SecurePoint USA, Inc. ("SecurePoint," "we," "us," "our") provides compliance, visitor management, screening, and audit logging software and related services (the "Services"). This Privacy Policy explains how we collect, use, share, and protect information when you visit our websites or use our Services.
If you have questions, contact us at privacy@securepointusa.com.
Our websites, including securepointusa.com and related pages
Our product applications and Services
Sales, demos, support, and marketing communications
This policy does not cover third party websites or services that we do not control.
2. Roles, Controller vs Processor
SecurePoint generally acts as a data processor when we process information on behalf of an organization that uses our Services (the "Customer"). In those cases, the Customer is the data controller and determines how personal data is used.
SecurePoint acts as a data controller for information we collect directly from visitors to our websites, and for business contact data for sales and support.
Support and communications: messages, tickets, meeting notes, feedback
Billing and payments: billing contact details and transaction metadata (payment card data is processed by our payment providers, not stored directly by SecurePoint)
Customer configured visitor data: information entered by Customers or visitors during check-in or preregistration (may include name, contact info, company, purpose of visit, host, attestation, and other details the Customer chooses to collect)
B) Information we collect automatically
Device and usage data: IP address, device type, browser, app events, pages viewed, feature usage, error events
Cookies and similar technologies: (see Cookies section below)
C) Compliance screening datasets and sources
To provide screening and compliance capabilities, we ingest and maintain sanctions, restricted-party, and related compliance datasets from public sources and, where applicable, partner or third party data sources. We store these datasets in our systems so screening can continue even if an external source is temporarily unavailable.
We do not publish in this policy the size or count of any dataset.
4. How We Use Information
We use information to:
Provide and operate the Services, including visitor workflows, screening, adjudication, reporting, and audit logs
Authenticate users, enforce access controls, and maintain tenant isolation
Configure Customer settings, retention preferences, and security workflows
Provide support, troubleshoot issues, and respond to requests
Process payments and prevent fraud
Improve reliability, performance, and user experience
Comply with legal obligations and enforce our terms
5. Compliance Screening and Data Sharing Behavior
Our default approach is to perform screening against datasets stored within our systems that we maintain by ingesting source data over time.
If a Customer enables optional integrations that require sending data to a third party (for example, messaging providers, identity verification, or other tools), we share only the minimum necessary information to provide that integration.
We do not sell personal information.
6. Legal Bases for Processing (where applicable)
Depending on your location and relationship with us, we process personal data based on:
Performance of a contract: (providing the Services)
Legitimate interests: (security, fraud prevention, product improvement, and customer support)
Compliance with legal obligations
Consent: (where required for certain cookies or marketing communications)
7. How We Share Information
We share information only as needed:
With service providers (subprocessors) that help us operate the Services (hosting, analytics, support, email, payments, communications)
With Customers and their authorized users, under their configuration and instructions
For legal and safety reasons if required by law, subpoena, or to protect rights, safety, and security
Business transfers in a merger, acquisition, financing, or sale of assets, subject to appropriate protections
Subprocessors
We may use providers such as:
Hosting and infrastructure
Database and storage
Email delivery
Payments
Support and communications tools
Optional AI services, if enabled by the Customer or used for internal support workflows
We maintain a list of subprocessors and can provide it upon request. Where required by contract or law, we provide advance notice of material subprocessor changes.
8. International Transfers
Our service providers may process data in the United States and other countries. Where required, we rely on appropriate transfer mechanisms (such as contractual protections) to support international data transfers.
9. Security
We use administrative, technical, and physical safeguards designed to protect information, including:
Encryption in transit using modern TLS configurations
Encryption at rest using industry-standard protections provided by our hosting and database vendors
Role-based access controls and least-privilege practices
Logging and audit trails for sensitive administrative actions
Monitoring and abuse prevention measures
No system is perfectly secure. Customers are responsible for configuring their accounts securely (for example, strong passwords, MFA, and proper role assignments).
10. Data Retention
Retention depends on the context:
Customer data in the Services: retained according to the Customer's configuration and instructions, and our contractual obligations
Audit logs: retained to support security, compliance, and evidence requirements, including long-term retention options
Website analytics and logs: retained for a limited period consistent with operational needs
Customers may request deletion of Customer data subject to contract terms, legal requirements, and security needs (for example, preserving audit trails).
11. Your Rights and Choices
Depending on your location, you may have rights to:
Access, correct, or delete personal data
Object to or restrict certain processing
Receive a copy of your data (data portability)
Opt out of marketing communications
If you are a visitor or end user interacting with a Customer's deployment, direct requests to the Customer (the controller). We will assist Customers in fulfilling requests as required by contract and law.
To request help directly from SecurePoint for website or business contact data, email privacy@securepointusa.com.
12. Cookies and Similar Technologies
We use cookies and similar technologies to:
Keep you signed in
Remember preferences
Measure site performance and usage
Support customer support tools (if enabled)
You can control cookies through browser settings and, where available, cookie preference tools on our site. Blocking some cookies may impact site functionality.
13. Children's Privacy
Our Services are not directed to children, and we do not knowingly collect personal information from children.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will update the "Last updated" date and may provide additional notice where appropriate.