Privacy Policy


 
homepage

(Last Update and Effective Date May 17, 2018)

Purpose of this Policy

Zix Corporation and its subsidiaries ZixCorp Systems, Inc. and ZixCorp Global Inc., 2711 N. Haskell Ave. Suite 2200, Dallas, TX 75204-2960, Greenview Data, Inc. (“Greenview Data”), 8178 Jackson Road, Suite A, Ann Arbor, MI 48103, and CM2.COM, Inc. dba Erado (“Erado”), 321 Burnett Ave. South #100, Renton, WA 98057 (collectively, “Zix,” “we,” “us” or “our”) operate Web sites located at zixcorp.com (with the exception of investor.zixcorp.com), secure-zixcorp.com, zixmessagecenter.com, zixmessagecentre.com, zixit.com, powerofeveryone.com, spamstopshere.com, greenviewdata.com, and erado.com (collectively, the “Site”), and their subdomains (with the exception of investor.zixcorp.com and related subdomains), through which users can obtain information about Zix and subscribe to services provided by Zix (“Zix services”). This Privacy Policy (“Policy”) is intended to describe the kinds of information that we may collect on the Site, how we use and share that information, how we endeavor to protect that information, how you can exercise your choices and rights, how we make changes to this Policy, and how you can contact us if you have any questions about this Policy.

Contents

Purpose of this Policy
Scope of this Policy
Potential applicability of other privacy policies
Applicability of other terms
Information that we collect
Information that we automatically collect
IP addresses and location information
Logs
Cookies
Web Beacons
Embedded Scripts
Information that third parties provide about you
How we use information that we collect
Emails and attachments
Employment applications
Information sharing and disclosure
Analytics and advertising
Social Features
Google API Services
Links and online tracking by third parties
Your ability to manage your ZixMail, ZixMessage Center, Greenview Data, or Erado account information
Security
Data storage
Guidelines regarding children
Your California privacy rights
European privacy rights
Privacy Shield
Notification of changes to this Policy
Data Controller
Privacy Policy questions, suggestions and complaints

Scope of this Policy

This Policy applies to individuals that subscribe to and use any Zix service, as well as individuals that do not subscribe to or use any Zix service but may have sent or received emails to or from users or subscribers of Zix services or who visited the Site. This Policy applies to all information collected through the Site, regardless of how you access the Site. That is to say, this Policy applies whether you are accessing our Site on a computer, mobile device like a tablet, or phone. We may also speak with you face to face (for example at a conference) or by telephone (for example when you make a support call). Those conversations are also covered by this Policy. By providing information to us when subscribing, contacting or communicating with us, or using the Site, you expressly agree to this Policy.

This Policy does not apply to information collected through the use of ZixOne, any other Zix mobile applications or any third party products or services, even if resold by Zix. For more information regarding ZixOne, click here.

Potential applicability of other privacy policies

You might use Zix services through a web portal provided by us on behalf of our customer, such as your employer, healthcare provider or financial institution. In that case, your employer, health care provider or financial institution may also have its own privacy policy that applies to your use of the Zix services, and both privacy policies may apply to you. Zix is not responsible for the privacy practices of third parties. If you are a data subjected located in Europe, please see the section below entitled “Data Controller” for more information on our relationship with our customers.
 

Applicability of other terms

Information collected by Zix through its password protected sites, such as zixmessagecenter.com, control.greenviewdata.com, and manage.erado.com, and through customer use of the Zix, Greenview Data, and Erado services is also governed, to the extent applicable to the relevant services, by Zix’s Terms and Conditions, Zix’s License and Services Agreements for the applicable services, Zix’s End User License Agreements, the Greenview Data Services Agreement, Erado’s Terms and Conditions, the SpamStopsHere Specific Terms and other applicable Services Agreements (collectively, “Terms”). Please carefully review those Terms.
 

Information that we collect


Zix collects information that you voluntarily provide when: using the Site, our products or services; participating in our surveys, contests, and other promotions; registering for our events or resources; subscribing to our email listings; applying for a job; communicating with us; or requesting that we contact you. The information we collect includes information relating to identified or identifiable natural persons. Examples of information we collect include contact information, such as names, mailing addresses, email addresses, and phone numbers; financial information, such as credit card number numbers; credentials, such as passwords, password hints, and authentication data; content data, such as the content of the messages you send to us; and resume data, such as your employment history, transcript, writing samples, and references. We also collect broad demographic and statistical information, such as your state and county of residence.

