TSECOND’S PRIVACY POLICY

I. Introduction

Tsecond, Inc., and our related and affiliated entities (collectively “Company,” or “we,” “us” and “our”) value your privacy and are committed to maintaining your trust. We provide this Privacy Policy to inform you of our policies and procedures regarding the collection, use, and disclosure of personally identifiable information received from visitors to and/or users of the Company’s website located at www.tsecond.us (the “Website”) and provision of services online, including through our customer portals and platforms. Specifically, The Company builds proprietary high-density storage devices, including the BRYCK device, and develops associated software to manage data movement to and from the device (“BRYCK Platform”), and has developed a service to reduce the time, infrastructure, and cost associated with traditional large data migrations by using its proprietary BRYCK Platform to facilitate the transfer of customer data to a data center or cloud service provider (“DataDart Service”). Collectively “Services” refers herein to our Website and online services (including the BRYCK Platform and client portal), our physical products (including the BRYCK device), and our DataDart Service offering. 

The foregoing disclosures and policies are based on the nature of the shared data and are also specific to the Service we are providing to you, as specified below. 

II. Use of Personal Information Relating to Our DataDart Service 

The following applies to the transfer of our customer’s data from a BRYCK device by us, our agents, or our third party subcontractors at a customer or third party data facility as part of our DataDart Service. 

This Privacy Policy disclosures and terms are intended to supplement any agreement entered into by any DataDart Service customer and the Company for such DataDart Services (including a DataDart Master Service Agreement). However, to the extent (and only to the extent) there is a conflict in terms between any DataDart Service agreement you have with us and the terms of this Privacy Policy, the terms of the DataDart Service agreement shall govern.

A. Disclaimers and Limitations of Liability Relating to BRYCK Stored Data

We are committed to maintaining data security and privacy in our provision of DataDart Services to our customers. In connection with any DataDart Service data transfers performed by us, our agents, or subcontractors, we may be involved in the transfer or processing of certain Personal Information,  Sensitive Personal Information , Protected Health Information,  and other sensitive data that is owned or controlled by our DataDart Service customers and uploaded to our BRYCK devices by these customers. However, neither the Company nor its subcontractors review or access the contents of any such data uploaded by DataDart Service customers to its BRYCK device and are therefore only aware of the nature of such data only in so far as that information is accurately disclosed to the Company by its customers.

It is therefore the responsibility of all DataDart Service users to comply with all data privacy and security laws, regulations, disclosures, and requirements as it relates to their own BRYCK-uploaded data. This includes but is not limited to compliance with all federal, state, and foreign laws and regulations regarding the transfer, storage, processing, or use of personal information or other highly sensitive data (whether of your employees, customers, or other third parties), and cross-border sharing requirements. 

To the extent necessary to achieve compliance, all DataDart Service users herein agree to inform Company of any privacy and security requirements relating to Company’s provision of its data transfer Services to you.  

As detailed in any DataDart Service agreement(s) we have with you, the Company bears no legal responsibility to you or third parties for your failure to meet data privacy and security requirements for non-compliant or improper use, sharing, processing, or transferring of BRYCK-uploaded data, and you are solely responsible for resolving disputes regarding ownership or access to your BRYCK-uploaded data, including those involving any third party. 

The term “Personal Information” as used herein adopts the California Consumer Privacy Act’s (“CCPA”) definition, and refers to information that identifies, relates to, or describes a particular consumer or household and is reasonably capable of being associated with or could reasonably be linked to a particular consumer or household, including, but not limited to, name, postal address, email address, IP address, social security number, personal property records, purchasing histories, biometric information, internet activity such as browsing or search history, geolocation data, employment information, education information and inferences drawn from this information, in so far as it is not publicly available information.  

