About Us

Security / Privacy

Your Privacy

  • We don’t want to know more about you than we have to.
  • Your email is used to contact you in an emergency, or to verify support requests.
  • We don’t mind if you use anonymous email services.
  • We won’t sell, trade or disseminate information about you.

Your Rights

  • You can change the email associated with your account.
  • You can delete your account whenever you’d like.
  • You can ask us what information we have (yes, we’ll answer).
  • You can request that we delete all traces of you in our systems, including support emails.

This web site, CertiVox.com, is administered by CertiVox Limited. We appreciate your visit to our site and welcome your interest in our services. CertiVox recognizes the importance of the Personally Identifiable Information by which you can be identified, such as your name, address, or e-mail address (“Personally Identifiable Information”).  Data Protection and Privacy Protection is, after all, our mission.

When you visit this web site, CertiVox may collect Personally Identifiable Information about you, either directly (where you are asked to provide the data, for example during registration for the service) or indirectly, as hereinafter better explained. CertiVox will, however, only use this Personally Identifiable Information in accordance with the purposes set forth in this Privacy Statement and is committed to safeguarding the personal information collected.
This Privacy Statement sets out the purposes of CertiVox’s data processing in respect of this web site, the use of cookies and how to effect your rights in respect of your Personally Identifiable Information.

This is an official informative note pursuant to, and to the effect of the Isle of Man Data Protection Act 2002 (the Act)  provided to whoever visits CertiVox’s web site or uses the CertiVox service. CertiVox is required by law to uphold this Privacy Statement.

Data Protection
In the Isle of Man, the Data Protection Act 2002 (the Act) makes provisions for the regulation of the processing of information relating to individuals.

The Act is based upon the UK’s Data Protection Act 1998 and gives effect in the Island to Directive 95/46/EC of the European Parliament. This relates to the protection of individuals with regard to the processing of personal data and on the free movement of such data. In addition, Council of Europe Convention 108 also applies to the Island.

The Act applies to data processed automatically, structured manual records and certain health, education and housing records.

The Office of the Data Protection Supervisor
The Office of the Data Protection Supervisor (ODPS), which is independent of Government, is responsible for administering the Act in the Island. The ODPS policy is to actively assist businesses (data controllers) who process personal data to comply with the Act by providing training, assistance and guidance in the provisions and interpretation of the Act and thereby protect an individual’s privacy by preventing breaches from occurring.

The ODPS also actively promotes awareness of an individual’s rights and the sanctions and remedies available when these rights are contravened. Under the Act, the ODPS has powers to ensure compliance either through enforcement or if necessary through prosecution.

Further detailed information on the Act can be found on the ODPS web site.

Eight Data Protection Principles
The Act sets out eight data protection principles to be followed by data controllers when processing personal data. In summary these are:

Personal Data must be

  1. Fairly and lawfully processed
  2. Used for specific purposes
  3. Adequate, relevant and not excessive
  4. Accurate and where necessary kept up to date
  5. Kept for no longer than necessary
  6. Used in accordance with the rights of individuals under the Act
  7. Kept secure
  8. NOT transferred to another country outside the EEA without adequate protection

International Standards
The Island’s data protection legislation meets the following standards:

European Data Protection Directive 95/46/EC
On the 28th April 2004, the European Commission adopted a decision on the adequate protection of personal data in the Isle of Man. Article 1 of this decision states:

“For the purposes of Article 25(2) of Directive 95/46/EC, the Isle of Man is considered as providing an adequate level of protection for personal data transferred from the community”

The effect of this decision permits personal data to be transferred between members of the European Economic Area member states and the Isle of Man without the need for additional safeguards.

The full text of the decision can be found at: http://ec.europa.eu/index_en.htm

Council Of Europe Convention 108
Council of Europe Convention 108 for the Protection of Individuals with regard to automatic processing of personal data (“Convention 108″) was opened for signature in 1981 and has its roots in a concern for the right to private life. It sets out minimum standards that should be in place in national law before a country may sign the Convention.

The UK ratified Convention 108 on 26 August 1987 and it has applied to the Isle of Man since 21 January 1993.

Further information upon Convention 108 and Data Protection within the Council Of Europe can be found at: http://www.ecommerce.gov.im/rightsprotection/

Additional protocol to Convention 108 regarding supervisory authorities and transborder data flows (ETS No. 181)
By using the CertiVox service and this website, you consent to the information practices described in this policy. Keep in mind that your use of the CertiVox service is also subject to, and controlled by, the CertiVox Terms and Conditions and the CertiVox Service Agreement.

Data Controller (this is us)
The Data Controller and Contact Person for Data Protection is Bob Hoskins (not the actor). Should you have any questions about this Privacy Statement or our data processing activities, recommendations or complaints concerning the protection and privacy of your Personally Identifiable Information, or should you want to exercise the rights mentioned here within, please contact us

via e-mail at: privacy@certivox.com

or via regular mail at: 12 Mount Havelock, Douglas, Isle of Man, IM1 2QG

to the attention of: Bob Hoskins
Data Processing Locations (these are our facilities)

Data processing associated with customer support for the CertiVox website and service is located at the Data Controller’s address and is subject to Manx Law. The data centers where CertiVox’ servers are housed is located are in Ireland and the Isle of Man, and therefore is subject to both Manx and EU Laws.

Rights of the Data Subject (that’s you)
You can request a summary of the information that we have about you by emailing us at privacy@certivox.com. If you find any inaccuracies we will delete or correct them promptly.

If we have wrong information about you, you have the right to correct it. And if you feel that we wrongly used your data, or if you feel there is no longer any reason why we should have it (for example, if you delete your account), you can request that we remove every reference to you in our systems. Letter C is a little harder to explain, it states that you can request certification from CertiVox that all of your information has indeed been removed. This is usually only applicable when the removal happens in person, as once we remove your data, we no longer have any means of getting in contact with you.

That means that you always have the right to object to the way your data is being treated, or even which data we require of you. Please keep in mind that CertiVox only collects the minimum data needed to offer our service to you.

Changing or Removing Information
In an effort to facilitate your ability to enact your rights, and to ensure that you have appropriate control over your Personally Identifiable Information, the CertiVox service includes an interface where you can change your Registration or Customer Information. You can access this interface by clicking on the “Account” tab from within your personal account on the CertiVox service.

If at any time you would like to delete your Personally Identifiable Information from other systems outside of the CertiVox service (for example, customer service emails) you can send an e-mail request to privacy@certivox.com. After receiving your request, such information will be deleted assuming (i) you are current with all payment obligations; (ii) CertiVox does not believe it is reasonably necessary to keep such information for any pending legal action; and (iii) we are under no other legal obligation to retain such information. If such information is deleted, however, any unfulfilled subscriptions will be canceled without refund and you will have to re-register with CertiVox in order to use the CertiVox service.

Since Anonymous Information is by its very nature non-personally identifying, we have no way to locate Anonymous Information obtained by your use of the service. In addition, Anonymous Information is often aggregated. Therefore, we cannot remove Anonymous Information obtained from you or as a result of your usage of the website or service.

Collection of Personally Identifiable Information
Personally Identifiable Information is information that can be used to locate you, contact you, or determine your specific identity. When other information is linked to Personally Identifiable Information, it also becomes Personally Identifiable Information.

In general, you can visit the CertiVox web site without providing Personally Identifiable Information. It is CertiVox’s goal to collect as little Personally Identifiable Information as possible, however there may be some occasions where it may be collected. For example:

  1. When you register for the CertiVox service, we will request a User ID and Email address (“Registration Information”). An activation code will be sent to the email address provided to confirm its validity and to ensure that it was not accidentally mistyped. The CertiVox application provides an interface where you can correct this information, request a new activation code to be sent, or even change the email associated with your account in the future. There is a grace period of 7 days to complete this process. Should a valid email account not be provided in that time, all information collected will be promptly removed from CertiVox’s servers and the account deleted.
  2. When you place an order or subscribe to a paid version CertiVox service, we may collect the appropriate billing information, including your credit card number, expiration date, and billing address (“Billing Information”). This information is associated with your Registration Information in a database and will be kept for future purchases.
  3. When you submit a request for more information, support or assistance, CertiVox will keep a record of the request and the manner in which it was processed (“Customer Service Information”).

    4. We may ask you for voluntary personal information at other times, including but not limited to when you provide opinions, enter a contest or promotion, or report a problem with the CertiVox service (“Optional Information”).

Your response to the above requests for information is strictly voluntary: if you do not provide the information we request, you can still visit the informative sections of our website but you may be unable to register or maintain an account with the CertiVox service.

By submitting your information you consent to the use of that information as set out in this Privacy Statement.

Collection of Non-Personally Identifiable (Anonymous) Information
Whenever you visit the CertiVox site, we may also automatically receive and record information in our server logs from your browser, including your IP address, your computer’s name, the type and version of your web browser, referrer addresses, and other generally-accepted log information. We may also record page views (hit counts) and other general statistical and tracking information.

This information is collected automatically by the system and the software procedures dedicated to the operating of this web site and requires no action on your part. With the exception of your IP address which is used to enable CertiVox’s antiphishing protecting and in other strictly security related measures, this information will not be associated with your Personally Identifiable Information.

This data enables us to become more familiar with which parts of the world visitors to our site come from, how often they visit, and what parts of the site they visit most often. We analyze this data for trends and statistics, we use them exclusively to help us better understand how our site is being used, to improve the value and user-friendliness of our web site and to detect any technical problems as early as possible.

Sensitive Data
CertiVox does not specifically seek to collect sensitive Personally Identifiable Information (such as data revealing political opinions, religious beliefs or data concerning health or sex life) through this site. If CertiVox does seek to collect such data, your prior consent hereto will be asked.

The very nature, however, of the CertiVox service is to provide a place for you to encrypt, distribute, store and protect sensitive data such as, but not limited to, passwords and personal information. The data you choose to protect, distribute, store and manage via the CertiVox application is not considered “collected” data in that it is encrypted and can not be decrypted or read by CertiVox or any other third party. Only those with access to your received packages private decryption keys (also known as the Packaging Keys) can decrypt and read the data you store at CertiVox.