Zix collects your email address when you register to use the Zix services. Zix also receives and records your name and the credit card information that you supply if you pay to use the Zix services. In addition, Zix collects a variety of information  about users and subscribers to Zix services and about other individuals that send or receive email to or from such users and subscribers. That information includes, without limitation, email address, Zix services passwords and passphrases, email message content, and information about Zix email accounts. We also collect metadata about emails, such as header information (e.g., sender, recipient, time sent, to, from, cc, date, subject line), file structure, operating systems used, system components, and hardware used. These types of metadata information are not encrypted by Zix because they are required for email delivery and analysis. The content of email messages and attachments (including non-spam messages) will not always be encrypted if you use the advanced threat protection services, including but not limited to during spooling for delivery and on the way to quarantine. Further, if you choose to use manual review, you understand that message content will not be encrypted so that we can perform the requested manual review of the email content, which may include some non-spam messages.

If you use the Erado services, we collect communications information for archival purposes on behalf of, and as directed by, our customers. This information may include emails, texts, websites, social media messages or posts, and other forms of data or electronic communications. This information includes data about our customers and the third parties they correspond with.

If you choose to refer a friend or business entity to Zix, we will ask you for certain information about your friend or a contact at the business entity. We may contact the referred party using the contact information you provide (such as by email, postal mail, landline phone, and mobile phone, as applicable). Zix stores this information for its marketing purposes, to track the success of the referral program, and to determine our obligations under the referral program. Individuals referred through our consumer referral program may contact us at privacy@zixcorp.com to request that we cease contacting the individual in connection with the referral program.

When you request technical support, Zix collects your name, employer, email address, mailing address, and phone number in order to provide this requested service to you. You have the option of providing additional information to support including your demographic information (such as your state and country of residency), operating system, browser, Internet service provider (“ISP”), connection type and email program that you are using. We encourage you to provide the additional information so that we can determine specific regional problems (such as natural disasters or power outages caused by cuts through fiber optic cable) or isolate problems relating specifically to your particular operating system, email program or browser, thus enabling us to provide a more accurate response to your support requests.
 

Information that we automatically collect


Zix automatically receives certain information about your device and how your device interacts with our Site. Examples of such information include your device’s IP address and other device identifiers, device type, browser type (such as Chrome®, Firefox®, Internet Explorer® and Safari®), referring page, pages visited, and time spent on our Site. We use various current – and later – developed tracking technologies to collect this information, including cookies, web beacons, and embedded scripts. Zix may combine such information with other types of data it collects about you, such as your email address, and will treat that combined information in accordance with this Policy.
 

IP addresses and location information


When your Web browser or email application requests content from another device on the Internet, it automatically gives that device the address where the requested information should be sent. This is called your device's “IP address.” (IP stands for “Internet Protocol.”)

Zix and our service providers receive your IP address each time you obtain content from the Site. We may use your IP address for various purposes, including diagnosing service or technology problems that are associated with your IP address, conducting analytics, and estimating the total number of users visiting the Site from specific locales, countries or regions of the world. An IP address may generally indicate a user’s physical location. We do not, however, collect precise location data (such as GPS or mobile device coordinates). IP addresses and access times may be linked to your email address, but this combined information is for our internal use only and is not shared with third parties.
 

Logs


When you request content from the Site, information related to that request is collected and stored in log files on our servers. That information includes the date and time of the request, and the IP address of the device that requested the content. We use log files for debugging and troubleshooting purposes.
 

Cookies


If you use certain Zix services, Zix and our service providers will set cookies and similar technologies on your computer and/or your mobile device and later access those cookies in order to deliver services. A cookie is a small text file, which often includes a unique identifier, which is sent to your browser when you visit a Web site. It is then stored on your computer or mobile device. Zix uses cookies to allow you to use certain functions when you use various Zix services such as ZixPort, ZixDirect, and ZixMobility. Please read our Cookie Notice for further information about the types of cookies we set including information about how to control or delete cookies; note that our Cookie Notice does not apply to the Greenview Data or Erado services or websites, including but not limited to SpamStopsHere.

If you do not accept cookies or disable these technologies, you may not be able to use all portions or functionality of our services.
 

