Privacy policy

Last updated: June 11, 2018

Bitvise develops and licenses software for secure remote access and data transfer across computer networks. In this policy, "Bitvise", "we", "us", or "our" means Bitvise Limited, a Texas corporation with principal address at 4105 Lombardy Ct, Colleyville, TX 76034, USA.

Bitvise may update these policies at any time, and without prior notice. We request that you periodically review this page.

Please see also our Terms of use.

Table of Contents

Depending on your choices, we may handle your data in the following circumstances:

  • Website: When you visit our website for general information, such as to learn about our products.
  • Software updates: When you use our software on your computers and it checks for updates.
  • Software activation: When you use our software on your computers and it checks for activation information.
  • Software feedback: When you use our software on your computers and you decide to send us feedback.
  • Orders and licensing: When you place an order or access your activation account.
  • Contact: When you contact us with questions.
  • Notifications: When you subscribe to notifications by email, or we subscribe you for security notifications.
The following is relevant in all situations:

Website

Data collected

Our website keeps track of basic information that is readily available to websites you visit. This includes:

  • Your browser type and version.
  • The parts of our website you visit.
  • The internet address from which you connect.
  • The times and dates of your visits.
  • Technical aspects of your visits, such as the number of bytes exchanged; status codes; and any errors.

Our website may use cookies to store your website preferences (if any) and track your visits. A cookie is a small piece of information that your browser is asked to store, and sends back to the website during your visits.

The information in this section cannot by itself be used to identify you, but it can be used to identify you in conjunction with other information. For example: your internet address could be used to reveal your most likely identity by someone who also has access to your internet service provider's information.

Purpose of processing

We process the information in this section to help us improve our website, software, and services, and to allow us to investigate security breaches. In GDPR, the legal basis for this processing is Article 6, section 1(f).

Our policies

The following are our policies with respect to this information:

  • We may store this information for up to 3 years. We may destroy this information sooner, or not collect it in the first place.
  • We will not sell this information or make it available to third parties, except if we have a compelling reason to outsource specific actions to a third party under appropriate protections.
  • To the extent we store and use this information, it will be made available to Bitvise officers, employees, agents, or contractors only on a need-to-know basis under appropriate protections.

Software updates

Data collected

Maintaining software up-to-date is essential for information security, and this is served by updates being convenient and easy. Our software may regularly and briefly contact our servers to allow you to:

  • Be informed when updates are available.
  • Automatically or manually update to new versions of our software.

Not all of our software might implement such features. If such features are implemented, you will be able to configure the software to disable checks for updates. If the software does check for updates, we may collect:

  • The internet address through which the software connects.
  • Software name, version, and edition.
  • The general license status of the software.

Purpose of processing

We process the information in this section to help us improve our website, software, and services, and to allow us to investigate security breaches. In GDPR, the legal basis for this processing is Article 6, section 1(f).

Our policies

The following are our policies with respect to this information:

  • The software will send information to us encrypted, except for the internet address itself, which cannot be encrypted.
  • We may store this information for up to 3 years. We may destroy this information sooner, or not collect it in the first place.
  • We will not sell this information or make it available to third parties, except if we have a compelling reason to outsource specific actions to a third party under appropriate protections.
  • To the extent we store and use this information, it will be made available to Bitvise officers, employees, agents, or contractors only on a need-to-know basis under appropriate protections.

Software activation

Data collected

When you use our software under a purchased license, our software may regularly and briefly contact our servers to allow you to:

  • Monitor your activated installations to ensure correct license coverage.
  • Receive updated activation information automatically.

Not all of our software might implement this feature. If this feature is implemented, you will be able to obtain an activation code that disables activation checks. If you obtain such an activation code, you may need to accept restrictions. Such restrictions may imply, but are not limited to:

  • Your affected licenses may become untransferable for a long period of time.
  • You may need to manually monitor your usage to ensure complete license coverage.

If the software does make activation checks, we may collect:

  • The internet address through which the software connects.
  • Software name, version, and edition.
  • The general license status of the software.
  • Basic operating system information, such as name, version, edition, language, and configured location.
  • Identifying information for the license under which the software is activated.
  • Quantity of license units the installation uses.
  • Date and time the software was last installed.
  • Configured name of the computer on which the software is running.

Purpose of processing

We process the information in this section to:

  • Make it available to you in your activation account. In GDPR, the legal basis for this processing is Article 6, section 1(b).
  • Make decisions related to licensing and activation, to investigate security breaches, and to help us improve our software, website, and services. In GDPR, the legal basis for this processing is Article 6, section 1(f).

Our policies

The following are our policies with respect to this information:

  • The software will send information to us encrypted, except for the internet address itself, which cannot be encrypted.
  • We may store this information as long as your activation account is active; see Orders. We may destroy this information sooner, or not collect it in the first place.
  • We will not sell this information or make it available to third parties, except if we have a compelling reason to outsource specific actions to a third party under appropriate protections.
  • To the extent we store and use this information, it will be made available to Bitvise officers, employees, agents, or contractors only on a need-to-know basis under appropriate protections.
  • One purpose of this information is so that you can see it in your activation account on demand. Such information will be accessible to you and to anyone you grant access. If an unauthorized person is able to obtain or guess access credentials, they will also have access.