1. The term “Personal Information” as used herein adopts the California Consumer Privacy Act’s (“CCPA”) definition, and refers to information that identifies, relates to, or describes a particular consumer or household and is reasonably capable of being associated with or could reasonably be linked to a particular consumer or household, including, but not limited to, name, postal address, email address, IP address, social security number, personal property records, purchasing histories, biometric information, internet activity such as browsing or search history, geolocation data, employment information, education information and inferences drawn from this informatio, in so far as it is not publicly available information. 

2. The term “Sensitive Personal Information” as used herein means personal information that reveals an individual’s (i) government-issued identification number, including Social Security number, driver’s license number, or state-issued identification number; (ii) account log-in, financial account number, credit report information, or credit, debit, or other payment cardholder information, with or without any required security or access code, personal identification number, or password that permits access to the individual’s financial account; (iii) biometric, genetic, health, or health insurance data; (iv) precise geolocation data; (v) mail, email, or text message content not directed toward the Company; or (vi) information regarding their racial or ethnic origin, religious or philosophical beliefs, sex life or sexual orientation, union membership, or citizenship or immigration status.

3. The term “Protected Health Information” as used herein adopts the definition provided by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Rules, as amended.

 

B. Company’s Use of Subcontractors for DataDart Services

 

At times, the Company may use subcontractors to provide its customers with DataDart Services. These subcontractors include those who:

(1) Provide BRYCK device transportation and logistics services;

(2) Are permitted common carriers sub-subcontractors of our transportation and logistics service providers. These may include but are not limited to the FedEx Corporation and the United Parcel Services of America, Inc.; and

(3) Subcontractors who provide secure BRYCK data uploading services at data facilities.

To the extent the Company uses these subcontractors and sub-subcontractors in its provision of California Service Provider services, Company takes steps to ensure these subcontractors comply with any legal or regulatory requirements applicable to the Company within the scope of their services, and provide services in accordance with any related DataDart Service customer contract terms.

You can submit any inquiries related to our DataDart Service subcontractors or sub-subcontractors, we can be reached at accounts@tsecond.us.

B. The California Consumer Privacy Act

Service Provider Status. To provide our DataDart Service, we may be involved in the transfer or processing of certain Personal Information relating to California residents on behalf of customers who are subject to the CCPA, as set forth herein. In such instances, the data transfer services performed by us are in a “Service Provider” capacity, as that term is understood under the CCPA and related authorities, and is performed only for and at the direction of our DataDart Service customers.

In connection with its DataDart Service, the Company does not:

• Sell or share the Personal Information of its consumer’s BRYCK-uploaded data;
• Retain, use, or disclose Personal Information obtained under its DataDart Service contract for any purpose except that contract’s specified business purposes or as the CCPA otherwise permits;
• Retain, use, or disclose Personal Information obtained under its DataDart Service outside of the parties’ direct relationship, unless the CCPA or CCPA Regulations expressly permit the use; or
• Combine or update Personal Information data obtained for transfer under its DataDart Service contract.

Business Purpose. The California Service Provider activities performed by us relating to the processing of Personal Information of California residents is for the business purpose of providing our DataDart Service to customers, including helping to ensure the security and integrity of their data, and data transfer services for the DataDart Service customer’s own permitted business use under the CCPA.

CCPA Consumer Requests Related to BRYCK Data. Some DataDart Service customers may be subject to the CCPA’s requirements to take certain actions in response to consumer requests, such as for Personal Information data disclosures or deletion requests. To the extent we are acting as a California Service Provider and we receive a verifiable CCPA consumer request made by a California resident 16 years of age or older relating to Personal Information stored on a BRYCK device, it is the Company’s policy to notify the DataDart Service customer of the consumer request so they may take action to respond to such consumer directly. The Company also agrees to cooperate with its DataDart Service customer to the extent necessary to respond to such CCPA consumer requests. You may submit your verifiable consumer requests to us at accounts@tsecond.us along with information sufficient for us to identify your personal data, including the name of the DataDart Service customer who controls or processes such data.

