Last Updated: 7 Jun 2018

 

Graystone International Pte Ltd ("us", "we", or "our") operates http://www.iCyberwise.com (the "Site"), which provides the “Service”.

 

This page informs you of our policies regarding the collection, use and disclosure of Personal Information we receive from users of the Site, and if anyone decided to use our Service.

 

This policy does not govern information related to our informational website.  For our privacy practices related to our website, please review our Online Privacy Policy .

 

YOUR USE OF THE SERVICES OFFERED BY GRAYSTONE IS CONDITIONED UPON YOUR ACCEPTANCE OF THE TERMS OF SERVICE LOCATED AT WWW.ICYBERWISE.COM AS WELL AS THIS SERVICES PRIVACY POLICY. IF YOU DO NOT ACCEPT THE TERMS OF SERVICE OR TERMS OF THIS POLICY, DO NOT USE THE SERVICES OFFERED BY GRAYSTONE.

 

​

NOT INTENDED FOR CHILDREN

Graystone is a company focused on serving the needs of businesses.  Our services are not intended for children.  Graystone does intentionally obtain information from persons under 18 years of age.

 

​

TYPE AND PURPOSE OF DATA COLLECTED

 

Personal Data: If you choose to sign up for the Service, we collect the following personal information from you:  your name, email address, and phone number.  We use this information to establish an account on our system for clients to use our Service.  We will also use this information to respond to service requests, and send activity, security, training, or feature notices to users and administrators.

 

Payment Information: We may collect and process payment information from you when you subscribe to the Service, including credit cards numbers and billing information.  We process credit card information using third party PCI-compliant service providers. 

 

Customer Data: Graystone provides an online system that our customers use to send simulated phishing emails. In providing this service, Graystone processes data our customers submit to our services or instruct us to process on their behalf.  Graystone processes data submitted by customers for the purpose of providing simulated email phishing campaigns, training, and reports to our customers.

 

Cookies: We use session cookies to enable certain features of the Service. Session cookies usually expire and are deleted when you close your web browser. Session cookies must be enabled to use the Service. 

 

Log Files: As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.

 

IP Address: In addition to above, the client administrator may configure the system to restrict access to the Service to specific IP addresses, such as an approved corporate network.

 

Single Sign On: Client administrators may configure the Service to import and authenticate users with various Single Sign On providers, including name and email address. It is the client’s responsibility to understand the privacy policies of their Single Sign-On provider. 

 

 

SECURITY

Graystone takes reasonable precautions to protect Personal Data from loss, misuse and unauthorized access, disclosure, alteration, and destruction. All information transmitted over the network is encrypted.

 

 

SHARING DATA / ACCOUNTABILITY FOR ONWARD TRANSFER

 

Your privacy is important to us. We do not sell or otherwise disclose your personal information we obtain through the Services to third parties, except as described here.

 

Graystone Interational uses a limited number of third-party service providers to assist us in providing our services to customers. These third-party providers offer customer support to our customers, perform database monitoring and other technical operations, assist with the transmission of data, and provide data storage services. These third parties may access, process, or store personal data in the course of providing their services. Graystone maintains contracts with these third parties, restricting their access, use and disclosure of personal data in compliance with our Privacy obligations.

 

We reserve the right to transfer any information we have about you in the event we sell or transfer all or a portion of our business or assets (including in the event of a reorganization, dissolution or liquidation).

 

We reserve the right to disclose your personal information as required by law or legal process, in response to a request by law enforcement authorities, when we believe that disclosure is necessary or appropriate to protect our rights or to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity.

 

​

RIGHTS TO ACCESS PERSONAL DATA

Where appropriate, Graystone provides Consumers with reasonable access to the Personal Data Graystone maintains about them. Graystone also provides a reasonable opportunity for Consumers to correct, amend or delete that information where it is inaccurate, as appropriate. Graystone may limit or deny access to Personal Data where providing such access is unreasonably burdensome or expensive under the circumstances.

 

CHOICE

In circumstances in which Graystone collects Personal Data directly from Consumers, it offers Consumers the opportunity to choose whether Graystone may (i) disclose their Personal Data to certain third parties or (ii) use their Personal Data for a purpose that is incompatible with the purpose for which the information was originally collected or subsequently authorized by the individual. Consumers may contact Graystone as indicated below regarding the company's use or disclosure of their Personal Data.

 

Graystone may disclose Personal Data without offering an opportunity to opt out

1. to service providers the Company has retained to perform services on its behalf,

2. if it is required to do so by law or legal process,

3. to law enforcement or other government authorities, or

4. when Graystone believes disclosure is necessary to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity.

Graystone also reserves the right to transfer Personal Data in the event it sells or transfers all or a portion of its business or assets (including in the event of a reorganization, dissolution or liquidation). Should such a sale or transfer occur, Graystone will use reasonable efforts to direct the transferee to use the Personal Data in a manner that is consistent with Graystone’s' privacy policies. Graystone uses Personal Data only for the purposes indicated in this Policy or the Online Privacy Policy unless it has a legal basis, such as consent, to use it for other purposes. To the extent required by law, Graystone obtains prior opt-in consent at the time of collection for the processing of (i) Personal Data for marketing purposes and (ii) Sensitive Data, to the extent that Graystone collects any Sensitive Data.

 

 

FILING A PRIVACY COMPLAINT

In compliance with the EU-US and PDPA Principles, Graystone commits to resolve complaints about your privacy and our collection or use of your personal information.  European Union individuals with inquiries or complaints regarding this privacy policy should first contact Graystone as outlined in the Contact Us section of this policy.

  

 

DATA INTEGRITY & PURPOSE LIMITATION

Graystone takes reasonable steps to ensure that the Personal Data the company processes are (i) relevant for the purposes for which they are to be used, (ii) reliable for their intended use, and (iii) accurate, complete and current.

 

 

Links from our site

 

Our Service may contain links to other sites. Please note that we have no control of websites outside our domain. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

 

 

Changes To This Privacy Policy

 

This Privacy Policy is effective as of 20 Jan 2018 and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.

 

We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgement of the modifications and your consent to abide and be bound by the modified Privacy Policy.

 

If we make any material changes to this Privacy Policy, we will notify you either through the email address you have provided us or by placing a prominent notice on our Site.

 

 

Contact Us

 

If you have any questions about this Privacy Policy, please contact us.