Web Beacons


Small graphic images or other web programming code called web beacons (also known as "clear GIFs"), which may be invisible to you, may be included in our web pages and e-mail messages. Web beacons may be used for a number of purposes, including, without limitation, to count visitors to the Site, to monitor how users navigate the Site, to count how many e-mails that were sent were actually opened or to count how many particular links were actually viewed.
 

Embedded Scripts


An embedded script is programming code that is designed to collect information about your interactions with the Site, such as the links you click on. The code is temporarily downloaded onto your device from our server or a third party service provider, is active only while you are connected to the Site, and is deactivated or deleted thereafter.
 

Information that third parties provide about you


We receive information about you from third parties who are lawfully permitted to share your information with us. For example, if you are on another web site and you provide information that the website operator indicates will be provided to Zix, that website operator will typically forward the information you provide. We may contact you using the information you provided, in accordance with your communication preferences. We may also combine the information we receive from third parties with information we collect or already maintain in order to ensure the records we hold about you are accurate and up to date. In those cases, we will apply this Policy to the combined information, plus any additional restrictions imposed by the source of the data.

In addition, we supplement the information we collect with outside records from third parties in order to provide you with information, services or goods you have requested, to enhance our ability to serve you, and to tailor our content to you. These third party sources vary over time, but have included data brokers from which we purchase demographic data, third party partners and resellers, our customers, social media platforms, lead generation providers, content sponsors, and publicly-available sources such as open government databases or data in the public domain. We may combine the information we receive from those other sources with information we collect through the Site. In those cases, we will apply this Policy to the combined information, plus any additional restrictions imposed by the source of the data.
 

How we use information that we collect


Zix uses information about you for our legitimate interests, including as follows:
  • To provide you with products, services and any renewals thereof, including but not limited to anti-spam, anti-virus, email archiving, email encryption, email hosting, and transmission services;
  • In our Zix services, to facilitate secure messaging with third parties, to communicate with you, and to monitor compliance with our Terms;
  • To notify you when you receive a Zix service email message, when a Zix service email message has failed or expired, when an intended recipient has picked up an email message you sent (if you so request), when multiple attempts to enter your Zix service passwords have failed on our Site, and when there is any change in our Terms or in the availability of various products and services;
  • To communicate with you concerning problems or malfunctions that you report;
  • To provide you with support and maintenance for products and services;
  • To notify you of any changes to your use of our Site, products, or services;
  • To respond to your inquiries;
  • To bill you for product and services;
  • To investigate, prevent, or take action regarding illegal activities, suspected fraud, safety of person or property, or violation of our policies or our other rights or interests;
  • To report on traffic levels to certain enterprise customers, such as how many of their users are sending emails and from what departments;
  • To test, analyze and improve our services and marketing;
  • To market existing and new Zix services to you; and
  • To inform you of any new or updated services or product offerings.
We also use information about you with your consent, including as follows:
  • To market existing and new Zix services to the friends or businesses you refer to Zix;To manage your participation in our surveys, contests, events, and other promotions; and
  • To fulfill any other purpose disclosed to you and with your consent.
Some of our lawful bases for processing your information stem from our customers on whose behalf we provide services.
 

Emails and attachments


Zix uses email message and attachment content in order to provide and improve our products and services. For example, if you request Zix to host and operate a ZixGateway appliance on your behalf (the Zix™ Hosted Services), we may automatically scan outbound email and attachments to determine whether they should be encrypted in accordance with your policies, to provide you with usage reports and to improve our email filters, and we may collect and retain the content and attachments of outgoing email messages until they are delivered or the messages expire in accordance with your policies. Likewise, if you subscribe to our advanced threat protection service, we may automatically and manually (with your consent) scan inbound email and attachments to protect you against advanced threats, to provide you with usage reports and to improve our email filters, and we may collect and retain the content and attachments of inbound email messages until they are delivered or the messages expire in accordance with your settings.
 

Employment applications


If you use the Site to apply to work with us (for example via www.zixcorp.com/company/careers) we will use the information you supply to process your application and to monitor recruitment statistics. We retain de-identified statistical information about applicants to help inform our recruitment activities. Zix is headquartered in the United States and employee and recruitment data is held there and in other Zix locations worldwide. Once a person has taken up employment with us, we will compile a file relating to their employment. At that stage we will give the employee more details about how we hold employee data.
 