Data Processing
Your Personally Identifiable Information will be processed manually and/or by automated systems that guarantee security and confidentiality, in strict accordance with, and complete respect of, the purposes described in this Privacy Statement.

Cookies
Some pages on this site use “cookies,” which are small files that the site places on your hard drive for identification purposes. Cookies are alphanumeric identifiers that we transfer to your computer’s hard disk which help our servers recognize your computer when you visit again, so that it is easier for you to navigate on our web site and make the best use of your visit. You should note that cookies cannot read data off of your hard drive. Your web browser may allow you to be notified when you are receiving a cookie, giving you the choice to accept it or not.

By not accepting cookies, you may not be able to access certain functionalities on this site. In particular, the “remember me” feature for quick access to the CertiVox application requires the use of cookies. The “remember me” feature is optional, and should you choose not to use it, you can still access the CertiVox service normally.

Disclosure of Personally Identifiable Information
Your Personally Identifiable Information will not be matter of dissemination. The data will be disclosed to the employees or third parties expressly appointed by the Data Controller as Data processor and the individuals in charge for the data processing.

We will not provide, sell, barter or trade any information about you to/with any third parties, without your express permission and, above all, we will not sell this data to commercial users or make them available in any other form.

In general, we will not disclose your Personally Identifiable Information to unaffiliated third parties without your express consent. If we seek your consent to disclose your Personally Identifiable Information to a third party, we will do so unambiguously, explaining precisely what information we seek to disclose, the entity to whom we wish to disclose it, and the purpose for the disclosure.

There are, however, some limited circumstances in which we may need to disclose Personally Identifiable Information about a user, and we want you to know about them:

  1. We may employ other companies to perform functions on our behalf, such as fulfilling orders, providing customer service, processing credit card payments, or other functions necessary to our business. We may therefore need to share your Personally Identifiable Information to banks or financial institutions, service companies, consultants, contractors and to the relevant Authorities imposed by law. The data you submit may be transmitted abroad, even outside European Union, only to our affiliated companies, in compliance with the requirements set forth by privacy law in force. However, we will provide them with only that information necessary to perform their functions, and will not allow them to use that information for any other purpose.
  2. Responses to requests for information necessary to provide you with the products you purchase or subscribe to through the CertiVox service may contain Personally Identifiable Information. CertiVox will provide the authors of such products the information you supply in response to those requests. The information practices of those publishers are not covered by this Privacy Statement. Your name, address, phone number, and email address, will not be shared with the Authors.
  3. We may reveal a user’s identity (or whatever information we know about that individual) if we believe that user is harming or interfering with other CertiVox users, anyone else, or violating (either intentionally or unintentionally) our Terms and Conditions or infringing any of CertiVox’s legal rights.
  4. CertiVox will reveal information, including Personally Identifiable Information, to the extent it reasonably believes it is required to do so by law. If we receive legal process calling for the disclosure of any of your personally identifiable information we will, if permitted by law, attempt to notify you via your e-mail address, if, and only if, we have one on record, within a reasonable amount of time before we respond to the request.
  5. CertiVox may transfer information it collects, including any Personally Identifiable Information, in connection with a sale of all or most of the assets of the company. Should your Personally Identifiable Information be transfered as the result of such sale, you will be notified in your Account.

Use and disclosure of Anonymous Information
Anonymous Information is any information collected from you or by the CertiVox service, other than Personally Identifiable Information, including aggregate information derived from Personally Identifiable Information.

CertiVox may use Anonymous Information to improve the CertiVox website and service, to monitor traffic and general usage patterns, and for other general business purposes.

CertiVox may disclose Anonymous Information to third parties for a variety of business reasons, including to publishers to inform them as to what content is appealing to their readers, to advertisers to inform them of the usage habits or characteristics of the interested audience, and to potential investors so that they may better understand CertiVox’s user base, etc.

Anonymous Information will not include any Personally Identifiable Information and CertiVox will not disclose any Personally Identifiable Information except as expressly stated elsewhere in this policy.

Security
We employ reasonable and current security methods to prevent unauthorized access, maintain data accuracy, and ensure correct use of information. Your personal data will be stored within a database that is located behind a firewall for added security. The server housing the database is physically protected at a secure data center.
Any transmission to the CertiVox web site or service of Personally Identifiable Information and credit card information uses SSL encryption.

Other Web Sites
Please note that the informative note is given ONLY for the CertiVox web site and application: this Privacy Statement does not extend to third party sites linked to this web site.

Children
The CertiVox service is not directed to children (persons under the age of 18), and we do not knowingly collect, either online or offline, personally identifiable information from children.

Amendments
From time to time, CertiVox may change this Privacy Statement. If we make any changes regarding disclosure of Personally Identifiable Information to third parties, then we’ll notify you by pop-up screen prior to the date the modified policy takes effect. We will also post conspicuous notice of the new policy on our home page. Any new policy will have prospective effect only, meaning it will not apply to information previously gathered without your express consent.

Please check this Privacy Statement from time to time for any changes.