Privacy Policy
CIPHR for Business

CIPHR has created this Privacy Policy to explain how it collects, uses, discloses and safeguards Personal Information in connection with the Services. You or any of Your End Users, as applicable, can contact CIPHR for any questions, comments or requests about this Privacy Policy.

How We Collect Information

We may collect Personal Information from a variety of sources, including:

  • Directly from You or any of Your End Users, as applicable

  • From CIPHR Partners

  • Automatically, from devices used to connect to the Website and/or the Services

Information We Collect

Personal Information collected through the Services and the Website may include:

  • Contact information

  • SIM#, IMEI#, IMSI#, device model and e-mail address

  • Other information You or any of Your End Users, as applicable, choose to provide

How We Use Information

We use Personal Information we collect to:

  • Provide the Services You may request

  • Analyze the use of and improve the Services

  • Operate CIPHR’s business generally

  • Comply with applicable laws and CIPHR policies

How We Share Information

CIPHR may share Personal Information it collects:

  • In connection with the provision of the Services

  • In case of a business transaction

  • For law enforcement

WEBSITE AND SERVICES INTENDED USERS

THE WEBSITE AND SERVICES ARE INTENDED FOR USE BY YOU ONLY

Note that CIPHR does not offer Services directly to End Users; as such You shall ensure that Your End Users, if any, be made aware of this Privacy Policy and the Terms of Use and comply with their terms, as applicable to them. Any individual deciding to navigate the Website irrespective of the foregoing shall carefully review this Privacy Policy and the Terms of Use.

This Privacy Policy and the Terms of Use shall be reviewed carefully as they constitute a binding contract governing the provision and use of the Services and/or Website, as applicable.

CIPHR may change this Privacy Policy from time to time. Should You or any of Your End Users object to any changes made, You and Your End Users shall stop using the Website and any Services. By continuing to use the Website and any Services after the amendment of this Privacy Policy, You or any of Your End Users shall be deemed to adhere to its terms, as amended.

You can contact us if you have any questions about this Privacy Policy.

1. GENERAL PRINCIPLE

CIPHR is committed to protecting the privacy of Personal Information. In order to bring to Your attention the privacy practices implemented, CIPHR has prepared this Privacy Policy, which summarizes: (i) the types of Personal Information collected, (ii) why CIPHR collects Personal Information, (iii) how CIPHR uses and protects Personal Information, and (iv) under what circumstances Personal Information is shared with CIPHR Partners and other third parties when required or permitted under applicable law. This Privacy Policy further describes the decisions that can be made with respect to the collection, access, use and storage of Personal Information.
Click on the links below to jump to the different sections of our Privacy Policy:

2. DEFINITIONS AND INTERPRETATION

2.1  In this Privacy Policy, the terms set forth below have the following meanings:

  • CIPHR means Luxon Software Distribution Limited, a corporation duly constituted and doing business under the name CIPHR.

  • Cookie(s) designates the small text files that are placed on the hard disk of devices when someone uses the Services or accesses the Website, which may either be temporary and disappear when such devices are turned off or be permanent and stay even after such devices are turned off.

  • De-Identified Personal Information means Personal Information from which an owner’s or user’s name or other identifier has been removed, so that it can no longer be linked to that person.

  • End Users means Your clients or any other person to whom You give access to the Services, who must comply with the representations and warranties and all other provisions of the Terms of Use and this Privacy Policy.

  • CIPHR Partners designates CIPHR’s affiliates or other partners assisting CIPHR in the development of the Services.

  • Personal Information means any information about an identifiable individual or device, such as an e-mail address, and/or unique identifiers, such as SIM# (subscriber identity module number); IMEI# (international mobile equipment identity number), IMSI# (international mobile subscriber identity number) and device model, which are or could qualify as personal information when coupled with other information as they may result in persons or devices being rendered more easily identifiable when using the appropriate resources.

  • Services means the CIPHR real-time secured communication services for mobile applications, e-mails, text messages and data storage.

  • Website means the CIPHR website available at https://ciphr.io/ or any other URL.

  • You means (i) any CIPHR client using the Services for the Permitted Purposes, including any of its directors, officers, employees, agents and other person having access to the Services or (ii) as applicable, any person accessing the Website.

2.2  Unless the context requires otherwise: (i) grammatical variations of any term defined herein have a similar meaning; (ii) words importing the singular number shall include the plural and words importing the masculine gender shall include the feminine and neutral genders and vice versa.