Information sharing and disclosure


Zix will not sell or rent your information, except in the event that Zix (or some or all of its assets) is merged with, sold to, or otherwise transferred to, one or more third parties. In such an event, customer information might be included among the transferred assets and Zix reserves the right to share information it has about you. Notwithstanding any such transfer, your information will remain subject to this Policy. Our customer database could be sold separately from the rest of the business, in whole or in a number of parts. It could be that the purchaser’s business is different from ours too. If we are involved in a merger, acquisition, or sale of all or a portion of our assets, you will be notified via email and/or prominent notice on our Web site for 30 days of any change in ownership or uses of your information, as well as any choices you may have regarding your information.

Depending on the Zix service you use, Zix may share your information, or the information of your friends, family, or of others to whom you refer Zix, including but not limited to the categories of information described above in the Section entitled “Information that we collect,” public encryption codes for your email address, information about your account usage (including the number of email messages and attachments, if any, that you sent, and the list of recipients, subject and size of the combined text body of those email messages and attachments), and other information as follows:
  • with persons or companies we retain to carry out or provide support to Zix. We contractually require that those third parties use information they obtain from Zix solely for the purpose of providing these services, although we may permit them to use aggregate information which does not identify you for other purposes.
  • with your employer and/or compliance review committees for billing and auditing purposes. Your employer and/or the compliance review committee may be based in a different country from where you are based. This could mean that we would disclose your data to them anywhere in the world. By using our service you consent to that disclosure.
  • with our customers in connection with us processing your information on their behalf, including to respond to your questions, fulfill your requests, and otherwise comply with applicable law.
  • to the extent that we determine it is reasonably necessary or legally required in order for us to respond to lawful requests by public authorities (including to meet national security or law enforcement requirements), subpoenas, court orders, warrants, or other legal process.
  • when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
  • to enable a third party partner or independent reseller to contact you to facilitate the renewal, support or purchase of Zix products and services.
  • with credit card authorization processors, third-party financial institutions and related organizations for billing and payment purposes so that they can verify the credit card numbers, process the credit card payment transaction, and prevent fraud or misuse of credit card facilities.
  • with your consent or where disclosure is necessary in order to complete a transaction to which you have consented.
  • as otherwise described in this Policy.
We use testimonials from our customers, with their express consent, in order to show our customers and potential customers how Zix services have benefited others. To request removal of your information from the testimonials on our Site, contact us at privacy@zixcorp.com. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to do so and why.

Without limiting the foregoing, Zix shares with certain business partners, advertisers, and other third parties certain aggregated data that does not identify you, including usage, demographic and statistical information and analytics data collected using third party web analytics services, for various purposes except as prohibited by applicable law.
 

Analytics and advertising


To analyze traffic to our Site (excluding zixmessagecenter.com and zixmessagecentre.com), Zix uses various web analytics services, which may independently set and access their own tracking technologies (including cookies, web beacons, and embedded scripts) and collect or have access to information about you.

In addition, Zix works with network advertisers and ad agencies to serve our advertisements on other web sites, within third party applications, and across the Internet, and to provide us with information regarding the effectiveness of our advertisements. For example, if you clicked on a Zix advertisement that led you to one of our corporate sites, our service provider(s) and we may be able to determine which Zix advertisement you clicked on and where you were viewing the advertisement. However, Zix’s advertising providers do not receive information regarding your use of the ZixMessage Center or your Greenview Data or Erado accounts, such as any URL you access within the message center or email message content you view.

Zix advertisements may be targeted to your company by our advertisers based on your IP address and your web browsing activity on non-Zix websites. Zix’s advertising providers may also attempt to store a cookie or other tracking technology on your device. While we use a variety of service providers to perform advertising and analytics services, you may wish to visit www.networkadvertising.org/managing/opt_out.asp, which provides information regarding this practice by Network Advertising Initiative (“NAI”) members, including the “opt-out” procedures of NAI members. If you are visiting this site from the European Union, you may be able to “opt-out” of certain interest-based ads by visiting www.youronlinechoices.eu. Please note this does not opt you out of being served ads.  You will continue to receive generic ads. Zix does not control the information collection, use, or sharing practices of third party analytics providers or advertisers. Some of these parties may collect your information when you visit the Site or other online websites and services. We are not responsible for effectiveness of, or compliance with, any third-parties’ opt-out options or programs or the accuracy of their statements regarding their programs.
 

