Castra Managed Services LLC (“Castra”, “we”, “our”, and “us”) believes privacy is paramount and understands and cares about your privacy and your right to your information. We strive to be stewards of your information, just as you would do with your information.
Your privacy matters to us, thus Castra has some basic principles:
If you have questions about deleting or correcting your personal data, please contact our team at [email protected]
You hereby agree with and consent to the collection and processing of your personal information as described in this Policy.
Your personal information may be collected, processed and stored by Castra or its direct services partners in the United States and other countries where our servers reside. Please be aware that the privacy protections and legal requirements, including the rights of authorities to access your personal information, in some of these countries may not be equivalent to those in your country. You hereby agree with and consent to the transfer of your personal data to the United States and other countries where Castra operates.
You have the right, at any time, to withdraw your consent to Castra’s collection and processing of your information, or to the transfer of your personal data to the United States and other countries where Castra operates. You may withdraw your consent by contacting us at [email protected]
Castra uses reasonable organizational, technical, and administrative measures designed to protect your personal information under our control, although “perfect security” does not exist on the Internet. Online, we guard the privacy and confidentiality of your personally identifiable information with audited safeguards. We do not currently collect any sensitive information, such as credit card numbers or social security numbers. This Policy will be updated to reflect any changes, should they arise.
As you interact with Castra, there may be opportunities for you to provide us with your information. Additionally, we may collect certain information about you as further described below.
The types of information that Castra collects about you may include, but are not limited to:
To gauge the effectiveness of the Site, we do collect some non-individually-identifiable generic information about our visitors. Our web servers automatically recognize a visitor’s Internet service provider, the IP address, the domain name, the type of browser, the operating system, which pages are viewed on the Site, the web page a visitor was on when they linked to the Site, how much time is spent on each page, and other information related to the operation and interaction of the Site. This information does not reveal a visitor’s identity. We aggregate this information and use it to evaluate and improve the Site.
Identifiable Information – You can choose to provide individually-identifiable information to Castra in a number of ways as described below. When visitors supply information about themselves for a specific purpose, Castra uses the information for that purpose (such as to provide the information the visitor has requested or to consider a visitor for a particular job). In addition, when visitors use the Site to request information about our services, we may use the individually-identifiable information as we would use the same information obtained off-line – for example, to evaluate your service needs and contact you regarding additional services you may find useful.
Castra will not ever sell, trade, or disclose to third parties any individually identifiable information derived from the registration for or use of Castra online service – including customer names and addresses (except as required by subpoena, search warrant, or other legal process or in the case of imminent physical harm to the customer or others).
Castra collects, discloses, and uses your personal information: for the purpose of determining your qualifications for employment and reaching a hiring decision; to comply with any legal process, applicable laws, and/or regulations; to defend ourselves in claims under such laws; to respond to your inquiries and fulfill your requests, such as to send you documents you request or e-mail; to send you important information regarding our relationship with you or regarding this Site, changes to our terms, conditions, and policies and/or other administrative information; for our business purposes, such as marketing new products and services, data analysis, audits, developing new products or services, enhancing our Site, improving our products and services, identifying Site usage trends, providing products and services, maintaining customer relationships, improving the quality, safety, and security of our products and services, administering your account(s), troubleshooting, supporting electronic signature, customizing and improving communication content, evaluating product performance, providing customer support and product support, warranty administration, and determining the effectiveness of our Site; to our third party service providers who provide services such as website hosting and moderating, mobile application hosting, data analysis, infrastructure provision, credit card processing, IT services, e-mail services, marketing services, auditing services, and other services, in order to enable them to provide services; to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings); and when we otherwise have your consent.
Most of the personal information Castra collects about you is collected directly from you, such as when you (1) submit your personal information to receive product updates and marketing information, (2) contact us via the online “Contact” portal on the Site, (3) send e-mail messages or feedback, or transmit other information by e-mail, and (4) apply for a job. To elect to engage in such activities, we may ask that you provide us personal information.
As you navigate around this Site, certain information can be passively collected (that is, gathered without you actively providing the information), using various technologies. We passively collect and use information in a variety of ways, including:
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. If you would prefer not to accept cookies, most browsers will allow you to: (i) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) to disable existing cookies; or (iii) to set your browser to automatically reject any cookies. If you set your browser to reject cookies, part of the Site may not work for you.
If Castra, or substantially all of its assets, were acquired, or in the unlikely event that Castra goes out of business or enters bankruptcy, user information would be one of the assets that is transferred or acquired by a third party. You acknowledge that such transfers may occur, and that any acquirer of Castra may continue to use your personal information as set forth in this policy.
You have a right to (1) access, modify, correct, or delete your personal information controlled by Castra regarding your profile, (2) change or remove your content, and (3) close your account. You can request your personal information that is not viewable on your profile or readily accessible to you (for example, your IP access logs) by emailing us at [email protected]. If you close your account(s), your information will generally be removed from the Service within one (1) week. We generally delete closed account information and will de-personalize any logs or other backup information through the deletion process within thirty (30) days of account closure, except as noted below.