2.3  You understand and agree in Your name and on behalf of Your End Users, if any, that this Privacy Policy, the Terms of Use and any other agreement concluded with CIPHR shall form the entire agreement between You and CIPHR.

3. COLLECTION AND USE OF PERSONAL INFORMATION

In the course of providing its Services, CIPHR will collect information about You or Your End Users, as applicable, as described below. CIPHR also collects information about any other person when such person navigates the Website or otherwise contacts CIPHR to enquire (or make comments) about the Services. In both cases, such Personal Information is only collected and used for the purposes detailed in this Privacy Policy and for no other purposes.

Further, please note that the information and identifiers that CIPHR interacts with and/or collects is constantly changing. Consequently, the information described below about the type of information collected may change; CIPHR regularly monitors the information it is interacting with and collecting, with a view to ensuring we retain the least amount of information, in the most anonymous manner, we can. CIPHR is not a data gatekeeper. To this end, CIPHR may obfuscate, hash or encrypt data rendering it unidentifiable to CIPHR. Nevertheless, the underlying notions and premises delineated herein remain applicable.

3.1  Information obtained directly from You and/or Your End Users

3.1.1  Purchase of Services

When You purchase Services, Your representatives will be required to disclose their contact information (such as their names, e-mail addresses and any other contact information); such information may, in some jurisdictions, constitute Personal Information. Such information is required to allow CIPHR to process the order, to send an electronic invoice and to provide You with the requested Services.

3.1.2  Use of the Services

When the Services are used by You or any of Your End Users, as applicable, CIPHR will collect, use and/or process information, including the device model and the following device identifying numbers:

  • SIM# (subscriber identity module number): this number (i) is composed of up to 22 digits (made up of several individual parts), (ii) includes some identifying information, as it reveals the telecom operator code, the network the SIM is associated with, the year and month the SIM was created, as well as the SIM’s own number, and (iii) is typically associated with a particular user;

  • IMSI# (international mobile subscriber identity number): this number (i) is included within the SIM inserted into all connected devices, (ii) includes a mobile country code and mobile network code used to identify the mobile network operator, and the identification number of the subscriber, and (iii) is typically associated with a particular user as it will follow the user even when the user changes devices;

  • IMEI# (international mobile equipment identity number): this number (i) is usually a unique temporary number used to identify a device as it has no permanent or semi-permanent relation to the user but can confirm whether a service or product is being used again on the same device and (ii) may be used with the IMSI# to ascertain when the device was made, the serial number of the device, the version of its software, the nation of usage-origin, the nation of carrier-of-origin, and the subscriber code of the carrier associated with the device;

The collection of the foregoing information is required in order to uniquely identify Your, and as applicable Your End Users’, devices and provide seamless Services, or allowing You to do the same thing with respect to Your products and services incorporating the Services.

3.1.3  Comments, requests for information and referrals

Should You or any of Your End Users, as applicable, wish to obtain information about the Services or about any other subject online, then You or any of Your End Users, as applicable, will be required to provide their contact information (including names and e-mail addresses), which may, in some jurisdictions and in the country where such person carries on business, constitute Personal Information; this information is required by CIPHR in order to communicate with such person, determine whether the Services are available in a geographic area and respond to such person’s enquiries, comments or requests for information. You or any of Your End Users, as applicable, may also provide additional Personal Information, including when making comments, enquiries, suggestions and referrals.

Should You or any of Your End Users, as applicable, recommend that CIPHR communicate with any person to provide information about the Services, CIPHR will need such person’s contact information for the above-mentioned purposes.

3.1.4  Customer service

When You communicate with CIPHR’s customer service, CIPHR will have access to any information communicated or otherwise disclosed, such as contact information (including name, e-mail address, telephone number and address), as well as any question asked or comment or statement made. CIPHR will thereafter collect the information needed to (i) categorize the communication, (ii) respond to any enquiry, comment or request for information, (iii) send any information requested, and (iv) investigate any breach of the Privacy Policy or the Terms of Use. Your End Users, if any, should contact You, and not CIPHR, should they require assistance with respect to Your products and services; should any of Your End Users or any other person contact CIPHR’s customer service, CIPHR may collect necessary information to categorize the type of communication and/or redirect that person, as applicable.

3.1.5  Marketing

When You or any of Your End Users, as applicable, subscribe to CIPHR newsletters or bulletins, the subscriber will be required to disclose its contact information such as its name and e-mail address, which are required by CIPHR to send information about the Services and other information in accordance with such subscription. No marketing or other commercial electronic communication will be sent to You or to Your End Users, if any, without Your or their prior consent, which may be withdrawn at any time as set forth here.