Social Features


Some of our Sites offer publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your information from our blog or community forum, contact us at privacy@zixcorp.com. In some cases, we may not be able to remove your information, in which case we will let you know if we are unable to do so and why. The blog or community forums may include certain social features (also known as third-party widgets), which may permit interactions that you initiate between the blog or community forums and a third party web site or service. Social features may include enabling you to “like” or “share” our content on other web sites or services, such as Facebook, Google+, Twitter, or LinkedIn. If you use social features, Zix may receive or have access to certain information about you and your use of the social features. These social features may collect your IP address, which page you are visiting on the blog or community forum, and may set a cookie to enable the social feature to function properly. Social features are either hosted by a third party or hosted directly by us. The information we collect or receive in connection with social features is subject to this Policy. The information collected and stored by the provider of the social features remains subject to the that third party’s privacy practices, including whether the third party continues to share information with us, the types of information shared, your choices with regard to what is visible to others on that third party web site or service and whether your information can be deleted from the third party site.
 

Google API Services


In connection with certain services that it provides, Zix uses Google API Services as part of an authentication and authorization framework to request access to Google user data. The Google user data we request through the Google API Services includes email addresses and basic profile information, and Zix uses such Google user data to verify user email addresses and manage the provisioning of administrator status on its domains. Any Google user data Zix collects through Google API Services is only used for such purposes and deleted after such use.
 

Links and online tracking by third parties


The Site contains links to Web sites controlled by third parties, including but not limited to investor.zixcorp.com and related subdomains. We have no control over the practices of the third party Web sites to which we link. Those Web sites may automatically collect information about your visit to their site and may use their own tracking technology (such as cookies, web beacons, or embedded scripts). Those Web sites are subject to the privacy policies of the third parties that control those Web sites, and not the Zix Privacy Policy. We encourage you to check the privacy policies of these Web sites before using them or disclosing any information to them.
 

Your ability to manage your ZixMail, ZixMessage Center, Greenview Data, or Erado account information


You may set or change your ZixMail PassPhrase and encryption codes, ZixMessage Center PassPhrase, Greenview Data, or Erado account password at any time. If you forget or would like to change your ZixMessage Center PassPhrase, you may create a new or ZixMessage Center PassPhrase by registering again.

You may request deletion or deactivation of your ZixMail, ZixMessage Center, Greenview Data, or Erado account by sending an email to privacy@zixcorp.com. Please see the “Data storage” section of this Policy to read about data storage after your account has been deleted. Please note that it may take up to 30 days for your deletion or deactivation request to come into effect.

Subject to certain exceptions, upon request and provided you provide us sufficient information to confirm your identity, we will provide you the information that you have submitted to us through your ZixMail, ZixMessage Center, Greenview Data, or Erado account for the purpose of enabling you to correct, amend, or delete any inaccuracies. You may make this request to us via email at privacy@zixcorp.com or visit the Site for online help at www.zixcorp.com/support/contact-support. If we are not able to provide the information that you are requesting within 30 days of receipt of your request, we will provide you a timeline for providing the requested information. If we deny access to your information, we will explain why access was denied and give you contact information for further inquiries regarding the denial of access. If you are unhappy with our answers you can write to our Chief Privacy Officer, who can also be reached at privacy@zixcorp.com.

If you no longer wish to receive marketing emails from Zix, you can opt-out by (1) following the instructions provided in the emails, as applicable; (2) sending an email to support@zixcorp.com; or (3) visiting the Site at www.zixcorp.com/support/contact-support.

Data subjects in Europe have additional rights as set forth in the section entitled “European Privacy Rights” below.
 

Security


Zix takes reasonable precautions, including the maintenance of reasonable physical, electronic, and procedural safeguards, to help protect your information from loss, misuse, and unauthorized or illegal access, disclosure, alteration, modification, use or destruction. Zix has implemented reasonable security measures to help protect your email address and the Zix service passwords associated with your email address from unauthorized access or disclosure, alteration, unlawful destruction or accidental loss. When appropriate, Zix uses industry-standard encryption to protect certain data (e.g., credit card numbers) during transmission. The servers on which we store your information are kept in an environment that is environmentally controlled and monitored 24 hours per day, 7 days per week. Although Zix uses reasonable efforts to help protect your information, transmission via the Internet is not completely secure and Zix cannot guarantee the security of your information. In particular, it remains your responsibility:
  • To protect against unauthorized access to your use of the Site.
  • To ensure no one else uses the Site while your machine is logged on to the Site (including by logging on to your machine through a mobile, Wi-Fi or shared access connection you are using).
  • To log off or exit from the Site when not using it.
  • To keep your password or other access information secret and all of your account details secure. Your Zix service passwords and log in details are personal to you and should not be given to anyone else or used to provide shared access, for example, over a network.
  • To maintain good Internet security. For example if your email account is compromised this could allow access to your account with us if you have given us those details and/or permitted access through those accounts. If your email account is compromised it could be used to ask us to reset a password and gain access to your account with us.