Opt-Out Notices. The Company is not subject to consumer opt-in or opt-out notice requirements under the CCPA relating to company controlled or processed Personal Information or for BRYCK device-uploaded data as the Company does not resell or reshare any such Personal Information or DataDart Service customer data with other businesses.

II. Company’s Use, Processing, and Sharing of All Other Personal Information

Following are the Company’s policies for our use, processing, and sharing of any Personal Information and applies to anyone who shares with us his, her, or a third-party’s^[1] Personal Information outside of the BRYCK device data transfers performed by us as part of the Data Dart Service. For example, the Company may collect your Personal Information if you register for an account with the Company’s Website, when you use the Company’s Services or BRYCK Platform, or when you send the Company communications in connection with your use of the Services. The Company does not collect any Personal Information from visitors to its website that is not voluntarily provided. We may use, process,^[2] and/or share your Personal Information (and have done so in the past 12 months):

 

• To respond to your inquiries and your requests regarding our Services, including as they relate to any logistics and data uploading services connected with your use of our Data Dart Service.

 

^[4] Third Party Personal Information.   We may obtain your Personal Information from third parties, such as third parties with whom we affiliate in providing the Company’s services.  If you provide the Company with Personal Information about third parties, you warrant to the Company that any Personal Information that you provide to the Company about any third party individuals was obtained by you with full consent, that you have the legal authority to provide us with such information, and that the individual has not communicated to you that they wish to opt out of receiving communications from the Company or having the Company collect information about him or her.

^[5] Process.   “Processing” covers a wide range of operations performed on personal data, including by manual or automated means. It includes the collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of personal data. 

• To send you information regarding our services and changes to our terms, conditions, and policies.
• To complete your account registration, process your payments, and communicate with you regarding our Website, the BRYCK Platform, or generally in connection with your purchase of our DataDart Service.
• To send you marketing communication and newsletters about our Services.
• To personalize your experience on our Website and BRYCK Platform.
• To inform you and allow you to participate in our Company’s promotions.
• To facilitate social media sharing functionality.
• To collaborate with business affiliates, partners, vendors, subcontractors, or service providers to provide you with our Services.
• In connection with our business purposes, as described above, including but not limited to data analysis, audits, fraud monitoring and prevention, developing or enhancing new and existing products and/or services, or expanding our business activities.

We will not use and/or share your Personal Information:

• With anyone except for our Company’s authorized service providers,^[1] business affiliates,^[2] and business partners^[3], and strictly for business purposes; or unless we specifically inform you, and give you an opportunity to opt out of sharing your Personal Information. You herein agree that you have visited the websites of the aforementioned entities, and agreed to their Privacy Policies and Terms of Service.
• To run interest-based advertising campaigns that collect Personal Information such as email addresses, telephone numbers, and credit card numbers.
• To use or associate Personal Information with remarketing lists, cookies, data feeds, or other anonymous identifiers.
• To use or associate targeting information, such as demographics or location, with any Personal Information collected from the ad or its landing page.

^[6] Authorized service providers are companies that perform certain services including, but not limited to, fulfilling orders, processing credit card payments, delivering packages, providing customer service and marketing assistance, performing business and sales analyses, supporting the functionality of the Services, and insofar as necessary to accomplish logistics and data uploading services through third party providers in connection with our Data Dart Service.  These service providers may have access to your Personal Information, but to the extent necessary to perform or fulfill their business purpose.  We do not permit them to share or use any of your Personal Information for any other purpose.

^[7] Affiliate businesses are those businesses with whom we may affiliate to sell our products or Services.  We may share information we collect, including Personal Information, with affiliated businesses.  Sharing such information with our affiliates enables us to provide you with information about a variety of products and Services that might interest you.  We instruct all affiliated businesses to comply with applicable privacy and security laws and, at a minimum, in any commercial email they send to you, to give you the opportunity to choose not to receive such email messages in the future.