3.2  Information obtained from CIPHR Partners

CIPHR Partners may collect information about You or any of Your End Users, as applicable, some of which may be shared with CIPHR in order for CIPHR to update, upgrade or otherwise improve the Services and Website, or to develop new services.

Note that in agreements between CIPHR and CIPHR Partners, CIPHR Partners are generally required to comply with applicable privacy laws and this Privacy Policy.

3.3  Information collected using Cookies and similar technologies

CIPHR may collect, through the use of Cookies, Personal Information such as general browser information, Internet Protocol addresses, the interactions taking place with the Services and/or Website and any other information described below using the following Cookies:

  • Process Cookies: allow the Services and Website to work properly in keeping track of the sequence of orders or requests or when browsing from one page to the other.

  • Security Cookies: are used each time Services are used for identification and security purposes.

CIPHR uses Cookies strictly for authentication or authorization purposes in the context of the Services. You or any of Your End Users, as applicable, can block Cookies unless they are required to allow the Services and Website to run properly. As such, process and security Cookies cannot be blocked as they are essential for ensuring that the Services function properly. However, even if they cannot be blocked without affecting one’s ability to use the Services, these Cookies are of a temporary nature; accordingly, they will disappear when the browser software is closed, the device is turned off or restarted or You or Your End Users manually delete them. Further, Cookies are almost always assigned a validity period after which they are automatically purged from a browser’s local storage. Anyone experiencing problems with the functionalities of the Services or Website should contact CIPHR as provided for below.

3.4  Crash-logs

CIPHR applications leverage an on premise crash reporting system in order to gather application performance and crash data, which does not contain any Personal Information. Additionally, CIPHR applications allow for You or Your End Users to trigger a reporting feature which contains application stack traces and, ideally, information regarding events that occurred prior to and after a crash. Such a report also contains a plain text comments string allowing You or Your End User to report comments related to the issue.

4. SHARING OF PERSONAL INFORMATION COLLECTED

Personal Information is not used or disclosed to third parties for purposes other than those for which it was collected as described herein, unless required or authorized by law or as consented to by You or any of Your End Users, as applicable.

4.1  Personal Information

4.1.1  Sharing made in connection with the provision of Services

Personal Information may be disclosed to CIPHR Partners that facilitate the provision of any Service, such as by providing assistance to CIPHR with respect to the maintenance and development of its Services. Disclosure will be made on a “need-to-know” basis, and after ensuring that all proper contractual and other undertakings are in place.

4.1.2  Business transaction

Personal Information may be transferred to a potential purchaser or other business in connection with any business transaction or corporate reorganization, if such communication is necessary for the purposes of deciding whether to proceed with the sale or other transaction and provided that such disclosure is made in full compliance with applicable laws.

4.1.3  Law enforcement

Personal Information may be used and disclosed if CIPHR, acting reasonably, believes that such use or disclosure is necessary to comply with any applicable law, regulation, legal process or governmental request, or is otherwise required to protect its rights or to fulfil any other purpose set forth in the applicable law allowing or requiring the disclosure of Personal Information.

4.2  De-Identified Information

CIPHR may use De-Identified Personal Information for training, research, promotion and any other purposes.

5. ACCESSING, CORRECTING AND UPDATING PERSONAL INFORMATION

Requests for access to, or for necessary corrections, additions or deletions of, Personal Information in accordance with applicable laws may be made by contacting CIPHR as provided for below.

6. SECURITY MEASURES IMPLEMENTED

6.1  CIPHR uses all reasonable measures, including physical, electronic, technological, organizational and contractual security measures to (i) protect the security and privacy of Personal Information from losses, thefts or unauthorized access, disclosure, copying, use or modification, (ii) maintain data accuracy, and (iii) ensure that Personal Information is appropriately used. CIPHR has put in place or currently implements the following measures:

6.1.1  SSL Technology: Each time Services are accessed via Internet, Secure Sockets Layer (SSL) technology protects Personal Information by using server authentication and data encryption. No Personal Information will be communicated prior to this technology being activated, which can be confirmed by looking (i) at the address bar which will, depending on the browser, have a lock to the left of the website address (URL) and (ii) at the URL or the address bar of the browser, where the first characters of the address in that line should change from “http” to “https.”

