GHOST for Business
How We Collect Information
We may collect Personal Information from a variety of sources, including:
- Directly from You or any of Your End Users, as applicable
- From GHOST Partners
- Automatically, from devices used to connect to the Website and/or the Services
Information We Collect
Personal Information collected through the Services and the Website may include:
- Contact information
- SIM#, IMEI#, IMSI#, device model and e-mail address
- Other information You or any of Your End Users, as applicable, choose to provide
How We Use Information
We use Personal Information we collect to:
- Provide the Services You may request
- Analyze the use of and improve the Services
- Operate GHOST’s business generally
- Comply with applicable laws and GHOST policies
How We Share Information
GHOST may share Personal Information it collects:
- In connection with the provision of the Services
- In case of a business transaction
- For law enforcement
WEBSITE AND SERVICES INTENDED USERS
THE WEBSITE AND SERVICES ARE INTENDED FOR USE BY YOU ONLY
- Definitions and Interpretation
- Collection and Use of Personal Information
- Sharing of Information Collected
- Accessing, Correcting and Updating Information
- Security Measures Implemented
- Data Transfers
- Storage of Personal Information
- Third-Party Websites
- Contacting GHOST
DEFINITIONS AND INTERPRETATION
- GHOST means P Proprietary Limited, a corporation duly constituted and doing business under the name GHOST.
- Cookie(s) designates the small text files that are placed on the hard disk of devices when someone uses the Services or accesses the Website, which may either be temporary and disappear when such devices are turned off or be permanent and stay even after such devices are turned off.
- De-Identified Personal Information means Personal Information from which an owner’s or user’s name or other identifier has been removed, so that it can no longer be linked to that person.
- GHOST Partners designates GHOST’s affiliates or other partners assisting GHOST in the development of the Services.
- Personal Information means any information about an identifiable individual or device, such as an e-mail address, and/or unique identifiers, such as SIM# (subscriber identity module number); IMEI# (international mobile equipment identity number), IMSI# (international mobile subscriber identity number) and device model, which are or could qualify as personal information when coupled with other information as they may result in persons or devices being rendered more easily identifiable when using the appropriate resources.
- Services means the GHOST real-time secured communication services for mobile applications, e-mails, text messages and data storage.
- Website means the GHOST website available at https://ghostecc.com/ or any other URL.
- You means (i) any GHOST client using the Services for the Permitted Purposes, including any of its directors, officers, employees, agents and other person having access to the Services or (ii) as applicable, any person accessing the Website.
2.2 Unless the context requires otherwise: (i) grammatical variations of any term defined herein have a similar meaning; (ii) words importing the singular number shall include the plural and words importing the masculine gender shall include the feminine and neutral genders and vice versa.
COLLECTION AND USE OF PERSONAL INFORMATION
Further, please note that the information and identifiers that GHOST interacts with and/or collects is constantly changing. Consequently, the information described below about the type of information collected may change; GHOST regularly monitors the information it is interacting with and collecting, with a view to ensuring we retain the least amount of information, in the most anonymous manner, we can. GHOST is not a data gatekeeper. To this end, GHOST may obfuscate, hash or encrypt data rendering it unidentifiable to GHOST. Nevertheless, the underlying notions and premises delineated herein remain applicable.
3.1 Information obtained directly from You and/or Your End Users
3.1.1 Purchase of Services
When You purchase Services, Your representatives will be required to disclose their contact information (such as their names, e-mail addresses and any other contact information); such information may, in some jurisdictions, constitute Personal Information. Such information is required to allow GHOST to process the order, to send an electronic invoice and to provide You with the requested Services.
3.1.2 Use of the Services
When the Services are used by You or any of Your End Users, as applicable, GHOST will collect, use and/or process information, including the device model and the following device identifying numbers:
- SIM# (subscriber identity module number): this number (i) is composed of up to 22 digits (made up of several individual parts), (ii) includes some identifying information, as it reveals the telecom operator code, the network the SIM is associated with, the year and month the SIM was created, as well as the SIM’s own number, and (iii) is typically associated with a particular user;
- IMSI# (international mobile subscriber identity number): this number (i) is included within the SIM inserted into all connected devices, (ii) includes a mobile country code and mobile network code used to identify the mobile network operator, and the identification number of the subscriber, and (iii) is typically associated with a particular user as it will follow the user even when the user changes devices;
- IMEI# (international mobile equipment identity number): this number (i) is usually a unique temporary number used to identify a device as it has no permanent or semi-permanent relation to the user but can confirm whether a service or product is being used again on the same device and (ii) may be used with the IMSI# to ascertain when the device was made, the serial number of the device, the version of its software, the nation of usage-origin, the nation of carrier-of-origin, and the subscriber code of the carrier associated with the device;
The collection of the foregoing information is required in order to uniquely identify Your, and as applicable Your End Users’, devices and provide seamless Services, or allowing You to do the same thing with respect to Your products and services incorporating the Services.