^[8] Business partners are typically merchants offering the products, services, promotions, contests and/or sweepstakes in connection with or somehow related to our own products and Services.  We will not share your Personal Information with business partners unless you choose to participate in their offer or program.  When you choose to engage in a particular offer or program, you authorize us to share your email address and other Personal Information with the relevant business partner.

• To share any Personal Information with Google or third party companies through our remarketing tag or any product data feeds which might be associated with our ads.
• To send Google or third party companies precise location information without obtaining your consent.

 

However, we reserve the right to disclose Personal Information that we believe, in our sole discretion, to be necessary or appropriate in the following circumstances:

• As required by law, such as to comply with a subpoena, or similar legal process.
• When we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
• To enforce our agreements with you, including this Privacy Policy and our Terms of Service.
• To allow us to pursue available remedies or limit the damages that we may sustain.

 

III. Collection of Other Information

Personally Non-Identifiable Information:  We may collect personally non-identifiable information, including but not limited to demographic data, age, education level, profession, geographic location or gender, from you at the time of registration on our Website or app, or when you choose to use our Services. This information is not, by itself, sufficient to identify or contact you.  The Company may store such information, or it may be included in databases owned and maintained by partners, affiliates, agents, or service providers of the Company.  The Company may use such information and pool it with other information to track data related to growing the business, such as the total number of visitors to our Website and the domain names of our visitors’ Internet service providers. 

 

Aggregated Personal Data. The Company may analyze your Personal Information provided through the Website or in connection with rendering the Services, in aggregate form. This aggregate information does not identify you personally.  We may share this aggregate data with our partners, affiliates, agents, or service providers for business purposes. We may also disclose aggregated statistics to explain our Services to current and prospective business partners, and to other third parties for other lawful, business-related purposes.

 

Tracking Technologies on our Website. We may, either directly or through third-party companies and individuals we engage to provide services to us, also:

• Track your use of the Website and the Services for purposes of our own customer support, analytics, research, product development, fraud prevention, risk assessment, regulatory compliance, investigation, etc.
• Track your use of the Website and the Services to enable you to use and access the Services and pay for your activities on the Website and through the Services.
• Track your behavior on the Website and use of the Services to market and advertise our services to you on the Website platform and third-party websites. You may opt out of receiving advertisements by visiting the Network Advertising Initiative (http://www.networkadvertising.org/choices/) and/or the Digital Advertising Alliance (http://www.aboutads.info/choices/). Please note that even if you choose to opt-out of receiving targeted advertising, you may still receive advertising on the Services, generally.  The advertising will simply not be targeted or specific to your interests.

 

Data Relating to Persons Outside the United States. Tsecond, Inc. is incorporated in Delaware and headquartered in California. We do not knowingly advertise outside the United States, including to any persons in the European Union (“EU”), or market our Services to international residents. Further, while international visitors or users are not restricted from accessing our Website, based on the size of the Company and/or the nature and scope of our activities relating to any such international residents, we are not currently subject to particular data privacy regulations related to our online Services, including the General Data Protection Regulation (“GDPR”). In relation to our provision of data transfer services, and to the extent our DataDart Service customers are in possession of data that is subject to certain international data security, privacy, and/or compliance requirements, it is such customer’s sole responsibility, as set forth herein, to comply with all relevant laws and regulations when engaging with third parties, like the Company, in the handling of that data.  If you are a foreign resident and have any questions regarding our data policies, you can reach us by email at accounts@tsecond.us.

IV. CCPA Consumer Data Requests

The following applies to any verifiable consumer CCPA request to the Company made by a California resident 16 years of age or older relating to their Personal Information unrelated to any BRYCK stored DataDart Service customer data.

Disclosure Requests. Under the CCPA, you may have a right to request information about our collection, use, and disclosure of your Personal Information over the prior 12 months, and ask that we provide you with the following information:

• Categories of and specific pieces of Personal Information we have collected about you.
• Categories of sources from which we collect Personal Information.
• Purposes for collecting, using, or selling Personal Information.
• Categories of third parties with which we share Personal Information.
• Categories of Personal Information disclosed about you for a business purpose.
• If applicable, categories of Personal Information sold about you and the categories of third parties to which the Personal Information was sold, by category or categories of Personal Information for each third party to which the Personal Information was sold.

