RedShield Privacy & Security Policy

Overview

This RedShield Privacy and Security Policy outlines the general policy and practices for the types of information that RedShield gathers, how we use that information, and the options that our users have regarding our use of, and ability to correct, such information.

RedShield considers that any personal information provided to us by you will remain personal. As such, RedShield will never sell, rent, share, or otherwise disclose any received personal information to anyone except to provide our services or as otherwise described in this Policy, without providing explicit notice of such.

Access or use of the web-sites or services of RedShield, or the provision of information to RedShield or customers who pay for our services constitutes consent to the onward transfer, processing, collection, use, disclosure, retention, and protection of personal information as described in this Privacy Notice and potential storage of this information within RedShield’s global infrastructure.

RedShield only processes personal information in a manner that is compatible with and relevant to the purpose for which it was collected or authorized. Data is protected from misuse and only shared for purposes that align with RedShield’s primary business goal of protecting client web applications.

Application and Context

This policy should be applied to information supplied to RedShield by:

  • Customers who consume RedShield services,
  • Users supplying information to RedShield customers through the use of a subscribing service, and
  • Visitors to any RedShield website.

RedShield’s services facilitate the flow of information between Internet users and customer websites, as such the provisions in this policy govern only the activities of RedShield and not the policies of our customers. If you disclose your information to others, or if you are directed to a third party website, their privacy notices and practices will apply.

Personal Information

“Personal information” is information that can be associated with a specific person and could be used to identify that specific person whether from that data or from that data and other information that RedShield has or is likely to have access to. RedShield do not consider personal information to include information that has been made anonymous or aggregated so that it can no longer be used to identify a specific person, whether in combination with other information or otherwise.

Global Privacy Standard

RedShield Security has established a global privacy standard, these are our commitment to protect personal information and honor our privacy obligations regardless of where personal information is collected, processed or retained within RedShield.

Data Collection

To enable the detection of known or new web threats, or malicious third party activities, the traffic of Internet users that utilise the RedShield website, or sites that are protected using RedShield services, may be logged. This enables us to provide an enhanced service to users and better protect our users web services.

RedShield collect, and are the owners of, information pertinent to the services offered. This information is used for statistical reporting purposes and further enhancements to our services.

RedShield offer a protection service to our users and in the instance where we detect malicious intent in a user’s Internet traffic flow, we may share this information.

Our core business depends on the security of the communications between our users and customers, as such RedShield will never use or share your personal information in ways unrelated to the direct provision of the services we provide. RedShield do not provide personal information to any third parties marketing purposes.

In order that RedShield are able to provide an accurate invoice to customers the amount of traffic to customer websites is additionally recorded, however this information is used only for the strict purpose of facilitating payments.

RedShield do not store full credit card numbers or primary account numbers (PAN).

Data Aggregation

In order that our clients have an understanding of the types, quantity, and technical composition of traffic that their websites process RedShield will aggregate compiled data in reports and presentations. Data used in these types of reports will never include Personally Identifiable Information (PII).

Legal Jurisdiction & Compliance

In the process of its business RedShield may be required to provide information about its clients to law enforcement authorities. In compliance with local laws and regulations RedShield will provide requested information. However, this will only be in the instance where legal procedure has been followed i.e. relevant court orders are presented. Additionally, RedShield will notify users if a request of this nature has been made, unless a specific legal request is made that prevents this.

RedShield also have legal obligations that necessitate the retention of personal information and data, once no longer required to comply with these obligations this data is securely removed.

Data Security and Access

RedShield protect all supplied information using technical and administrative security measures that reduce the risk of loss, misuse, unauthorised access, disclosure or alteration. The effectiveness of the protection mechanisms used is validated by independent auditors and are aligned with international best standards.

If RedShield were to merge with or be acquired by another company, we may share information with them in accordance with our privacy standards. Should such an event occur, we will require that the new combined entity follow this Privacy Notice with respect to personal information. If personal information will be collected, used, disclosed, or retained for any purposes not covered in this Privacy Notice, RedShield will provide prior notification of the new purposes and any options to opt-out.

Should RedShield acquire personal information of any kind we will take steps to remove it securely from the environment. Currently, RedShield have no direct business use for this kind of information.

Notification of Changes

RedShield may amend this Privacy Notice at any time by posting the amended terms on this site. All amended terms automatically take effect 30 days after they are posted. We will announce any material changes to this Privacy Notice through the RedShield Customer Portal and by updates to this website.

Effective Date
May 30, 2017

Contact Information for Questions or Complaints

If you have a question or a complaint about this Privacy Notice, RedShield’s privacy standards, or information handling practices, you can reach our offices in writing at:

RedShield Security, P.O. Box 25609, Wellington, New Zealand

Otherwise, you can send an email to privacy@redshield.co.

Note: Emails to this address are distributed to a select few RedShield senior staff members and tracked for reporting purposes.