Software feedback

Data collected

Our software may send us information if you use the Send us feedback functionality. In this case, our software may send information including:

  • The internet address through which the software connects.
  • Software name, version, and edition.
  • The license status of the software.
  • Basic operating system information, such as name, version, edition, language, and configured location.
  • An email address, if you provide it.
  • The content of your feedback.

Purpose of processing

We process the information in this section to:

  • Respond to your feedback. In GDPR, the legal basis for this processing is Article 6, section 1(a).
  • Improve our software, website, and services. In GDPR, the legal basis for this processing is Article 6, section 1(f).

Our policies

The following are our policies with respect to this information:

  • The software will send information to us encrypted, except for the internet address itself, which cannot be encrypted.
  • We may store this information for up to 3 years. We may destroy this information sooner, or not collect it in the first place.
  • We may store the content of the feedback you provide indefinitely.
  • We will not sell this information or make it available to third parties, except if we have a compelling reason to outsource specific actions to a third party under appropriate protections.
  • To the extent we store and use this information, it will be made available to Bitvise officers, employees, agents, or contractors only on a need-to-know basis under appropriate protections.
  • We may reply to any email address you provide. If you misspell it or forget to include it, but you appear to expect a reply, we may try to guess the correct address or try to contact you in another way.
  • We will not subscribe an email address to other mailings. However, we may subscribe it, one time, to important security notifications.
  • If we reply, email is encrypted opportunistically. Any information sent by email may be transferred unencrypted. Email interception is possible by well-positioned third parties.

Orders and licensing

Data collected

Bitvise is a small company that specializes in software development. We do not have the capacity to process orders directly. Any orders you place related to our software will be processed by an e-commerce provider. The e-commerce provider has their own separate data handling, privacy policy, and associated terms of use. Please consult those documents for information about how your data is handled by the e-commerce provider.

The e-commerce provider will share with us detailed information about your order. This can include:

  • The internet address the order was received from.
  • Any activation account or page from which you started the order.
  • Almost all information you submit as part of the order, except sensitive credit card or payment details.

We can receive information from the e-commerce provider in two ways:

  • We receive information when you place an order. We may store some or all of this information in an activation account.
  • We can request information from the e-commerce provider again later.

In addition to the above, we may also receive information directly from you or another person associated with you. For example:

  • You may log in and change or enter information in our activation system.
  • We may receive information such as your user agent, internet address, and the page you arrived from when you log in.

Purpose of processing

We process the information in this section to:

  • Deliver software activation information and allow you to manage licenses. In GDPR, the legal basis for this processing is Article 6, section 1(b).
  • Improve our software, website, and services. In GDPR, the legal basis for this processing is Article 6, section 1(f).

Our policies

The following are our general policies with respect to this information:

  • Any information from an e-commerce provider will be received encrypted.
  • We will not sell this information or make it available to third parties, except if we have a compelling reason to outsource specific actions to a third party under appropriate protections.
  • To the extent we store and use this information, it will be made available to Bitvise officers, employees, agents, or contractors only on a need-to-know basis under appropriate protections.
  • We may contact you at any email address you provide with information relevant to your order, or an inquiry you make. We will not subscribe such addresses to other mailings. However, we may subscribe them, one time, to important security notifications.

The following are our additional policies with respect to information stored in activation accounts:

  • One purpose of the information in your activation account is so that you can see it on demand. Such information will be accessible to you and to anyone you grant access. If an unauthorized person is able to obtain or guess access credentials, they will also have access.
  • We may store this information as long as the activation account it is associated with remains active.
  • We may consider an activation account active until the latest of:
    • 10 years after upgrade access last expired for any license associated with the activation account.
    • 5 years after the customer or end user last accessed the activation account.
    • 5 years after installed software last made an activation check associated with the activation account.

The reason for these durations is that customers periodically contact us to locate old licenses. As a rule, such customers request to search for licenses based on information such as names and email addresses. We must maintain this information to answer such inquiries.

The following are our additional policies with respect to information we request from the e-commerce provider at later times:

  • We will request such information if it's necessary in the process of providing support, notifying users, or for compliance with requirements imposed on us by governments, courts, and financial institutions.
  • We may store this information for up to 3 years to facilitate auditing or investigation of actions taken. We may destroy this information sooner.

Contact

Data collected

The main way to contact Bitvise is through our case management system. The information we receive may include:

  • The internet address from which you accessed the case management system.
  • Any email addresses you provide.
  • Any content in messages you post or send us.
  • Any information in email messages you send to us, including detailed technical information in email headers.

Purpose of processing

We process the information in this section to:

  • Respond to your inquiries. In GDPR, the legal basis for this processing is Article 6, section 1(a).
  • Improve our software, website, and services. In GDPR, the legal basis for this processing is Article 6, section 1(f).