Deletion Requests. You may also have a right to request that we delete Personal Information, subject to certain exceptions, which can be invoked if it is necessary for the Company to maintain the Personal Information pursuant to these exception under the CCPA:

• Transactional: Complete the transaction for which the Personal Information was collected, provide a good or service requested by the consumer, or reasonably anticipated within the context of a business’s ongoing business relationship with the consumer, or otherwise perform a contract between the business and the consumer.
• Security: Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity; or prosecute those responsible for that activity.
• Errors: Debug to identify and repair errors that impair existing intended functionality.
• Free Speech: Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.
• CalECPA Compliance: Comply with the California Electronic Communications Privacy Act
• Research in the Public Interest: Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the businesses’ deletion of the information is likely to render impossible or seriously impair the achievement of such research, if the consumer has provided informed consent.
• Expected Internal Uses: To enable solely internal uses that are reasonably aligned with the expectations of the consumer based on the consumer’s relationship with the business.
• Legal Compliance: Comply with a legal obligation.
• Other Internal Uses: Otherwise use the consumer’s Personal Information , internally, in a lawful manner that is compatible with the context in which the consumer provided the information.

Absent an exception, under the CCPA, we have 45 days to comply with your request.

V. Children

The Children’s Online Privacy Protection Act of 1998 (COPPA) and its accompanying FTC regulation protects the privacy of American children aged 13 and under, who are using the Internet. The GDPR sets the age at which an EU child can give their own consent in order to process their Personal Data at 16 years of age.

The Website and our related Services are not intended for anyone under 16, and we do not knowingly collect information from anyone under the age of 16. Anyone aged 16 or under should not submit any Personal Information without the permission of their parents or guardians. By using the Website and our related Services, you are representing that you are at least 16 years old and that you have the relevant legal authority to submit your Personal Information or that of a third-party minor, to the Company or on the Company’s Website.

VI. Links to Other Websites

This Privacy Policy does not address, and we are not responsible for the privacy, information or other practices of any third parties.  This Privacy Policy applies only to this Website and the Company’s Services.  It does not apply to any third-party sites, and the inclusion of a link does not imply endorsement of the linked site or service by us or by our affiliates.

 

We are not responsible for the collection, usage and disclosure policies and practices (including the data security practices) of other organizations, such as Facebook, Instagram, TikTok, LinkedIn, X or any other app developers, app provider, social media platform provider, operating system provider, wireless service provider or device manufacturer, including any Personal Information you disclose to other organizations through or in connection with the Website or Services.

VII. Security

We maintain reasonable and appropriate, although not infallible, security precautions.  However, we cannot guarantee that hackers or unauthorized personnel will not gain access to your Personal Information, despite our reasonable efforts.  You should note that in using the Website, app, and/or our related Services, your information will travel through third-party infrastructures which are not under our control.  Please feel free to raise any questions, concerns or specific directions you may have regarding the privacy and security of your information to accounts@tsecond.us.

VIII. Data Retention

In general, we retain the data we collect for different periods of time depending on what it is and how we use it. We will retain your Personal Information for five (5) years, however we will retain some Personal Information for longer periods of time when necessary for legitimate business purposes or for legal purposes (which may include security, fraud and abuse prevention, or financial record-keeping), or insofar your data it is connected with providing you with ongoing Services. Our data retention period may change in the future if a longer retention period is required or permitted by law.

IX. Do Not Track

Your browser setting may allow you to automatically transmit a “Do Not Track” signal to websites you visit. The Company’s Website DOES NOT respond to “Do Not Track” signals or other mechanisms from a visitor’s browser. If, in the future, we create a program or protocol to respond to such web browser “Do Not Track” signals, we will inform you of the details of that protocol in this Privacy Policy. To find out more about “Do Not Track,” please visit https://www.allaboutdnt.com.