3.1.3 Comments, requests for information and referrals
Should You or any of Your End Users, as applicable, wish to obtain information about the Services or about any other subject online, then You or any of Your End Users, as applicable, will be required to provide their contact information (including names and e-mail addresses), which may, in some jurisdictions and in the country where such person carries on business, constitute Personal Information; this information is required by GHOST in order to communicate with such person, determine whether the Services are available in a geographic area and respond to such person’s enquiries, comments or requests for information. You or any of Your End Users, as applicable, may also provide additional Personal Information, including when making comments, enquiries, suggestions and referrals.
Should You or any of Your End Users, as applicable, recommend that GHOST communicate with any person to provide information about the Services, GHOST will need such person’s contact information for the above-mentioned purposes.
3.1.4 Customer service
When You or any of Your End Users, as applicable, subscribe to GHOST newsletters or bulletins, the subscriber will be required to disclose its contact information such as its name and e-mail address, which are required by GHOST to send information about the Services and other information in accordance with such subscription. No marketing or other commercial electronic communication will be sent to You or to Your End Users, if any, without Your or their prior consent, which may be withdrawn at any time as set forth here.
3.2 Information obtained from GHOST Partners
GHOST Partners may collect information about You or any of Your End Users, as applicable, some of which may be shared with GHOST in order for GHOST to update, upgrade or otherwise improve the Services and Website, or to develop new services.
3.3 Information collected using Cookies and similar technologies
- Process Cookies: allow the Services and Website to work properly in keeping track of the sequence of orders or requests or when browsing from one page to the other.
- Security Cookies: are used each time Services are used for identification and security purposes.
GHOST applications leverage an on premise crash reporting system in order to gather application performance and crash data, which does not contain any Personal Information. Additionally, GHOST applications allow for You or Your End Users to trigger a reporting feature which contains application stack traces and, ideally, information regarding events that occurred prior to and after a crash. Such a report also contains a plain text comments string allowing You or Your End User to report comments related to the issue.
SHARING OF PERSONAL INFORMATION COLLECTED
Personal Information is not used or disclosed to third parties for purposes other than those for which it was collected as described herein, unless required or authorized by law or as consented to by You or any of Your End Users, as applicable.
4.1 Personal Information
4.1.1 Sharing made in connection with the provision of Services
Personal Information may be disclosed to GHOST Partners that facilitate the provision of any Service, such as by providing assistance to GHOST with respect to the maintenance and development of its Services. Disclosure will be made on a “need-to-know” basis, and after ensuring that all proper contractual and other undertakings are in place.
4.1.2 Business transaction
Personal Information may be transferred to a potential purchaser or other business in connection with any business transaction or corporate reorganization, if such communication is necessary for the purposes of deciding whether to proceed with the sale or other transaction and provided that such disclosure is made in full compliance with applicable laws.
4.1.3 Law enforcement
Personal Information may be used and disclosed if GHOST, acting reasonably, believes that such use or disclosure is necessary to comply with any applicable law, regulation, legal process or governmental request, or is otherwise required to protect its rights or to fulfil any other purpose set forth in the applicable law allowing or requiring the disclosure of Personal Information.
4.2 De-Identified Information
GHOST may use De-Identified Personal Information for training, research, promotion and any other purposes.
ACCESSING, CORRECTING AND UPDATING PERSONAL INFORMATION
Requests for access to, or for necessary corrections, additions or deletions of, Personal Information in accordance with applicable laws may be made by contacting GHOST as provided for below.
SECURITY MEASURES IMPLEMENTED
6.1 GHOST uses all reasonable measures, including physical, electronic, technological, organizational and contractual security measures to (i) protect the security and privacy of Personal Information from losses, thefts or unauthorized access, disclosure, copying, use or modification, (ii) maintain data accuracy, and (iii) ensure that Personal Information is appropriately used. GHOST has put in place or currently implements the following measures:
6.1.1 SSL Technology: Each time Services are accessed via Internet, Secure Sockets Layer (SSL) technology protects Personal Information by using server authentication and data encryption. No Personal Information will be communicated prior to this technology being activated, which can be confirmed by looking (i) at the address bar which will, depending on the browser, have a lock to the left of the website address (URL) and (ii) at the URL or the address bar of the browser, where the first characters of the address in that line should change from “http” to “https.”
6.1.2 Data retention on GHOST’s servers: Our Services retain as little data as possible for as little time as possible. Payloads are end-to-end encrypted and kept in temporary storage until they are processed for delivery by the intended recipient. In the event that a payload is destined to a recipient who may not be able to retrieve it for an extended period of time, our system will permanently delete said payload within 30 days. However, given the ephemeral nature of the Services, such retention period may be significantly shorter than 30 days; as such we make no guarantees regarding the longevity of the data stored on Your or Your End Users behalf. GHOST may also retain minimal information in order to troubleshoot issues that may arise; in most cases, this data is only retained for 24 hours or less.