Our policies

The following are our policies with respect to this information:

  • We will not sell this information or make it available to third parties, except if we have a compelling reason to outsource specific actions to a third party under appropriate protections.
  • Anything you send may potentially be readable by anyone who works for Bitvise, now or in the future.
  • We may, but are not obligated to, store such information indefinitely. The reason is that when we reply to communications, this can create informal contracts which may be referenced later. We may therefore store the context of communications that may be referenced.
  • Any case you open will normally be private between you, Bitvise, and any additional correspondents. However, you may receive a link which may grant access to the case to anyone who receives it. If you or another correspondent shares this link, anyone who receives it will be able to see the information.
  • We may reply to any email address you provide. If you misspell it or forget to include it, but you appear to expect a reply, we may try to guess the correct address or try to contact you in another way.
  • We will not subscribe an email address to other mailings. However, we may subscribe it, one time, to important security notifications.
  • Email is encrypted opportunistically. Any information sent by email may be transferred unencrypted. Email interception is possible by well-positioned third parties.

Notifications

Data collected

Bitvise may operate systems to send email notifications to subscribers about events such as new versions of our software or security updates. The information we store for this purpose may include:

  • Your email address.
  • Technical information about past deliveries.

Purpose of processing

We process the information in this section to:

  • Send notifications on mailing lists you subscribed to. In GDPR, the legal basis for this processing is Article 6, section 1(a).
  • Send notifications about security issues in software you may be using. In GDPR, the legal basis for this processing is Article 6, section 1(f).

Our policies

The following are our policies with respect to this information:

  • We will not sell this information, or otherwise make it available to third parties, unless we have a compelling reason to outsource delivery to a trusted third party. We will prefer to keep data in-house to avoid such situations.
  • To the extent we store and use this information, it will be made available to Bitvise officers, employees, agents, or contractors only on a need-to-know basis under appropriate protections.
  • If we believe you to be a user of our software, we may, but are not obligated to, add you to our mailing list for important security notifications.
  • We will not add you to any other mailing lists unless you take affirmative action to subscribe.
  • If you unsubscribe from all of our mailing lists, we will delete your email address and information about past deliveries. However, we may continue to store a one-way cryptographic hash of your email address indefinitely, so that we can honor your preference to not receive notifications.

Audit logs and backups

All of our systems may maintain audit logs or backups which may be preserved for a period of time, either together or apart from the source systems. Any data that is deleted from source systems may be preserved in audit logs and backups.

We may store audit logs and backups of any of our systems for up to 3 years. We may destroy any information stored in them sooner, or not collect it in the first place. We will take equal or greater measures to protect information in audit logs and backups as we do for the source systems.

Cloud services

The small size of our business, and the availability of reputable cloud services, mean that operating our own separate data center would be costlier, more time-consuming, and less reliable. Throughout decades, we have used reputable cloud providers to host our website, store our data, and provide services.

Financial institutions

We may reveal information to which we have access, or relevant parts of it, to financial institutions, if we believe appropriate data protections are in place and that revealing this information is necessary to comply with legal requirements or for the financial institution to perform due process necessary to conduct business.

Law enforcement

We may reveal information to which we have access, or relevant parts of it, to law enforcement agencies, if we believe that:

  • this is needed to protect our business or our users; or that
  • it serves the greater public good; or that
  • we are legally compelled to reveal it.

National security orders

We believe it is questionable policy to force private companies to cooperate with government security agencies, and to comply with national security orders which are not subject to meaningful democratic oversight, outside of a time of total war.

Bitvise will not willingly compromise the security and privacy of our users based on a government's request, unless such a request is coercive. However, a national security order may involve prison terms or other penalties for non-compliance. We may not be able to refuse such an order, or reveal its existence if it is secret.

At the time of this sentence being written, Bitvise has not received a government order. However, we may not be able to reveal if we receive an order, even by removing the preceding sentence. Our cloud infrastructure is US-based, and we would not know if our cloud provider received an order.

If you find this situation disconcerting, contact your representatives and ask them to reverse policies that undermine international commercial trust and put dents into public safety in exchange for narrow advantages in state control that do not justify the long-term economic damage.

GDPR

As used in this Privacy policy, GDPR refers to the General Data Protection Regulation (GDPR) (EU) 2016/679. GDPR references apply only to EU residents.

Your rights

You have a right to request us to review, correct, block, or delete any personal information about you, or if you would like to know the categories of personal information that we disclosed to any third party or our associates. If you would like to exercise any of your rights, please contact us.

Upon request, we will provide you with information about whether we hold any of your personal information. If, despite our efforts to maintain correct and up-to-date information, we have any incorrect information about you, we will change it upon your request.

If you think our processing of your personal data infringes your rights under applicable law, in particular under GDPR, you have the right to lodge a complaint with a supervisory authority, such as the public authority which is established in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

For GDPR purposes, our local representative in the EU is:

  Katarina Nahtigal s.p.
  Gotska 3
  1000 Ljubljana
  Slovenia