TrustCerts Privacy Policy

Published on 01 September 2019

We are pleased that you use TrustCerts! It is our goal to make digital originals (and their printouts) verifiable for authenticity and thus trust with the help of an intuitive platform. The following describes how we collect, use and handle your personal data when you use our websites, software and services (“services”).

What information we collect and why

We collect and use the following data in order to offer, improve and protect our services:

Account Information – We collect information that you provide to us when you register for an account, upgrade to a paid account, or set up two-factor authentication (such as your name and email address, phone number, payment information, and mailing address) and link it to your account. Some of our services allow you to access your accounts and information through other service providers.

Your Files – Our services are designed to make it as easy as possible for you to access your files, documents, photos, comments, messages, etc. (“your files”), collaborate with others, and work across multiple devices. To this end, we will store, process and transmit your files and related information. This related information includes, but is not limited to, your profile information to help you collaborate with other users and share your files, as well as things such as file size, time of upload, who contributed to it and what usage activities were performed on it. Our services offer you several options for sharing your files.

Usage Information – We collect information about how you use the services. This includes actions you take on your account. We use this information to improve our services, develop new services and features, and protect our users.

Device Information – We also collect information from the devices and about the devices you use to access our services. This includes IP addresses, the type of browser and device you use, the web page you visited before accessing our site, and any identifiers associated with your devices. Depending on your settings, your devices may also transmit location data to the Services.

Cookies and other technologies – We use technologies such as cookies and pixel tags to provide, enhance, protect and market our services. For example, cookies allow us to remember your user name on your next visit, to better understand how you interact with our services, and to improve them accordingly. You can set your browser to accept or reject cookies, but without cookies we may not be able to provide you with the full range of our services.

Marketing – We offer our users the opportunity to use a selection of our services for free. We may provide these free services because some users choose to upgrade to one of our paid services. If you sign up for a free service, we will occasionally provide you with information about upgrades, where permitted. Users who receive these marketing communications may opt out at any time. If you do not wish to receive marketing communications from us, simply click on the unsubscribe link in one of our emails.

We may contact people who do not have a TrustCerts account. For recipients in the EU, we will obtain or have a third party obtain your consent on our behalf before we contact you. If you receive an e-mail and no longer wish to be contacted by TrustCerts, you can unsubscribe and have yourself removed from our contact list via a link in the message.

Legal basis for the processing of your data. We collect and use the personal data described above to provide you with the services in a reliable, secure manner. We also collect and use personal information for our own legitimate business purposes. If we process your personal data for other purposes, your consent will either be obtained in advance or our partners will be required to obtain such consent.

To whom we make this data available

We may share information with others as described below, but we do not sell it to advertisers or other third parties.

Outside companies working for or with TrustCerts – TrustCerts works with various trusted third party companies (such as customer support and IT service providers) to provide, enhance, protect or market our services. These third parties will only access your information to perform functions on our behalf and only in accordance with this privacy policy. We remain responsible for the handling of your information by these third parties in accordance with our instructions.

Other Users – Our Services display information such as your name, profile picture, and profile picture to other users in places such as your user profile and in sharing notifications. You may choose to share your files with other users. If you register your TrustCerts account with an email address from your employer/organization’s domain, we can help your colleagues and administrators find you and your team by making some information about you (such as your name, team name, profile picture, and email address) visible to users in the same domain. This makes it easier to find teams that you can join. It makes it easier for other users to share files and folders with you.

There are also some features that allow you to share more information with other users.

Other applications – You can also give third parties access to your information and account, for example, through TrustCerts APIs. Please note, however, that the use of your information will then be subject to the privacy policy and terms of those third parties.

TrustCerts B2B administrators – If you are a member of TrustCerts B2B, your administrator may have the ability to access and control your TrustCerts B2B account. If you have questions about this, please consult your organization’s internal policies. If you are not a member of TrustCerts B2B, but you interact with a member of TrustCerts B2B, members of that organization may be able to see the name, e-mail address and IP address that were associated with your account at the time of interaction.