6.1.4 No information collected: GHOST does not log or store metadata associated with Your, or as applicable any of Your End Users’, use of the Services.
6.1.5 Secured center. GHOST’s platform and servers are located in various data centers and are deployed at random in order to ensure security and availability. GHOST may utilize CDNs and proxies to mitigate threats, such as DDOS attacks, which obscure the location of the Service you may be accessing. In the event Your or Your End Users subscription or organization mandates that data must traverse or must not traverse certain locations and/or routes, we will dynamically assign routes that adhere to such policies to ensure a compliant and secure routing profile.
If for any reason the secure Services cannot be accessed or the use of the Services does not provide the assurance required, You or any of Your End Users, as applicable, should feel free to contact GHOST as set forth below.
6.2 DESPITE THE FOREGOING, YOU AND ANY OF YOUR END USERS, AS APPLICABLE, SHALL BE AWARE OF THE FOLLOWING:
6.2.1 NO GUARANTEE OF SECURITY: EVEN IF GHOST USES TECHNOLOGIES WHICH ARE OF MERCHANTABLE QUALITY AND SUITABLE FOR THE PROVISIONS OF SERVICES, ANY ELECTRONIC SUPPORT AS WITH ANY OTHER FORM OF SUPPORT IS NOT INFALLIBLE AND FULLY SHELTERED FROM UNFORESEEABLE OR FORCE MAJEURE EVENTS, CYBERATTACKS OR UNAUTHORIZED USES AND ACCESS, AND YOU AND YOUR END USERS, IF ANY, SHALL BE AWARE THAT THERE IS A RISK IN TRANSMITTING ANY DATA ELECTRONICALLY. THIS RISK IS INHERENT IN ALL ELECTRONIC DEALINGS AS WELL AS TO ALL OTHER FORMS OF COMMUNICATIONS. CONSEQUENTLY, GHOST CANNOT GUARANTEE THAT ANY INFORMATION TRANSMITTED WILL NEVER BE INTERCEPTED OR VIEWED OR SUBJECT TO OTHER INCIDENTS. SUCH EVENTS MAY OCCUR, PURSUANT TO WHICH DEVICES OR SYSTEMS CAN BE ACCESSED OR CONTROLLED BY UNAUTHORIZED PERSONS, OR UNDESIRABLE COMMUNICATIONS AND INVITATIONS MAY BE RECEIVED. SHOULD YOU OR ANY OF YOUR END USERS, AS APPLICABLE, RECEIVE A COMMUNICATION THAT LOOKS LIKE IT IS FROM GHOST ASKING FOR PERSONAL INFORMATION, YOU OR ANY OF YOUR END USERS, AS APPLICABLE, SHALL AVOID RESPONDING TO SUCH COMMUNICATIONS. GHOST WILL NEVER REQUEST FINANCIAL AND OTHER SENSITIVE INFORMATION THAT WAY. IF YOU OR ANY OF YOUR END USERS, AS APPLICABLE, HAVE RECEIVED OR ENTERED PERSONAL INFORMATION IN RESPONSE TO A SUSPICIOUS E-MAIL, POP-UP OR PHONY WEBSITE CLAIMING TO BE AFFILIATED WITH GHOST OR IF ANY OF THE FOREGOING EVENTS TAKE PLACE, PLEASE CONTACT GHOST IMMEDIATELY BY ANY OF THE MEANS SET FORTH BELOW.
6.2.2 Measures to be implemented: In addition to the foregoing, You acknowledge and agree in Your name and on behalf of Your End Users, if any, that (i) the files or information sent to other recipients may remain on their devices even after You or any of Your End Users, as applicable, deleted it from Your/their own devices, depending on the parameters selected for such transmission or whether these recipients took a screen shot or otherwise recorded that information or file, (ii) when sending or receiving any information or file, You or any of Your End Users, as applicable, are responsible for validating the identity and trustworthiness of the recipients, including whether these recipients are compliant with the representations and warranties constituting a condition precedent to the provision of the Services, (iii) each of You and any of Your End Users are responsible for implementing all physical, electronic, technological, organizational, contractual and other security measures to ensure that the confidentiality of the files and information You or any of Your End Users, as applicable, send or receive is preserved.
NATIONAL AND INTERNATIONAL DATA TRANSFERS
STORAGE OF PERSONAL INFORMATION
10.1 Questions, comments and requests
10.2 Withdrawal of consent
GHOST may communicate with You for promotional and marketing purposes by e-mail, pop-ups, mail, telephone, text messages or other means of communication. GHOST will generally use the same means of communication You chose to contact GHOST or the preferred means specified by You. Should You wish to be removed from one or more of GHOST’s promotional mailing lists, then You should click on the ready-to-use “unsubscribe” mechanism provided at the bottom of each e-mail or simply reply to that e-mail with the word “STOP” or “Unsubscribe.
Should You wish to be removed from one or more promotional mailing lists, You can do so by specifying, in an e-mail, letter or phone call from which list(s) You wish to be removed.