If you think that any of your accounts has been compromised you should change your account credentials with us, and in particular make sure any compromised account does not allow access to your account with us. You should also tell us as soon as you can so that we can try to help you keep your account secure and if necessary warn anyone else who could be affected.

Data storage


Most account information (including email addresses, public keys, names, and mailing addresses, but excluding credit card information used for payment to Zix) is stored on multiple disk storage systems at our data centers in the United States or the United Kingdom, or on servers in Canada, Singapore, and Amsterdam. This means that we redundantly store data on more than one server in one of those locations. We may also store email messages on servers outside the United States and the United Kingdom, including on servers in Canada, Singapore, and Amsterdam.

Zix stores only the salted hash of a Zix service password. This means that we don’t hold your Zix service password itself but rather a unique encrypted version of it. ZixMessage Center email messages that you send or receive via Zix services will ordinarily expire from our disk storage systems based on the expiration time set by the sender at the time the email was sent (typically 1 to 21 days from the day the email message was sent). If you request deletion of your Zix service account, that account will be deactivated and your email address and information will be removed from our user registration database associated with that Zix service within 30 days, subject to any need we have to hold onto the data for longer to meet any legal, auditing or regulatory requirements and subject to any commitments we have given to third parties – for example your employer if your employer paid for your Zix services account. You may also request deletion of all your Zix service accounts. If we do delete any of your accounts, those accounts will be reinitiated if another email is sent to you using a Zix service. Email header information maintained for purposes of transaction logging, and user account information maintained for disaster recovery purposes, will be held longer than the content of email messages, as described above, in order to provide Zix services and support, including technical support and business continuity, to our customers.

If you use advanced threat protection services, including ZixProtect and SpamStopsHere, there will be particular points in time when the content of email messages and attachments (including non-spam messages) will not be encrypted, including but not limited to during spooling for delivery and on the way to quarantine. Further, if you choose to use the manual review option, the content of those emails and attachments will be stored in unencrypted form for purposes of manual review.
 

Guidelines regarding children


Zix’s Site, products, and services are not designed for or directed to children under the age of 13, and Zix does not knowingly collect personal information as defined by the Children’s Online Privacy Protection Act (“COPPA”) from anyone under the age of 13. If you are under the age of 13, please do not provide personal information of any kind whatsoever and please do not use Zix products and services or participate in Zix’s surveys, contests, events, and other promotions.
 

Your California privacy rights


When California customers provide personal information as defined by California’s “Shine the Light” to a business, they have the right to request certain disclosures if that business shares the personal information with third parties or affiliates for the third parties’ or affiliates’ direct marketing purposes. Once per calendar year the customer may request that the business provide a list of companies with which it shares the personal information for the third parties’ or affiliates’ direct marketing purposes, and a list of the categories of personal information that the business shares. As stated in this Policy, we do not share personal information with third parties or affiliates for those third parties’ or affiliates’ direct marketing purposes. California customers may request further information about our compliance with this law by e-mailing privacy@zixcorp.com or contacting us by mail at 2711 N. Haskell Avenue, Suite 2200, LB 36, Dallas, Texas 75204-2960, USA. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through this e-mail address.
 

European privacy rights


If you are a data subject in Europe, you have the right to access, rectify, or erase any personal data we have collected about you. You also have the right to data portability and the right to restrict or object to our processing of personal data we have collected about you. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different than for which it was originally collected or subsequently authorized by you. You may withdraw your consent at any time for any data processing we do based on consent you have provided to us.
 
To exercise any of these rights, contact us as set forth in the section entitled “Privacy Policy questions, suggestions and complaints” below and specify which right you intend to exercise. We will respond to your request within 30 days. We may require additional information from you to allow us to confirm your identity. Please note that we store information as necessary to fulfil the purposes for which it was collected, and may continue to retain and use the information even after a data subject request for purposes of our legitimate interests, including as necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements.

If your information has been processed by us on behalf of one of our customers and you wish to exercise any rights you have with such information, please inquire with our customer directly. If you wish to make your request directly to Zix, please provide the name of the Zix customer on whose behalf Zix processes your information. We will refer your request to that customer, and will support them to the extent required by applicable law in responding to your request.

If you have any issues with our compliance, you have the right to lodge a complaint with a European supervisory authority.
 

Privacy Shield


We are based in the U.S. and the information we collect is governed by U.S. law.  If you are accessing the Site or the Zix services from outside of the U.S., please be aware that information collected through the Site or the Zix services may be transferred to, processed, stored, and used in the U.S. and other jurisdictions. Data protection laws in the U.S. and other jurisdictions may be different from those of your country of residence. Your use of the Service or Zix services therefore constitutes your consent to the transfer to and from, processing, usage, sharing, and storage of your information in the U.S. and other jurisdictions as set forth in this Policy. If your data is collected in Europe, we will transfer your personal data subject to appropriate or suitable safeguards, such as the Privacy Shield Framework discussed below.
 
Zix participates in the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from the European Union to the U.S. Zix has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, and recourse, enforcement and liability. For purposes of this section, Zix refers to the following U.S. legal entities: Zix Corporation, ZixCorp Systems, Inc., ZixCorp Global Inc., and Greenview Data, Inc.
 
In accordance with our obligations under the Privacy Shield, and subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission, we hereby affirm our commitment to subject to the Privacy Shield Principles all personal data transferred from the European Union in reliance on the Privacy Shield. This means that, in addition to our other obligations under the Privacy Shield Principles, we shall be liable to you for any third party agent to which we transfer your personal data and that processes such personal data in a manner that violates the Privacy Shield Principles, unless we can demonstrate that we are not responsible for the resulting damages.

For inquiries or compliants regarding our compliance with Privacy Shield, please send us an email or letter at the address specified in the “Privacy Policy questions, suggestions and complaints” section below. If we are unable to resolve your complaint directly, you may submit your complaint at no cost to you to JAMS at https://www.jamsadr.com/file-an-eu-us-privacy-shield-or-safe-harbor-claim. In the event there are residual complaints that have not been resolved by JAMS, or any other means, you may seek a non-monetary remedy through binding arbitration to be provided to you in accordance with the Privacy Shield Principles.

To learn more about the Privacy Shield Framework, and to view Zix’s certification, please visit http://www.privacyshield.gov. A list of companies certified under the Privacy Shield Framework is available at the following link: https://www.privacyshield.gov/list.
 
Zix, with the exceptions of Greenview Data and Erado, is registered with the United Kingdom Information Commissioner’s Office. Our registration number is Z304946X. You can view Zix’s registration on the UK ICO website.
 

Notification of changes to this Policy


We may update this privacy policy to reflect changes to our information practices. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.
 

Data controller


EU data protection law makes a distinction between organizations that process personal data for their own purposes (known as “controllers”) and organizations that process personal data on behalf of other organizations (known as “processors”). In limited circumstances, Zix (located at the address set forth in the section entitled “Purpose of this Policy” above) operates as a controller, such as in connection with data collected from non-subscribers who browse its Site. However, Zix generally operates as a processor on behalf of its customers that use the Zix services. The customers are the data controllers and determine the purposes for which and the manner in which personal data are to be processed by Zix. Please visit the applicable customer’s privacy policy for information about their privacy practices. Any questions that you may have relating to such personal data and your rights under data protection law should therefore be directed to the customer as the controller, not to Zix.
 

Privacy Policy questions, suggestions and complaints


If you have questions, concerns or suggestions about this Policy or Zix’s privacy practices, please contact us:

By email: privacy@zixcorp.com

By mail:
2711 N. Haskell Avenue
Suite 2200, LB 36
Dallas, Texas
75204-2960, USA
(Attn: Chief Privacy Officer)

By phone: +1 (214) 370-2200

For EU-specific requests, you can reach our EU representative at:
ZIX Corporation Limited
25 Moorgate,
London, England
EC2R 6AY
privacyglobal@zixcorp.com