6.1.2  Data retention on CIPHR’s servers: Our Services retain as little data as possible for as little time as possible. Payloads are end-to-end encrypted and kept in temporary storage until they are processed for delivery by the intended recipient. In the event that a payload is destined to a recipient who may not be able to retrieve it for an extended period of time, our system will permanently delete said payload within 30 days. However, given the ephemeral nature of the Services, such retention period may be significantly shorter than 30 days; as such we make no guarantees regarding the longevity of the data stored on Your or Your End Users behalf. CIPHR may also retain minimal information in order to troubleshoot issues that may arise; in most cases, this data is only retained for 24 hours or less.

6.1.3  No access: CIPHR is unable to decrypt the end-to-end encrypted payloads You or any of Your End Users, as applicable, send using the Services. Furthermore, since the information sent to others via the Services is end-to-end encrypted before it is transmitted to CIPHR servers and relayed to the recipient’s device, the confidentiality of any information including Personal Information is maintained. In addition, given that CIPHR does not collect Personal Information (other than information outlined in this Privacy Policy) about You or any of Your End Users, as applicable, in order to provide the Services, CIPHR does not know, and hence cannot reveal to others, Personal Information about You or any of Your End Users, as applicable.

6.1.4  No information collected: CIPHR does not log or store metadata associated with Your, or as applicable any of Your End Users’, use of the Services.

6.1.5  Secured center: CIPHR’s platform and servers are located in various data centers and are deployed at random in order to ensure security and availability. CIPHR may utilize CDNs and proxies to mitigate threats, such as DDOS attacks, which obscure the location of the Service you may be accessing. In the event Your or Your End Users subscription or organization mandates that data must traverse or must not traverse certain locations and/or routes, we will dynamically assign routes that adhere to such policies to ensure a compliant and secure routing profile.

If for any reason the secure Services cannot be accessed or the use of the Services does not provide the assurance required, You or any of Your End Users, as applicable, should feel free to contact CIPHR as set forth below.

6.2  DESPITE THE FOREGOING, YOU AND ANY OF YOUR END USERS, AS APPLICABLE, SHALL BE AWARE OF THE FOLLOWING:

6.2.1  NO GUARANTEE OF SECURITY: EVEN IF CIPHR USES TECHNOLOGIES WHICH ARE OF MERCHANTABLE QUALITY AND SUITABLE FOR THE PROVISIONS OF SERVICES, ANY ELECTRONIC SUPPORT AS WITH ANY OTHER FORM OF SUPPORT IS NOT INFALLIBLE AND FULLY SHELTERED FROM UNFORESEEABLE OR FORCE MAJEURE EVENTS, CYBERATTACKS OR UNAUTHORIZED USES AND ACCESS, AND YOU AND YOUR END USERS, IF ANY, SHALL BE AWARE THAT THERE IS A RISK IN TRANSMITTING ANY DATA ELECTRONICALLY. THIS RISK IS INHERENT IN ALL ELECTRONIC DEALINGS AS WELL AS TO ALL OTHER FORMS OF COMMUNICATIONS. CONSEQUENTLY, CIPHR CANNOT GUARANTEE THAT ANY INFORMATION TRANSMITTED WILL NEVER BE INTERCEPTED OR VIEWED OR SUBJECT TO OTHER INCIDENTS. SUCH EVENTS MAY OCCUR, PURSUANT TO WHICH DEVICES OR SYSTEMS CAN BE ACCESSED OR CONTROLLED BY UNAUTHORIZED PERSONS, OR UNDESIRABLE COMMUNICATIONS AND INVITATIONS MAY BE RECEIVED. SHOULD YOU OR ANY OF YOUR END USERS, AS APPLICABLE, RECEIVE A COMMUNICATION THAT LOOKS LIKE IT IS FROM CIPHR ASKING FOR PERSONAL INFORMATION, YOU OR ANY OF YOUR END USERS, AS APPLICABLE, SHALL AVOID RESPONDING TO SUCH COMMUNICATIONS. CIPHR WILL NEVER REQUEST FINANCIAL AND OTHER SENSITIVE INFORMATION THAT WAY. IF YOU OR ANY OF YOUR END USERS, AS APPLICABLE, HAVE RECEIVED OR ENTERED PERSONAL INFORMATION IN RESPONSE TO A SUSPICIOUS E-MAIL, POP-UP OR PHONY WEBSITE CLAIMING TO BE AFFILIATED WITH CIPHR OR IF ANY OF THE FOREGOING EVENTS TAKE PLACE, PLEASE CONTACT CIPHR IMMEDIATELY BY ANY OF THE MEANS SET FORTH BELOW.

