Privacy Policy Statement
Last updated at November 5, 2024
Introduction
This privacy notice for Weve Security Limited (doing business as Weve and/or Weve Security) (“the Company”, "we," "us," or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you use our services, such as when you:
- Visit our website at weve.security and wevesecurity.com, or any website of ours that links to this privacy notice
- Use our application(s), such as our web application “Weve” or any other application of ours that links to this privacy notice
- Engage with us in other related ways ― including any sales, marketing, or events
Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at [email protected].
We understand that users are aware of and have their privacy interests at heart, and we take this fact seriously. This Privacy Policy describes the policies and practices of Weve regarding the collection and use of your personal information and sets forth your privacy rights. We recognise that information privacy is an ongoing responsibility, so we will update this Privacy Policy periodically as we undertake new personal information practices or adopt new privacy policies.
Data Protection Officer
The Company is located in Dublin, Ireland. The Company has appointed an internal data protection officer whom you may contact if you have any questions or concerns regarding the Company's personal data policies or practices. If you wish to exercise your privacy rights, please contact the Company’s data protection officer at [email protected].
How we collect and use (process) your personal information
The Company collects personal information about visitors and customers to its website. With some exceptions, this information is generally limited to:
- name
- job title
- name of employer
- working address
- work e-mail
- work telephone number
We use this information to provide services to potential customers and clients.
We do not sell personal information to anyone and only share it with third parties who facilitate the provision of our services.
From time to time, the <COMPANY> receives personal information about individuals from third parties. Typically, the information collected from third parties includes additional details about your employer or industry. We may also collect your personal information from a third party website (e.g. LinkedIn).
Use of the Weve website
Like most other websites, the Company’s website automatically collects certain information and stores it in log files. This information may include Internet Protocol (IP) addresses, the region or general location where your computer or device accesses the Internet, browser type, operating system, and other information about your use of the Company website, including your history of page views. We use this information to help us design our site to better meet the needs of our users. We may also use your IP address to help diagnose problems with our server and to administer our website, analyse trends, track visitor movements and gather broad demographic information that helps us identify visitor preferences.
The Company has a legitimate interest in understanding how members, customers and potential customers use its website. This helps the Company to provide more relevant products and services, to communicate value to our sponsors and corporate members, and to provide adequate staffing to meet the needs of members and customers.
Cookies and Tracking Technologies The cookie notice makes available a comprehensive cookie notice describing the cookies and tracking technologies used on the cookie notice website and providing information on how users can accept or reject them. To view the notice, simply click on cookie notice.
Sharing information with third parties
The personal information that the Company collects from you is stored in one or more databases hosted by third parties located in Europe, the UK and/or the United States. These third parties do not use or have access to your personal information for any purpose other than storage and retrieval in the cloud. On occasion, the Company uses third parties to send information to you, including information about our products, services and events.
The list of our third-party subprocessors is available here:
- Amazon Web Services (AWS)
We do not otherwise disclose your personal information to persons or companies outside the Company for their independent use unless: (1) you request or authorise it; (2) it is in connection with conferences hosted by the Company and co-sponsored by the Company as described above; (3) the information is provided to comply with the law (e.g., compelled by law enforcement to comply with a search warrant, subpoena, or court order), to enforce an agreement we have with you, or to protect our rights, property, or safety, or the rights, property, or safety of our employees or others (4) information is provided to our agents, vendors or service providers who perform functions on our behalf; (5) to respond to emergencies or force majeure; or (6) to respond to disputes, claims or persons who demonstrate that they have the legal authority to act on your behalf. We may also collect aggregate data about our services and website visitors and disclose the results of such aggregate (but not personally identifiable) information to our partners, service providers, advertisers and/or other third parties for marketing or promotional purposes.
The Company website links to third-party services such as Facebook, LinkedIn, X and others. If you choose to share information from the Company website through these services, you should consult the privacy policy of that service. If you are a member of a third-party service, the above connections may allow that service to link your visit to our site to your personal data.
Transfer of personal data to the United States.
The Company is headquartered in Ireland. Information collected about you will be processed in Europe, the UK and/or the United States. By using the Company’s services, you acknowledge that your personal information will be processed in Europe, the UK and/or the United States. The United States has not requested nor received an "adequacy" determination from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, the company provides adequate safeguards by entering into standard and binding data protection clauses that are enforceable by data subjects in the EEA and the UK. These clauses have been improved based on guidance from the European Data Protection Board and will be updated when the new draft standard clauses are approved.
Depending on the circumstances, the Company also collects and transfers personal data to the United States with your consent, to perform a contract with you or to fulfil a compelling legitimate interest of the Company in a way that does not override your rights and freedoms. The Company undertakes to apply appropriate safeguards to protect the privacy and security of your personal data and to use them only in accordance with the relationship with the Company and the practices described in this Privacy Policy. The Company also enters into data processing agreements and model clauses with its suppliers whenever possible and appropriate. Since its establishment, the Company has received zero government requests for information.
For further information or if you have any questions, please contact us at [email protected].
Rights of the data subject
The General Data Protection Regulation (GDPR) of the European Union and the privacy laws of other countries provide certain rights for data subjects. Data subjects' rights under the GDPR include the following:
- Right to be informed
- Right of Access
- Right of rectification
- Right to cancellation
- Right to restrict processing
- Right to data portability
- Right of opposition
- Rights relating to automated decision-making, including profiling
The purpose of this Privacy Policy is to provide you with information about the personal data that the Company collects about you and how it is used.
If you wish to confirm that the Company is processing your personal data, or to have access to personal data that the Company may have on you, please contact us.
You may also request information on: the purpose of the processing; the categories of personal data concerned; who else outside the Company may have received the data from the Company; what was the source of the information (if you did not provide it directly to the Company; and how long it will be kept. You have the right to correct (rectify) the record of your personal data maintained by the Company if it is inaccurate. You may request that the Company delete such data or cease processing it, subject to certain exceptions. You may also request that the Company cease using your data for direct marketing purposes. In many countries, you have the right to lodge a complaint with the competent data protection authority if you have concerns about the way in which the Company processes your personal data. When technically possible, the Company will, at your request, provide your personal data to you.
Reasonable access to your personal information will be provided free of charge. If access cannot be provided within a reasonable period of time, the Company will provide you with a date when the information will be provided. If for some reason access is denied, the Company will provide an explanation of why access has been denied.
If you have questions or complaints about the processing of your personal data, you can contact us by email at [email protected]. Alternatively, if you are in the European Union, you can contact the European Data Protection Supervisor or your national data protection authority.
Archiving and Data Retention
Your personal data is stored by the Company on its own servers and on the servers of the cloud-based database management services that the Company uses, located in the United States. The Company retains service data for the duration of the customer's business relationship with the Company and for a period of time thereafter, to analyse the data for the Company's own operations and for historical and archival purposes associated with the company's services. The Company retains prospective data until it no longer has commercial value and is removed from the Company's systems. All personal data that the Company controls may be deleted at the verified request of the data subjects or their authorised agents. For more information on where and how long your personal data is stored and for further information on your rights of deletion and portability, please contact us at: [email protected].
Children’s data
We do not knowingly attempt to solicit or receive information from children.
Questions, doubts or complaints
If you have any questions, doubts, complaints or wish to exercise your rights, please contact us at [email protected].