For the purposes of this policy, Cryptlex defines the term “User” as an entity who registers for our services through our website or an individual whose data you (our customer) collect and store using our services and the term “Visitor” as an individual that visits our website (e.g. https://cryptlex.com).
The following sections cover the specifics of website visitors and users from which data is collected.
By visiting this website, you consent to the collection and use of your Personal Data as described herein. If you do not agree with the terms set out herein, please do not visit this website. If required by applicable law, we will seek your explicit consent to process Personal Data collected on this website or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your Personal Data, the use of this website may not be possible.
Such Personal Data may comprise your IP address, first and last name, company name, and email address.
Cryptlex gathers data about visits to the website, including numbers of Visitors and visits, Geo-location data, length of time spent on the site, pages clicked on, or where Visitors have come.
Cryptlex uses the collected data to communicate with Visitors, to customize content for Visitors, and to improve its website by analyzing how Visitors navigate its website.
We do not sell, trade, or rent your personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates, and advertisers for the purposes outlined above. We may use third-party service providers to help us operate our business and administer activities on our behalfs, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes.
Cookies are small pieces of information sent by a website to a Visitor’s hard disk. Cookies cannot be used to run programs or deliver viruses to your computer. By continuing to visit the website, you agree to the placement of cookies on your device. If you choose not to accept our cookies, we cannot guarantee that your experience will be as fulfilling as it would otherwise be. We may also place cookies from third parties for functional and marketing purposes.
In order to provide services to its Users (our customers and your customers), Cryptlex collects certain types of data from them. This section will describe how these two types of data are collected and used by Cryptlex. Data entered or transferred into Cryptlex by Users remains the property of the User and may not be shared with a third party by Cryptlex without express consent from the User.
Information in this category includes the information you provide when registering to use our services and further usage of our services. This data is primarily stored within Cryptlex and a part of it may also be stored in third party services.
18.104.22.168 Personal information stored within Cryptlex
- First name, last name, email, company name
- Stripe customer and subscription unique identifiers
- IP addresses for rate-limiting (stored temporarily)
22.214.171.124 Personal information stored in third-party services
- Name and email (through Stripe, Hubspot, and Intercom)
- Company name (through Stripe, Hubspot, and Intercom)
- Links to social media profiles (through Hubspot)
- Credit card information (securely stored within Stripe)
- Website usage (through Google Analytics)
- Geographic location (through Google Analytics)
- Name, email, and IP addresses in crash reports (through Bugsnag retained for seven days)
Information in this category includes the information you store when adding license users, information collected at the time of license activation to identify the user device required for node-locked licensing, and additional metadata stored along with user or license activation data which may or may not contain personally identifiable information.
This data is only stored within Cryptlex and is entirely owned by you. This data is never shared with any third-parties outside of our logging, crash reporting, and other infrastructure-related services.
126.96.36.199 Personal information stored within Cryptlex
- First name, last name, email
- User metadata (may or may not contain personal data)
- Geo-location data
- License activation metadata (may or may not contain personal data)
- Following device details associated with license activation:
- Hostname of the device
- Username of the device (hashed using SHA256)
- Operating system of the device
- Virtual machine being run on the device
- Fingerprint of the device generated using various hardware components (hashed using SHA256)
- IP address of the device
188.8.131.52 Personal information stored in third-party services
- Name, email, and IP addresses in crash reports (through Bugsnag retained for seven days)
The European Parliament adopted the GDPR in April 2016, replacing an outdated data protection directive from 1995. It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. We will apply the GDPR to all the users whose personal data is either stored within Cryptlex or who use our services, whether inside or outside of the EU.
Cryptlex processes Personal Data both as a Processor and as a Controller, as defined in the Directive and the GDPR.
In the GDPR “controller’ means a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union/Member State law.
For user data, as outlined in section 1.2.1, Cryptlex will be the data controller.
For user data, as outlined in section 1.2.2, you (our customer) will be the data controller.
The processor is the entity that processes personal data on behalf of the controller under the controller’s instructions.
We (Cryptlex) are a data processor.
