At Pragma Edge, we believe that privacy is a fundamental human right. Period
This policy describes our commitment to preserving the security of your personal data, your privacy, and your rights to it. This policy is written in plain language because we want to communicate this to you. It therefore lacks some of the precision that a document drafted by and for legal professionals would have, but it still represents our good faith effort at describing what we and you agree to when you entrust us with your data.
We also believe that the less information we know about you, the better. After all, it is impossible to lose, misuse, or abuse information we don’t have. To the extent that we have your data, we see ourselves as custodians of that data on your behalf. We use your data solely to provide you the product or service you opt in for and have no desire or interest to use the data we acquire for any other purposes.
We retain three kinds of information to deliver our services: Service Data, Diagnostic Data and Personal Information. These are treated securely with respect for customer privacy and data confidentiality, but there are important technical and usage differences.
Service Data is data that we inevitably acquire about your usage and retain only enough data to operate and maintain the services. This data is never used for any other purpose and is kept confidential. We retain the right to hold and use service data to provide our services, troubleshoot problems, analyze the performance and demands on our services.
Diagnostic Data is a type of data which is not automatically collected or required for the operation of our services. In some cases, we solicit diagnostic reports and other troubleshooting, bug, and crash reports from customers to help identify and solve problems with our products and services. This information is sent to us explicitly on a case by case basis or who otherwise explicitly choose to provide diagnostic data to us. This data may contain sensitive information about your operating environment as well as personally identifying information. Although there may be occasions when we ask for diagnostic data to assist you with a problem, you are never obligated to provide it.
Personal information is data that can be used to identify, either directly or indirectly, an individual or a business entity whomsoever the information applies. The information that we may collect from you is visible to our staff and includes but is not limited to your name, mailing address, phone number, email address, contact preferences, occupation, marketing preferences, social media account information.
You have the right to know what we know about you and to see how that data is handled. You may request a screenshot of what we can see about you in our back office systems. However, to protect customer privacy, such requests must be carefully authenticated beyond demonstrating control of the customer’s email address.
As we are merely custodians of your data, account owners have the right to instruct us to remove data permanently from our systems. To ensure that no one’s data is deleted without their consent, the account owner has to contact us and ask for the data to be expunged. Once the request is authenticated, the data will be removed from our active systems within 72 hours.
Disaster recovery and data availability requirements mean that we have a legitimate interest in maintaining secure and immutable backups. Erasure requests will leave those backups untouched, and we will only remove data from backups if legally compelled to.
All this data is held by third party data processors, who provide us with hosting and other infrastructure services. The locations of these are described below. In many cases (but we cannot promise that this will always be the case) even data held by these entities is encrypted with keys held only by us.
Our customer support and email services are hosted primarily in the United States. Any information you choose to send us through email or our customer support system may pass through and be stored on a variety of intermediate services.
We take the security of your personal information seriously and to protect against accidental or unlawful destruction, loss or alteration, we have implemented strict security controls, intrusion detection software and processes to alert us in the case of a potential or actual intrusion of our information systems and established incident response process to react immediately and execute a remediation plan.
If any data security breach occurs, we recognize our responsibility to our customers and to the public to disclose the nature of the risk and provide a transparent account of the event without undue delay. At a bare minimum, we must inform the applicable supervisory authorities as required by law and regulation.
If you have any questions about this Policy, you can contact our support team or write to us by mail at: