administration of the Service.
Billing and Payment Information: Payment method details, billing addresses, and transaction history related to our Service. Payment processing is handled by third-party payment processors, and we do not directly store complete credit card numbers on our systems.
Information We Collect Automatically
When you access or use our websites or Service, we automatically collect certain information about your device, your usage patterns, and your interactions with the Service. This information is collected through various standard technologies and methods, including:
Device and Usage Information: We collect information about how you access our website and Service, which may include your IP address, device identifiers, browser type and version, operating system information, the referring URL that directed you to our website, timestamps of your visits, pages viewed, session duration, and general interaction patterns.
Cookies and Tracking Technologies: We and our service providers use cookies, web beacons, and similar technologies to collect information about your interactions with our websites and Service. These technologies help us understand usage patterns, remember preferences, and improve the Service. Many browsers allow you to manage or block cookies through browser settings. Please note that restricting cookies may affect certain features and functionality of the Service.
Transactional Information: When you purchase a subscription, change your plan, or cancel your account, we collect information about these transactions, including plan details, purchase amounts, transaction dates, payment method used, and billing cycle information. Sensitive payment information is processed by our third-party payment processors.
Monitoring Data We Process on Behalf of Customers
Through the monitoring software deployed by our customers on their organizational devices, we process data about end user activities as authorized and directed by our customers. With respect to this monitoring data, our customers are the data controllers and we act as a data processor. The categories of monitoring data that may be processed include:
System Performance Data: CPU utilization, memory usage, disk space consumption, network bandwidth utilization, system uptime and events, and general system health indicators as reported by the monitoring agent.
User Activity Information: Application usage patterns and duration, website browsing activity, active versus idle time tracking, and productivity-related metrics as configured and authorized by the deploying organization.
Security and Compliance Data: Login and logout timestamps, failed authentication attempts, access to restricted resources, policy violation events, and audit trail information as configured by the deploying organization for compliance purposes.
Network Activity Information: IP address information, VPN usage detection, network traffic patterns, and file transfer activities as configured by the deploying organization.
The specific data points collected depend on the configuration choices made by the deploying organization. Customers are solely responsible for ensuring that the monitoring activities they configure comply with applicable laws, regulations, and their own organizational policies.
HOW WE USE YOUR INFORMATION
We use the information we collect from customers, website visitors, and end users for the following purposes, to the extent applicable:
Service Delivery and Management
Provide, maintain, and improve the Service and its features and functionality
Process transactions, manage subscriptions, and send related communications including confirmations, receipts, invoices, and service-related notices
Respond to your comments, questions, and support requests, and provide customer service
Monitor and analyze usage patterns and trends in connection with the Service to inform product development and improvements
Customize and tailor your experience with the Service based on your preferences and usage patterns
Security and Compliance
Detect, investigate, and take reasonable measures to prevent unauthorized access, security incidents, and other potentially harmful or illegal activities
Protect the rights, property, and safety of VD Custodian, our customers, and the public
Debug and identify errors to improve the reliability and functionality of the Service
Comply with our legal and regulatory obligations under applicable laws
End User Data Processing
We process monitoring data collected from or about end users solely as directed by and on behalf of our customers, the data controllers. This processing is performed to provide the workforce monitoring services that our customers have subscribed to, including generating reports and analytics as configured by the customer. We may also process end user data that has been anonymized and aggregated in a manner that does not identify any individual person or specific entity. Such de-identified data may be used to improve and develop the Service, and we will not attempt to re-identify such information except as permitted by applicable law.
HOW AND WITH WHOM WE MAY DISCLOSE YOUR INFORMATION
We do not sell your personal information. We may disclose personal information in the following circumstances:
To third-party service providers that perform functions on our behalf, such as hosting, payment processing, analytics, and customer support. These providers are contractually required to use personal information only as necessary to provide services to us.
If we believe disclosure is required by applicable law, regulation, or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements.
If we believe your use of the Service is inconsistent with our Terms of Service or other applicable agreements, or if disclosure is necessary to protect the rights, property, or safety of VD Custodian, our customers, or the public.
To our legal counsel and professional advisors to obtain legal advice or otherwise protect and manage our business interests.
In connection with a merger, acquisition, bankruptcy, reorganization, or other sale or transfer of all or a portion of our business or assets, your personal information may be transferred to the successor entity.
With your explicit consent or as directed by our customers who have authorized such disclosure.
DATA RETENTION
We retain personal information for as long as you maintain an active relationship with VD Custodian and as necessary for the purposes for which it was collected, including to comply with our legal obligations, resolve disputes, and enforce our agreements. The specific retention period for different categories of information varies based on the nature of the information, the purposes for which it was collected, and applicable legal requirements. Monitoring data retention periods are determined by our customers' configurations and applicable legal obligations. When personal information is no longer required, we will delete or de-identify it in accordance with our data retention practices and applicable law.
YOUR PRIVACY CHOICES AND RIGHTS
Depending on your location and the privacy laws that apply to you, you may have certain rights regarding your personal information, including the right to access, correct, delete, port, or restrict the processing of your information.
Communication Preferences
If you receive marketing communications from us, you may opt out at any time by following the unsubscribe instructions in those communications or by contacting us. Please note that we may still send you transactional or service-related communications that are necessary for the operation of the Service.
Access, Correction, and Deletion Rights
You may have the right to access, review, correct, or request deletion of certain personal information we maintain about you. You may also have the right to request that we provide your personal information in a portable format. To exercise these rights, please contact us at the email address provided below. We will respond to your request within a reasonable timeframe and in accordance with applicable law. We may need to verify your identity before processing certain requests, and some information may be retained as required by law or for legitimate business purposes.
End User Rights
If you are an end user whose activities are monitored through the Service, please note that your employer or organization (our customer) is the data controller for the monitoring data collected about you. Requests relating to the access, correction, deletion, or other processing of your monitoring data should be directed to your employer or the organization that deployed the monitoring software. We will cooperate with our customers to fulfill such requests as appropriate.
INTERNATIONAL DATA TRANSFERS
VD Custodian operates with service providers and infrastructure located in various jurisdictions, including the United States and other countries. Your personal information may be transferred to, stored in, and processed in jurisdictions that may not provide the same level of data protection as your home jurisdiction. By using the Service, you consent to the transfer of your information to such jurisdictions. We take commercially reasonable steps to ensure that your information receives an adequate level of protection in the jurisdictions in which it is processed.
DATA SECURITY
We implement commercially reasonable administrative, technical, and organizational measures designed to help protect personal information against unauthorized access, disclosure, alteration, or destruction. However, no system is completely secure, and we cannot guarantee the absolute security of your information. You use the Service and transmit information to us at your own risk. We encourage you to take steps to protect your account credentials and personal information.
CHANGES TO THIS POLICY
We reserve the right to modify this Data Protection Policy at any time at our sole discretion. If we make changes, we will update the "Last Updated" date at the top of this page. Your continued use of the Service after any changes constitutes your acceptance of the updated policy. We encourage you to review this policy periodically for the latest information on our data protection practices.
CONTACT INFORMATION
For questions about this Data Protection Policy, to exercise your privacy rights, or for data protection inquiries: