Purpose

We at Red Cup IT (Red Cup IT, Inc. and our subsidiaries and affiliates) are committed to protecting your privacy. This privacy policy applies to our websites, products, and services (as defined below, collectively, our “Services”). This privacy policy (“Privacy Policy”) explains how we collect, use, and disclose Personal Data.

This Privacy Policy governs our data collection, processing, and usage practices. It also describes your choices regarding using, accessing, and correcting your personal information. If you disagree with the data practices described in this Privacy Policy, you should not use our Services.

1.0 The Sources of the Information We Collect

This Privacy Policy outlines the types of information we gather as part of our Service, encompassing:

• Our internet sites (www.redcupit.com), along with our emails and marketing communications;
• Data obtained via our commercial allies and suppliers; and
• Data collected through our service offerings (Red Cup IT Services).

2.0 Information We Collect About You

We may collect Personal Information, Usage, and Device Information (collectively, “information”, defined in detail below) about you in connection with your (or your organization’s) use of our Services that link to this Privacy Policy.

2.1 Account Information

Some information is required to create an account on Services, such as your name, email address, password, company, and phone number.

2.2 Additional Information

To help improve your experience or enable certain features of the Services, you may choose to provide us with additional information, such as a profile photo, biography, mailing address, country information, date of birth, gender, mobile phone numbers, social media username.

2.3 Information We Collect or Generate About You

• Maintain a file of your interaction history for inquiry purposes to ensure satisfaction with our Services;
• Via our security offerings, generate traffic and security analyses detailing the internet behaviors of the organization’s computer users (for example, tracking which sites were accessed by each user, any documents downloaded, security events, and the protective actions executed by the gateway);
• Data on actions taken with secured documents, including changes to a document’s permissions and details about who carried out these actions;
• Details about you gathered from external sources;
• Management of Email & Office services, encompassing files and email exchanges (including the content within) present in your accounts associated with such services.

2.4 Information Provided by Other Individuals

While using our Services, individuals may provide information about another individual, or an authorized user (such as an account administrator) creating an account on your behalf may provide information about you. When one individual provides us with information (including personal information) about another individual, we assume that the individual has permission and authority to do so and to consent on behalf of that individual to the collection and use of personal information as described in this Privacy Policy. Please contact us immediately if you become aware of an individual providing us with personal information about another individual without being authorized to do so, and we will act consistently with this Privacy Policy.

3.0 Cookies and Similar Technologies

We may use “cookies” and similar technologies to help deliver our Services. This technology may involve placing small files/code on your device or browser that serve a number of purposes, such as remembering your preferences and to offer you a more personalized user experience. We encode our cookies so that only we can interpret the information stored in them. You are free to decline cookies if your browser permits, but doing so may interfere with your use of our website features. We may also collect information about your computer or other access devices to mitigate risk and for fraud prevention purposes.

4.0 Marketing and Analytics Communication

We work with partners who provide us with marketing analytics and communications services. This includes helping us understand how users interact with our Services, communicating with you about our Services and features, and measuring the performance of those communications. These companies may use cookies and similar technologies to collect information about your interactions with the Services and other websites and applications.

To learn more about your privacy choices, please see more details in the How We Use Your Information and How We Share Your Information sections.

5.0 How We Use Your Information

5.1 Red Cup IT may process your Personal Data for various purposes, including:

• Continuously reviewing and enhancing the information on Red Cup IT websites to make them user-friendly and safeguard against potential interruptions or cyber threats;
• Enabling your access to the functionalities offered by Red Cup IT Services;
• Evaluating your application for Red Cup IT Products and Services, as relevant;
• Configuring customer access to Red Cup IT applications and Services;
• Registering and onboarding new users on our platforms;
• Performing analyses necessary to identify malicious data and its potential impact on your IT systems;
• Statistically monitoring and analyzing current attacks on devices and systems, and adjusting our solutions to protect against these threats;
• Gathering feedback on Red Cup IT Products and Services to enhance the ease and speed of obtaining information on their use;
• Communicating with you to provide our Services, information about our offerings, or marketing materials;
• Sending email updates about the latest cybersecurity trends, news, events, and other promotional content;
• Conducting thorough threat analyses;
• Understanding your needs and preferences for better service delivery;
• Managing and administering our business operations;
• Improving our products and services;
• Ensuring compliance with legal, regulatory requirements, and internal policies;
• For data backup and loss prevention.

5.2. In processing Personal Data, Red Cup IT confirms the existence of a valid legal basis, such as:

• Fulfilling our contractual duties;
• Obtaining explicit consent;
• Meeting legal or regulatory obligations;
• Protecting or asserting our legal rights;
• Legitimate business interests, which include:
  • Efficiently managing and administering our business operations;
  • Adhering to internal policies and procedures;
  • Monitoring the usage of our copyrighted content;
  • Facilitating easy access to information about our Services;
  • Providing optimal, current security solutions;
  • Offering email updates on our Services, cybersecurity trends, news, events, and promotional content; and
  • Gaining insights into current network threats to enhance our security solutions for the market.

5.3. Red Cup IT commits to ensuring that your Personal Data is accessed solely by individuals who need to do so for the purposes outlined in this Privacy Policy.

6.0 How We Share Your Information

We may share your information with our business units, affiliates, business partners, service providers, and/or your representatives, to provide or improve our Services to you.

We do not share information with third parties so that they can independently market their own products or services to you unless we have explicitly given you the option to opt-in such disclosures.

We may share your information with companies that we plan to merge with or be acquired by (should such a situation arise and we will require that the new entity follow this privacy policy with respect to your personal information. If your personal information could be used contrary to this policy, you will receive prior notice).