Castra or its business partners may use email to communicate with customers or prospective customers about events or new products and services or to respond to visitor’s emails. If you receive unwanted email from us you may also remove yourself from our email list by simply following the “unsubscribe” instructions in the email. We will not send commercial solicitations to customers who request it not be sent. Please note that if you do go through this process, some email messages may still come to you, although not those dealing with commercial solicitations.
We do not intentionally collect information from individuals under the age of 18. The Site is not directed to individuals under the age of 18 and we request that these individuals not provide personal information through this Site.
This Policy is meant to guide Castra with respect to personal information collected from or about you at this Site. While this Policy applies to personal information generally, the local laws, rules and regulations of jurisdictions that are applicable to Castra (“Local Laws”) may require standards which are stricter than this Policy and, in such event, Castra will comply with applicable Local Laws. Specific privacy policies may be adopted to address the specific privacy requirements of particular jurisdictions.
Castra is committed to the security of your information, and has in place physical, administrative and technical measures designed to prevent unauthorized access to that information. Castra security policies cover the management of security for both its internal operations as well as the services. These policies, which are aligned with the ISO/IEC 27001:2013 and SOC2 Type2 standards, govern all areas of security applicable to services and apply to all Castra employees.
Castra is also committed to reducing risks of human error, theft, fraud, and misuse of Castra facilities. Castra’s efforts include making personnel aware of security policies and training employees to implement security policies. Castra employees are required to maintain the confidentiality of services data. Employees’ obligations include written confidentiality agreements, regular training on information protection, and compliance with company policies concerning protection of confidential information.
Castra promptly evaluates and responds to incidents that create suspicions of unauthorized handling of services data. Castra Management is informed of such incidents and, depending on the nature of the activity, define escalation paths and response teams to address the incidents. If Castra determines that your services data has been misappropriated (including by an Castra employee) or otherwise wrongly acquired by a third party, Castra will promptly report such misappropriation or acquisition to you.
We may transfer your personal information outside the European Economic Area (EEA) to the United States or any country that Castra or its service providers may have operations.
Such countries do not have the same data protection laws as the United Kingdom and EEA. While the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your personal information will be subject to a European Commission approved contract (as permitted under the General Data Protection Regulation) that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. To obtain a copy of the safeguards please contact us.
If you would like further information please contact us. We will not otherwise transfer your personal data outside of the United Kingdom OR EEA or to any organization (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulation. If you would like to exercise any of those rights, please:
If you would like to unsubscribe from any email newsletter you can also click on the unsubscribe button at the bottom of the email newsletter. It may take a few days for this to take place.
We hope that we can resolve any query or concern you raise about our use of your information. To contact, please use [email protected]
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred.
Some web browsers incorporate a “Do Not Track” (DNT) or similar feature that signals to digital devices that a visitor does not want to have his/her online activity tracked. Because not all web browsers offer DNT options and DNT signals are not yet uniform, we and many other digital service operators do not respond to DNT signals.
Castra will use a self-assessment approach to verify compliance with this Policy and periodically verify that the Policy is accurate, comprehensive for the information intended to be covered, prominently displayed, implemented and accessible.
If you believe that your personal information has been processed or disclosed in violation of this Policy, Castra encourages you to raise any concerns using the contact information provided in this Policy. Castra will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of personal information.
Castra complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Castra is also responsible for ensuring that third parties acting as an agent our behalf do the same.
With respect to personal information received or transferred pursuant to the Privacy Shield Framework, Castra is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
In compliance with the Privacy Shield Principles, Castra commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Castra at:
Castra Managed Services, LLC
ATTN: Privacy Officer ISO
3308 Durham Chapel Hill Blvd
Durham NC 27707
Castra has further committed to refer unresolved Privacy Shield complaints to American Arbitration Association an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.adr.org/Support for more information or to file a complaint. The services of American Arbitration Association are provided at no cost to you.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact your local EU Data Protection Agency (DPA) at https://webgate.ec.europa.eu/odr/main/?event=main.home.show. Under certain conditions, you may have the right to invoke a binding arbitration to resolve the matter.
We give you choices regarding our use and disclosure of your personal information. You may opt-out of our collection of your personal information at any time by contacting us as specified below. We will seek to comply with your request(s) as soon as reasonably practicable.
If applicable and you would like to review, correct, update, or delete the personal information that you have provided via this Site, please contact us as specified below. We will try to comply with your request as soon as reasonably practicable.
We retain your personal information for the period necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or allowed by law or to otherwise fulfill a legal obligation.
If you have questions or concerns about Castra’s policies and practices for handling applicant personal information, or otherwise, please contact us:
By E-mail: [email protected]