Law and order and public interest – We may also disclose your information to third parties if we determine, in our sole discretion, that disclosure is reasonably necessary to (a) comply with applicable laws, regulations, legal process or reasonable requests from governmental authorities, (b) protect a person from death or serious physical harm, (c) protect TrustCerts or our users from fraud or abuse, (d) protect the rights, property, safety or interests of TrustCerts, or (e) perform functions that are in the public interest.

We take the protection of your data very seriously and accept the responsibility that comes with it. We believe that our users’ information on our services should enjoy exactly the same legal protection as on the hard drive of their computer at home.

How we protect our users’ information

Security – TrustCerts employs a team of people whose job it is to protect your data and check for vulnerabilities in the system. In addition to two-factor authentication, encryption of dormant files, and notifications of new device and application links to your account, we are constantly working on additional features to keep your information safe. We use automated technology to detect abusive behavior and content that could harm our services, you, or other users.

User control features – You can access, edit, download and delete your personal information. In addition, you can restrict how we collect and use your information on the user control features page of your TrustCerts account.

Retention – When you sign up for an account with us, we will retain data that you store on our services for as long as your account exists or as long as we need it to provide the services to you. If you delete your account, we also initiate the deletion of this information after 30 days. Please note: (1) Some time may pass between deletion on our servers and deletion in the backup, and (2) we may retain this information to fulfill our legal obligations, resolve disputes or enforce our contracts.

Where we store and process the data of our users

Applies globally – For the provision of our services, the data is stored, processed and transmitted at locations in Germany, i.e. exclusively at locations which are subject to the data protection guidelines of the EU. Data may also be stored locally on the devices you use to access the services.

Changes

Your information may be transferred as part of any restructuring, merger, acquisition or sale of our assets. In this case, TrustCerts will notify you, for example, by email to the address associated with your account and explain all your options.

We reserve the right to change this privacy policy from time to time. The current version is available from our website. If a change significantly restricts your rights, we will notify you.

Your right to control and access your information

You have control over your personal information and how it is collected, used and shared. Among other things, you are entitled to do the following:

  • delete or remove all or part of your files in your TrustCerts account.
  • change or correct personal data. You can manage your account and its content and edit your personal data on the “Account Settings” page.
  • Access and take possession of your data. You may ask us to provide you with a copy of the personal information you have provided to us.
Use of Google Analytics

We use Google Analytics to analyse website usage. The resulting data is used to optimise our website and advertising measures.

Google Analytics is a web analysis service provided by Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, United States). Google processes the data for website use on our behalf and is contractually obliged to take measures to ensure the confidentiality of the processed data.

During your visit to the website, the following data, among others, is recorded:

  • Pages viewed
  • Orders including the turnover and the ordered products
  • The achievement of “website objectives” (e.g. contact requests and newsletter subscriptions)
  • Your behaviour on the pages (for example clicks, scrolling behaviour and dwell time)
  • Your approximate location (country and city)
  • Your IP address (in abbreviated form, so that no clear assignment is possible)
  • Technical information such as browser, Internet provider, terminal device and screen resolution
  • Source of your visit (i.e. via which website or advertising medium you came to us)


This data is transferred to a Google server in the USA. Google complies with the data protection regulations of the “EU-US Privacy Shield” agreement.

Google Analytics stores cookies in your web browser for a period of two years since your last visit. These cookies contain a randomly generated user ID with which you can be recognised during future visits to the website.

The recorded data is stored together with the randomly generated user ID, which enables the evaluation of pseudonymous user profiles. This user-related data is automatically deleted after 14 months. Other data remains stored in aggregated form for an unlimited period.

If you do not agree with the collection, you can prevent this by installing the browser add-on once to deactivate Google Analytics.
Alternatively, by clicking on this link you can prevent Google Analytics from collecting data about you within this website. By clicking on the link above, you download an “opt-out cookie”. Your browser must therefore allow the storage of cookies for this purpose. If you delete your cookies regularly, you will need to click on the link again each time you visit this website.

Contact

If you are resident in the EU, TrustCerts GmbH has control over your personal data. Do you have questions about TrustCerts, our services and data protection? Please write to our data protection officer at privacy@trustCerts.de. If your question cannot be answered there, you are entitled to contact your local data protection authority.