If you are our User, we process your Personal Data based on your consent and based on the need to perform the obligations of our contract with you. We collect and use Personal Data for the purposes of providing the Services to our Users at their instruction, processing Personal Data on behalf of Users, improving the Services, and conducting related tasks for legitimate business purposes.
184.108.40.206 Data Protection Officer
1.2.4 Standard Contractual Clauses
According to the General Data Protection Regulation (GDPR), contractual clauses ensuring appropriate data protection safeguards can be used as a ground for data transfers from the EU to third countries. Cryptlex relies on the European Commission-approved Standard Contractual Clauses (SCCs) as a legal mechanism for data transfers from the EU. SCCs are contractual commitments between companies transferring personal data, binding them to protect the privacy and security of such data. Cryptlex adopted SCCs so that the necessary data flows can be protected when transferred outside the EU to countries that have not been deemed by the European Commission to adequately protect personal data, including protecting data transfers to the United States.
Cryptlex is committed to ensuring that your privacy and the data you share with us is protected. We use the best industrial practices to secure and protect the important business data you store within Cryptlex.
All information is stored securely and is accessed by authorized personnel only. Cryptlex implements and maintains appropriate technical, security, and organizational measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft, or disclosure.
Cryptlex will not retain data longer than is necessary to fulfil the purposes for which it was collected or as required by applicable laws or regulations. When a user's account is terminated, all the related Personal Data stored within Cryptlex will be deleted, as required by applicable law. For the user data, collected by you (our customer), with an active account, you will have the responsibility to delete the data when required.
We will reveal a user’s personal information without his/her prior permission only when we have reason to believe that the disclosure of this information is required to establish the identity of, to contact, or to initiate legal proceedings against a person or persons who are suspected of infringing rights or property belonging to Cryptlex or to others who could be harmed by the user’s activities or of persons who could (deliberately or otherwise) transgress upon these rights and property. We are permitted to disclose personal information when we have good reason to believe that this is legally required.
Although Cryptlex makes good faith efforts to provide individuals with access to their Personal Information, there may be circumstances in which Cryptlex is unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the Individual’s privacy in the case in question or where it is commercially proprietary. If Cryptlex determines that access should be restricted in any particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries. To protect your privacy, Cryptlex will take commercially reasonable steps to verify your identity before granting access to or making any changes to your personal information.
You have the right to opt-out of certain uses and disclosures of your personal information. Where you have consented to Cryptlex's processing of your personal information, you may withdraw that consent at any time and opt-out to further processing by contacting us at [email protected]. Even if you opt-out, we may still collect and use non-personal information regarding your activities on our site.
WE MAINTAIN “DO-NOT-MAIL” LISTS AS MANDATED BY LAW. WE PROCESS REQUESTS TO BE PLACED ON DO-NOT-MAIL AND DO-NOT-CONTACT LISTS WITHIN 60 DAYS AFTER RECEIPT, OR SUCH A SHORTER TIME AS MAY BE REQUIRED BY LAW.
- We use vendors and service providers. We may share any information we receive with vendors and service providers. The types of service providers to whom we entrust personal information include service providers for (i) provision of IT and related services; (ii) provision of information and services you have requested; (iii) payment processing; (iv) customer service activities; and (v) in connection with the provision of the Site.
- Disclosures to protect us or others (e.g., as Required by law and similar disclosures). We may access, preserve, and disclose your Personal Information, other account information, and content, if we believe doing so is required or appropriate to (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) respond to your requests; (iii) protect yours’, ours’ or others’ rights, property, or safety; (iv) to enforce Cryptlex policies or contracts; (v) to collect amounts owed to Cryptlex; (vi) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation or prosecution of suspected or actual illegal activity; or (vii) if we, in good faith, believe that disclosure is otherwise necessary or advisable.In addition, from time to time, server logs may be reviewed for security purposes – e.g., to detect unauthorized activity on the Services. In such cases, server log data containing IP addresses may be shared with law enforcement bodies in order that they may identify users in connection with their investigation of unauthorized activities.
Last Updated: September 28th, 2021