secu

Privacy Policy

This Personal Data Processing Notice ("Notice") outlines the terms and conditions for personal data processing activities across the services and products within the Secu ecosystem. This ecosystem is owned, operated, and managed by Secu Co., Ltd. (collectively referred to as "Products" or "Services").

By accessing or using our Products or Services, Users acknowledge that they have read, understood, and agreed to the practices described in this Notice.

1. Collection, Use, Processing Methods of Personal Data, and User Information Protection

When a User logs in and uses a Secu Product, the User agrees and commits to allowing Secu Co., Ltd. to apply technical and organizational measures for collecting, processing, and protecting data related to their Account.

We may process personal data through various forms, including but not limited to:

  • Collecting, recording, analyzing, confirming, storing, editing, disclosing, combining, accessing, or retrieving;
  • Recalling, encrypting, decrypting, copying, sharing, transmitting, providing, transferring, deleting, or destroying personal data;
  • Conducting other related actions to ensure information security and deliver the Products effectively.

2. Types of Personal Data Collected

2.1. Basic Personal Data Provided by the User

(i) Identification Information: phone number, email address.

(ii) User-Generated Content: survey responses, feedback, or other content submitted via our Products.

2.2. Automatically Collected Data

  • Device and browser details;
  • IP address and location (where permitted);
  • Log data and performance metrics.

2.3. Sensitive Personal Data

We may process security credentials, authentication data, and other sensitive details only where necessary, and with explicit User consent.

3. Purposes of Data Processing

We process personal data for the following purposes:

  • Account creation, authentication, and management;
  • Delivering and improving Products and Services;
  • Ensuring system security and fraud prevention;
  • Customer support and communication;
  • Compliance with legal obligations;
  • Analytics, research, and service enhancements.

4. Legal Basis for Processing (GDPR Compliance)

Under the General Data Protection Regulation (GDPR), we rely on the following lawful bases to process your personal data:

  • Consent: when Users voluntarily provide data (e.g., newsletter subscriptions, surveys).
  • Contract: when processing is necessary to provide Products/Services requested by the User.
  • Legal Obligation: when we must comply with laws or regulations.
  • Legitimate Interest: when processing is necessary for business operations, provided it does not override Users’ rights.

5. Data Sharing and Disclosure

We may share data only under strict conditions:

  • With trusted third-party providers (hosting, analytics, support);
  • With regulators, courts, or authorities when legally required;
  • During business restructuring (merger, acquisition, sale of assets);
    With explicit User consent for third-party integrations.

We never sell personal data.

6. User Rights

6.1. Under GDPR (EU/UK)

Users have the right to:

  • Access their personal data;
  • Correct inaccuracies;
  • Request deletion ("Right to be Forgotten");
  • Restrict or object to processing;
  • Withdraw consent at any time;
  • Request data portability in a structured, machine-readable format;
  • Lodge a complaint with a supervisory authority.

6.2. Under CCPA/CPRA (California)

California residents have the right to:

  • Know what personal data we collect, use, and share;
  • Request deletion of their personal data;
  • Opt-out of the sale or sharing of personal data (we do not sell data, but Users can exercise this right regardless);
  • Non-discrimination for exercising privacy rights.

A “Do Not Sell or Share My Personal Information” link is available for California residents.

7. Data Retention

We retain personal data only as long as necessary for the purposes stated in this Notice, unless longer retention is required by law. Once expired, data is securely deleted or anonymized.

8. Security Measures

Secu applies strong security measures, including:

  • End-to-end encryption of sensitive data;
  • Secure servers and firewalls;
  • Role-based access control;
    Regular penetration testing and security audits.

9. International Data Transfers

If personal data is transferred outside of the User’s jurisdiction (e.g., EU → non-EU), Secu ensures compliance with applicable laws through:

  • Standard Contractual Clauses (SCCs);
  • Adequacy decisions;
  • Other legally recognized safeguards.

10. Children’s Data

Our Products are not directed at children under 16 (or lower age as permitted by local law). We do not knowingly collect personal data from minors. If we become aware that we have collected such data, we will delete it promptly.

11. Updates to This Privacy Policy

This Notice may be updated periodically. Users will be informed of significant changes via email or product notifications.

12. Contact Information

For questions, requests, or complaints regarding this Privacy Policy, please contact:

Secu Data Protection Officer (DPO)
Email: [email protected]
Website: www.secu.com

bg-1
bg-1
bg-1
bg-1
bg-1
bg-1