6.2.2  Measures to be implemented: In addition to the foregoing, You acknowledge and agree in Your name and on behalf of Your End Users, if any, that (i) the files or information sent to other recipients may remain on their devices even after You or any of Your End Users, as applicable, deleted it from Your/their own devices, depending on the parameters selected for such transmission or whether these recipients took a screen shot or otherwise recorded that information or file, (ii) when sending or receiving any information or file, You or any of Your End Users, as applicable, are responsible for validating the identity and trustworthiness of the recipients, including whether these recipients are compliant with the representations and warranties constituting a condition precedent to the provision of the Services, (iii) each of You and any of Your End Users are responsible for implementing all physical, electronic, technological, organizational, contractual and other security measures to ensure that the confidentiality of the files and information You or any of Your End Users, as applicable, send or receive is preserved.

7. NATIONAL AND INTERNATIONAL DATA TRANSFERS

CIPHR uses a containerization strategy. This strategy is implemented using ephemeral software images, which can be launched in any location, determined at CIPHR’s discretion, having regard to capacity and the intended location. As CIPHR maintains a global presence, these decisions regarding the location from which such images will be launched are made based on user load and various other factors. As such, Personal Information could be subject to Your (and as applicable Your End Users’) local laws or to foreign laws depending on the place where the ephemeral software images are launched. The disclosure of Personal Information may then be allowed or required under additional circumstances pursuant to any superseding law in force in these foreign jurisdictions, and governmental authorities or other entities may be entitled to access Personal Information in situations that are not contemplated under this Privacy Policy. If You or Your End Users would like to utilize routes or data centers located within specified jurisdictions to abide by and conform to internal policies or process, please make sure to select the appropriate geographical provisioning settings. You or Your End Users, as applicable, should feel free to contact CIPHR as set forth below in order to ensure this is done properly.

8. STORAGE OF PERSONAL INFORMATION

Subject to applicable laws, CIPHR shall retain and store Personal Information only for the purposes detailed herein and as long as it is necessary for such purposes. To that end, CIPHR may retain Personal Information if reasonably necessary to (i) comply with applicable law and prevent any contravention thereof, (ii) resolve disputes, and (iii) enforce this Privacy Policy.

9. THIRD-PARTY WEBSITES

Should any link to third-party websites be provided on the Website, then You and any of Your End Users, as applicable, shall be aware that these sites operate independently, and are subject to distinct terms of use and privacy policies. Likewise, should the Services be available on other websites, then such websites shall not be seen as affiliated to CIPHR or otherwise related to the Services. In both cases, it is strongly recommended that You or any of Your End Users, as applicable, review the distinct terms of use and policies of such third-party websites, as CIPHR is not responsible for the content or practices of any such websites.

10. CONTACTING CIPHR

10.1  Questions, comments and requests

All questions, comments or requests regarding this Privacy Policy should be directed to CIPHR by clicking here. CIPHR will respond to questions and requests as soon as possible.

10.2  Withdrawal of consent

CIPHR may communicate with You for promotional and marketing purposes by e-mail, pop-ups, mail, telephone, text messages or other means of communication. CIPHR will generally use the same means of communication You chose to contact CIPHR or the preferred means specified by You. Should You wish to be removed from one or more of CIPHR’s promotional mailing lists, then You should click on the ready-to-use “unsubscribe” mechanism provided at the bottom of each e-mail or simply reply to that e-mail with the word “STOP” or “Unsubscribe”.

Should You wish to be removed from one or more promotional mailing lists, You can do so by specifying, in an e-mail, letter or phone call from which list(s) You wish to be removed.

11. CHANGES TO THIS PRIVACY POLICY

CIPHR reserves the right to change or modify this Privacy Policy from time to time. Any material change will be notified prior to the change taking effect via a web banner or by any other means. Thereafter, the Privacy Policy as updated will be made available and easily accessible on the Website. Furthermore, an updated version of this Privacy Policy will be published on the Website each time a minor change is made. Anyone may determine whether this Privacy Policy has changed by looking at the effective date appearing at the top of said Privacy Policy. CIPHR recommends that this Privacy Policy be checked periodically in order to review CIPHR’s current practices, as the continued use of the Services and/or Website shall constitute acceptance of any amendment thereto. Should You or any of Your End Users, as applicable, disagree with the amendments made to the Terms of Use, You or any of Your End Users shall immediately stop accessing or using the Services and/or Website.

This website uses cookies to ensure you get the best experience on our website. Learn More
Learn More