For the purposes of this policy, Cryptlex defines the term “User” as an entity who registers for our services through our website or an individual whose data you (our customer) collect and store using our services and the term “Visitor” as an individual that visits our website (e.g. https://cryptlex.com).
The following sections cover the specifics of website visitors and users from which data is collected.
By visiting this website, you consent to the collection and use of your Personal Data as described herein. If you do not agree with the terms set out herein, please do not visit this website. If required by applicable law, we will seek your explicit consent to process Personal Data collected on this website or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your Personal Data, the use of this website may not be possible.
Such Personal Data may comprise your IP address, first and last name, company name, and email address.
Cryptlex gathers data about visits to the website, including numbers of Visitors and visits, Geo-location data, length of time spent on the site, pages clicked on, or where Visitors have come.
Cryptlex uses the collected data to communicate with Visitors, to customize content for Visitors, and to improve its website by analyzing how Visitors navigate its website.
We do not sell, trade, or rent your personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates, and advertisers for the purposes outlined above. We may use third-party service providers to help us operate our business and administer activities on our behalfs, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes.
Cookies are small pieces of information sent by a website to a Visitor’s hard disk. Cookies cannot be used to run programs or deliver viruses to your computer. By continuing to visit the website, you agree to the placement of cookies on your device. If you choose not to accept our cookies, we cannot guarantee that your experience will be as fulfilling as it would otherwise be. We may also place cookies from third parties for functional and marketing purposes.
In order to provide services to its Users (our customers and your customers), Cryptlex collects certain types of data from them. This section will describe how these two types of data are collected and used by Cryptlex. Data entered or transferred into Cryptlex by Users remains the property of the User and may not be shared with a third party by Cryptlex without express consent from the User.
Information in this category includes the information you provide when registering to use our services and further usage of our services. This data is primarily stored within Cryptlex and a part of it may also be stored in third party services.
220.127.116.11 Personal information stored within Cryptlex
First name, last name, email, company name
Stripe customer and subscription unique identifiers
IP addresses for rate-limiting (stored temporarily)
18.104.22.168 Personal information stored in third-party services
Name and email (through Stripe, Hubspot, and Intercom)
Company name (through Stripe, Hubspot, and Intercom)
Links to social media profiles (through Hubspot)
Credit card information (securely stored within Stripe)
Website usage (through Google Analytics)
Geographic location (through Google Analytics)
Name, email, and IP addresses in crash reports (through Bugsnag retained for seven days)
Information in this category includes the information you store when adding license users, information collected at the time of license activation to identify the user device required for node-locked licensing, and additional metadata stored along with user or license activation data which may or may not contain personally identifiable information.
This data is only stored within Cryptlex and is entirely owned by you. This data is never shared with any third-parties outside of our logging, crash reporting, and other infrastructure-related services.
22.214.171.124 Personal information stored within Cryptlex
First name, last name, email
User metadata (may or may not contain personal data)
License activation metadata (may or may not contain personal data)
Following device details associated with license activation:
Hostname of the device
Username of the device (hashed using SHA256)
Operating system of the device
Virtual machine being run on the device
Fingerprint of the device generated using various hardware components (hashed using SHA256)
IP address of the device
126.96.36.199 Personal information stored in third-party services
Name, email, and IP addresses in crash reports (through Bugsnag retained for seven days)
The European Parliament adopted the GDPR in April 2016, replacing an outdated data protection directive from 1995. It carries provisions that require businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. We will apply the GDPR to all the users whose personal data is either stored within Cryptlex or who use our services, whether inside or outside of the EU.
Cryptlex processes Personal Data both as a Processor and as a Controller, as defined in the Directive and the GDPR.
In the GDPR “controller’ means a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union/Member State law.
For user data, as outlined in section 1.2.1, Cryptlex will be the data controller.
For user data, as outlined in section 1.2.2, you (our customer) will be the data controller.
The processor is the entity which processes personal data on behalf of the controller under the controller’s instructions.
We (Cryptlex) are a data processor.
If you are our User, we process your Personal Data based on your consent and based on the need to perform the obligations of our contract with you. We collect and use Personal Data for the purposes of providing the Services to our Users at their instruction, processing Personal Data on behalf of Users, improving the Services, and conducting related tasks for legitimate business purposes.
188.8.131.52 Data Protection Officer
Cryptlex has a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This “Data Protection Officer” can be contacted through email at firstname.lastname@example.org.
Under the EU-US Privacy Shield Framework, we are responsible for the processing of information about you we receive from the EU and onward transfers to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for such onward transfers and remain liable in accordance with the Privacy Shield Principles if third-party agents that we engage to process such information about you on our behalf do so in a manner inconsistent with the Privacy Shield Principles unless we prove that we are not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, Cryptlex commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Cryptlex at email@example.com.
Cryptlex has further committed to cooperate with the panel established by the EU data protection authorities with regard to unresolved Privacy Shield complaints concerning data transferred from the EU. The Federal Trade Commission has jurisdiction over Cryptlex’s compliance with the Privacy Shield.
An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information please refer to Annex I.
Cryptlex is committed to ensuring that your privacy and the data you share with us is protected. We use the best industrial practices to secure and protect the important business data you store within Cryptlex.
All information is stored securely and is accessed by authorized personnel only. Cryptlex implements and maintains appropriate technical, security, and organizational measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft, or disclosure.
If you have questions or concerns, reach out to us at firstname.lastname@example.org.
Cryptlex will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. When a user's account is terminated, all the related Personal Data stored within Cryptlex will be deleted, as required by applicable law. For the user data, collected by you (our customer), with an active account, you will have the responsibility to delete the data when required.
We will reveal a user’s personal information without his/her prior permission only when we have reason to believe that the disclosure of this information is required to establish the identity of, to contact, or to initiate legal proceedings against a person or persons who are suspected of infringing rights or property belonging to Cryptlex or to others who could be harmed by the user’s activities or of persons who could (deliberately or otherwise) transgress upon these rights and property. We are permitted to disclose personal information when we have good reason to believe that this is legally required.
Although Cryptlex makes good faith efforts to provide individuals with access to their Personal Information, there may be circumstances in which Cryptlex is unable to provide access, including but not limited to: where the information contains legal privilege, would compromise others’ privacy or other legitimate rights, where the burden or expense of providing access would be disproportionate to the risks to the Individual’s privacy in the case in question or where it is commercially proprietary. If Cryptlex determines that access should be restricted in any particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries. To protect your privacy, Cryptlex will take commercially reasonable steps to verify your identity before granting access to or making any changes to your personal information.
You have the right to opt-out of certain uses and disclosures of your personal information. Where you have consented to Cryptlex's processing of your personal information, you may withdraw that consent at any time and opt-out to further processing by contacting us at email@example.com. Even if you opt-out, we may still collect and use non-personal information regarding your activities on our site.
WE MAINTAIN “DO-NOT-MAIL” LISTS AS MANDATED BY LAW. WE PROCESS REQUESTS TO BE PLACED ON DO-NOT-MAIL AND DO-NOT-CONTACT LISTS WITHIN 60 DAYS AFTER RECEIPT, OR SUCH SHORTER TIME AS MAY BE REQUIRED BY LAW.
We use vendors and service providers. We may share any information we receive with vendors and service providers. The types of service providers to whom we entrust personal information include service providers for (i) provision of IT and related services; (ii) provision of information and services you have requested; (iii) payment processing; (iv) customer service activities; and (v) in connection with the provision of the Site.
Privacy Shield. With respect to onward transfers to Agents under Privacy Shield, Privacy Shield requires that Cryptlex remain liable should its Agents process personal information in a manner inconsistent with the Privacy Shield Principles.
Disclosures to protect us or others (e.g., as Required by law and similar disclosures). We may access, preserve, and disclose your Personal Information, other account information, and content, if we believe doing so is required or appropriate to (i) comply with law enforcement or national security requests and legal process, such as a court order or subpoena; (ii) respond to your requests; (iii) protect yours’, ours’ or others’ rights, property, or safety; (iv) to enforce Cryptlex policies or contracts; (v) to collect amounts owed to Cryptlex; (vi) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss or in connection with an investigation or prosecution of suspected or actual illegal activity; or (vii) if we, in good faith, believe that disclosure is otherwise necessary or advisable.
In addition, from time to time, server logs may be reviewed for security purposes – e.g., to detect unauthorized activity on the Services. In such cases, server log data containing IP addresses may be shared with law enforcement bodies in order that they may identify users in connection with their investigation of the unauthorized activities.
If you have any further questions regarding the data Cryptlex collects, or how we use it, then please feel free to contact us by email at firstname.lastname@example.org
Effective Date: January 23, 2020