Data Respect Statement
We are Fortifico Ltd trading as Fortifi. Our company details are set out at the end of this document.
We are the Controller for the purposes of the General Data Protection Regulation (Regulation (EU) 2016/679)) (“the GDPR”) and any equivalent legislation adopted by the United Kingdom after it leaves the European Union.
As a company we are committed to protecting and respecting the privacy of your personal information. We want you to be confident that your information will be properly protected whilst in our possession.
We will only ever use your personal data when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate business interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
Generally we do not rely on consent as a legal basis for processing your personal information other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to these activities at any time by contacting us at firstname.lastname@example.org.
If you have any questions about our use of your personal information, or you wish to exercise one of your rights under the GDPR, please contact us at email@example.com.
What Personal Information Do We Collect
Information you give us. When you sign up for a Fortifi account, we keep the basic account information you give us, like your name, email address, telephone number, password and payment information.
Information we collect. We also collect and store your Personal Information as you use the Services and each time you interact with Fortifi, for example, when you:
- update information in your control panel,
- communicate with us by telephone or email, order or
- download new Services,
- register a licence or change your device and
- complete forms on our website.
We also store information about the Services you purchase, such as the activation code, date of purchase, and information relating to any support issue.
Automatic Information. We may collect information about the device you access the Services from, such as the IP address or other unique device identifiers. If you access your account from a mobile device, that mobile device may also provide us with details of your location. Most mobile devices allow you to disable this functionality.
Strictly necessary cookies - These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website and remembering which files you have marked for backup. Without these cookies, Services you have asked for, like security or e-billing, cannot be provided.
Performance cookies - These cookies collect information about how you use the website. These cookies don’t collect information that identifies you and are only used to improve how the website works.
Functionality cookies - These cookies allow the website to remember choices you make, such as the configuration of your computer, to provide enhanced, more personal features.
Advertising cookies - These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are placed on the website by advertisers and advertising networks, with our permission. They remember that you have visited the site and this information is shared with other organisations such as advertisers. We use analytics data and the DoubleClick cookies for advertising purposes. You may opt out of the DoubleClick cookie by visiting the Google advertising opt-out page or you may opt out of Google Analytics by visiting the Google Analytics opt-out page. The Google Website has additional information available about their Policy for Advertising based on Interests and Location.
Other Technologies - We may also use other Internet technologies, such as web beacons or pixel tags and other similar technologies, to deliver or communicate with cookies and analyze your use of the Services. We also may include web beacons in e-mail messages so that we know when you have opened an email message received from SS Protect.
Personal Information regarding children. The Services are not intended for use by individuals who cannot enter a legally binding a contract. Accordingly, Fortifi does not intentionally gather any Personal Information about individuals who are under the age of eighteen (18). If you are under eighteen (18) years of age or otherwise lack the capacity to enter into a binding contract do not use our Services. If Fortifi becomes aware that it has collected Personal Information from someone under the age of majority, such information will be deleted immediately.
How We Use Your Personal Information
We use your Personal Information to provide you with the Services,
- administer your account,
- send you information about the Services (including updates and modifications),
- process payments,
- generate and review reports and data about our user base and Service usage patterns,
- analyze the accuracy, effectiveness, usability, or popularity of the Services,
- improve the content and features of the Services and
- allow us to personalize the content and advertising that you see on the Services.
In order to do so, we may use your Personal Information to contact you through desktop alerts and live chat, email and (where you have consented) SMS/Text messaging.
If you wish to change the way we use your data, see your options below. Please be aware that if you choose not to provide us with certain Personal Information, we may not be able to make Services available to you.
Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. We are allowed to use automated decision-making in the following circumstances:
- where we have notified you of the decision and given you 21 days to request us to reconsider the decision;
- for performing our contract with you and appropriate measures are in place to safeguard your rights;
- in limited circumstances, with your explicit written consent and where appropriate measures are in place to safeguard your rights.
You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.
We do not envisage that any decisions will be taken about you using automated means, but we will notify you in writing if this position changes.
How We Share Your Personal Information
We may have to share your personal data with the parties set out below for the purposes set out in the table above:
- Our group companies
- Carefully selected third parties who provide a service to us to support our core operations, such as: processing our mail, communicating with customers and prospective customers on our behalf (including via social media), running promotions, providing IT systems and administrative services and the development and improvement of internal systems and processes;
- Competent authorities (statutory bodies, regulatory authorities, authorised bodies who have a role laid out by law);
- Other organisations where we are legally obligated to disclose your personal information (such as requests made in the prevention and detection of crime) or where disclosure is necessary to protect the property, rights and safety of us and our staff or to comply with any law, regulation, or governmental or judicial warrant, rule, order or subpoena;
- Other companies where we are trialling products and services which we consider may improve our offering to customers and/or our business processes; and
Other third parties where you have given your express consent or where we reasonably believe a third party is acting on your behalf.
If you have given consent to this, you can withdraw it at any time. Please use the unsubscribe link on the email communication you receive or contact us at firstname.lastname@example.org
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
How We Communicate with You
If you wish to change the types of communications you receive from us or opt out of receiving any future communications, you can do so. See Your Options below.
How We Protect Your Data
General. Fortifi has security measures in place to protect against the loss, misuse, and alteration of your data. Personal Information provided to us is stored in secure facilities with access restricted to authorized personnel only. Although we make good faith efforts to store the Personal Information we collect in a secure operating environment that is not accessible to unauthorized users, we cannot guarantee complete security.
Email Communications. If you wish to change the types of communications you receive from us or opt out of receiving any future communications, you may do so by modifying your profile on your control panel, by emailing your request to us at email@example.com, or by clicking on the appropriate link in any Fortifi email communication that you receive.
Correcting Your Personal Information. You can access the Personal Information that we collect via your control panel. You can correct factual errors in your Personal Information on your control panel or by sending a request to firstname.lastname@example.org. Please provide sufficient details regarding the error. To protect your privacy and security, we take commercially reasonable steps to verify your identity before granting access or making any corrections to your Personal Information.
Your EU Data Protection Rights
Location of Personal Information and Transfers.
Many of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
- Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
Please contact email@example.com if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Rights of Access, Correction, Erasure, and Restriction
Your rights in connection with personal information. Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact firstname.lastname@example.org.
No fee usually required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Time limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Third Party Links and Services
If we are unable to resolve your complaint, you can escalate the issue in accordance with the dispute resolution procedure set out in the Terms and Conditions.
You have the right to make a complaint at any time to the Information Commissioner’s Office, the UK supervisory authority for data protection issues.
Fortifi Contact Information
If you have any questions or comments, please contact us at email@example.com or at the address listed below:
Parklands Business Park,