We may share your information with law enforcement, government officials or third parties when we are compelled to do so due to legal procedures or to comply with the law or other third parties with your consent or direction to do so.

Red Cup IT will never sell your Personal Information to any third party.

7.0 International Data Transfers

Red Cup IT is a U.S.-based company that offers our Services to U.S. and international customers. As a result, information that we collect, including personal information, may be transferred to our data centers or service providers in the U.S. By providing your personal information to us, you are consenting to the transfer of your personal information to the U.S. and to our (and our services providers’) use and disclosure of your personal information in accordance with this Privacy Policy.

We rely on multiple legal bases to lawfully transfer personal data around the world. These include your consent, the EU-US and Swiss-US Privacy Shield. Red Cup IT complies with the Privacy Shield principles regarding the collection, use, sharing, and retention of personal information. We follow internal procedures to verify that our commitments under this Privacy Policy have been implemented. Our compliance with this obligation can be investigated and enforced by the U.S. Federal Trade Commission.

If you have a concern about the transfer of your data, please contact us.

8.0 Your Rights Regarding Your Personal Information

We provide you with the opportunity to be informed of whether we are processing your information and to access, correct, update, oppose, delete, block, limit or object, upon request and free of charge, to our use of your Personal Information to the extent required by applicable law.

You can unsubscribe from our promotional emails via the link provided in the emails. Even if you opt out of receiving promotional messages from us, you will continue to receive administrative messages from us.

Your European Privacy Rights

• You may request access the Personal Data we maintain about you, update and correct inaccuracies in your Personal Data, restrict or object to the processing of your Personal Data, have your Personal Data anonymized or deleted, as appropriate, or exercise your right to data portability to easily transfer your Personal Data to another company.
• You also have the right to lodge a complaint with a supervisory authority, including in your country of residence, place of work or where an incident took place.
• You may withdraw any consent you previously provided to us regarding the processing of your Personal Data at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before you withdrew your consent.

Your California Privacy Rights

• The right to notice: You have the right to be notified about which categories of personal data are being collected and the purposes for which they are being used.
• The right to request: You have the right that we disclose information to you about our collection, use, sale, disclosure for business purposes and share of personal information. We will disclose to you the categories of personal data collected about you, the sources of such data, the business purpose, the categories of third parties with whom we share the personal data, and if we disclosed your personal data and categories of data disclosed.
• The right to say No to the sale of Personal data (Opt-Out): The service providers we partner with may use technology on the service that sells information as defined by CCPA law. You have the right to direct us not to sell your personal data. Please note that any opt out is specific to the browser you use, you may need to opt out on every browser that you use. To submit an opt-out request, please contact us.
• The right to delete Personal data: Once a request is received from you, we will delete (and direct our service providers to delete) your personal data from our records unless an exception applies. We may deny your request if retaining the information is necessary for us or our service providers to complete a transaction for which we collected the personal information.
• The right not to be discriminated against: You have the right not to be discriminated against for exercising your consumer rights.
• California Privacy Rights for Minor Users (California Business and Professions Code Section 22581): California Business and Professions code allows California residents under the age of 18 who are registered users of online sites, services or applications to request and obtain removal of content or information that have been publicly posted. To request removal of such data, please contact us. Please note that your request does not guarantee complete or comprehensive removal of content or information posted online and the law may not permit or require removal in certain circumstances.

You may exercise these rights by contacting us using the contact details at the end of this Privacy Policy. Before fulfilling your request, we may ask you to provide reasonable information to verify your identity. Please note that there are exceptions and limitations to each of these rights, and that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain Personal Data for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

9.0 Retention of Your Information

We keep your account information, like your name, email address, and password, for as long as your account is in existence because we need it to operate your account. In some cases, when you give us information for a feature of the Services, we delete the data after it is no longer needed for the feature. We keep your account data until you use your account settings or tools to delete the data or your account because we use this data to provide you with Services. We also keep information about you and your use of the Services for as long as necessary for our legitimate business interests, for legal reasons, and to prevent harm, including as described in the How We Use Your Information and How We Share Your Information sections.

10.0 Security of Your Information

We work hard to keep your data safe. We use a combination of technical and administrative controls to protect the confidentiality, integrity and availability of your data in compliance with applicable federal and state regulations. This includes using Transport Layer Security (“TLS”) to encrypt data transmission and Advanced Encryption Standard (“AES”) to encrypt data storage. No method of transmitting or storing data is completely secure, however. If you have a security-related concern, please contact Customer Support or our Security team.

11.0 “Do Not Track” Policy by California Online Privacy Protection Act (CalOPPA)

Our Service does not respond to Do Not Track signals. However, some third-party websites keep track of your browsing activities. You can enable or disable DNT by visiting the preferences or settings page of your web browser.

12.0 Situations Where This Privacy Policy Does Not Apply

This Privacy Policy does not apply to job applicants or employees, which are subject to relevant privacy notices. This Privacy Policy does not apply to the extent that:

• Our products and services set forth an additional or alternative Privacy Policy; or
• Applicable law imposes different processing or privacy requirements on your information.

13.0 Changes to This Privacy Policy

We periodically update this Privacy Policy. We will post any privacy policy changes on this page, and we encourage you to review this Privacy Policy periodically. We will also keep prior versions of this Privacy Policy in an archive for your review.

Questions, Concerns and Updates

If you need further assistance regarding your rights, please contact our Data Protection Officer at privacy@redcupit.com, and we will consider your request under applicable laws.