X. Advertising/Google Ads

On this Website, the Company has integrated Google Ads. Google Ads is a service for Internet advertising that allows the advertiser to place ads in Google search engine results and the Google advertising network. Google Ads allows an advertiser to pre-define specific keywords with the help of which an ad on Google’s search results only then displays when the user utilizes the search engine to retrieve a keyword-relevant search result. In the Google Advertising Network, the ads are distributed on relevant web pages using an automatic algorithm, taking into account the previously defined keywords.

The operating company of Google Ads is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

The purpose of Google Ads is the promotion of our website by the inclusion of relevant advertising on the websites of third parties and in the search engine results of the search engine Google and an insertion of third-party advertising on our website.

If a data subject reaches our website via a Google ad, a conversion cookie is filed on the information technology system of the data subject through Google. The definition of cookies is explained above. A conversion cookie loses its validity after 30 days and is not used to identify the data subject. If the cookie has not expired, the conversion cookie is used to check whether certain sub-pages, e.g, the shopping cart from an online shop system, were called up on our website. Through the conversion cookie, both Google and the controller can understand whether a person who reached a Google Ads ad on our website generated sales, that is, executed or canceled a sale of goods.

The data and information collected through the use of the conversion cookie is used by Google to create visit statistics for our website. These visit statistics are used in order to determine the total number of users who have been served through Google Ads ads to ascertain the success or failure of each Google Ads ad and to optimize our Google Ads ads in the future. Neither our company nor other Google Ads advertisers receive information from Google that could identify the data subject.

The conversion cookie stores personal information, e.g. the Internet pages visited by the data subject. Each time we visit our Internet pages, Personal Information, including the IP address of the Internet access used by the data subject, is transmitted to Google in the United States of America. Personal Information is stored by Google in the United States of America. Google may pass the Personal Information collected through the technical procedure to third parties.

The data subject may, at any time, prevent the setting of cookies by our website, as stated above, by means of a corresponding setting of the Internet browser used and thus permanently deny the setting of cookies. Such a setting of the Internet browser used would also prevent Google from placing a conversion cookie on the information technology system of the data subject. In addition, a cookie set by Google Ads may be deleted at any time via the Internet browser or other software programs.

The data subject has a possibility of objecting to the interest based advertisement of Google. Therefore, the data subject must access from each of the browsers in use the link www.google.com/settings/ads and set the desired settings.

Further information and the applicable data protection provisions of Google may be retrieved under https://www.google.com/intl/en/policies/privacy/.

XI. Testimonials, Ratings and Reviews

If you submit testimonials, ratings, or reviews of the Services directly on our Website, any Personal Information you include will be displayed on the Website. We may also partner with third-party service providers to collect and display ratings and review content on our Website. If you provide our third-party service providers with your Personal Information in the process of submitting your rating and review, the content and Personal Information collected by a third party will be posted on our Website, absent your express instruction not to do so. If you want your testimonial, rating, or review removed from our Website at any time, please contact us at accounts@tsecond.us.

XII. Changes

This Privacy Policy may be updated from time to time for any reason, at our sole discretion.  We will notify you of any material changes to our Privacy Policy by posting the new Privacy Policy on our Website, and emailing you a copy of the revised Privacy Policy or a link to it.  You are advised to consult our Website regularly for any changes.

XIII. Incorporation into Terms of Service

By using or accessing the Website or the Services, you are accepting the practices described in this Privacy Policy, and you are consenting to our processing of your information as set forth in this Privacy Policy and as amended by us. This Privacy Policy is incorporated into, and considered a part of, the Company’s Terms of Service.

XIV. Contact Us

If you have any questions or concerns relating to our use of your Personal Information, please email accounts@tsecond.us.  Additionally, you may reach us by postal mail at: