Privacy Policy

Last updated: January 15, 2024  |  Effective Date: January 15, 2024

TRX Rent Inc. ("TRX Rent," "we," "us," or "our"), a corporation registered in the State of California and headquartered at 100 W San Fernando St, San Jose, CA 95113, United States, is committed to protecting the privacy and security of your personal information. This Privacy Policy describes the types of information we collect, how we use it, and your rights regarding your data under the California Consumer Privacy Act (CCPA), the General Data Protection Regulation (GDPR), and other applicable privacy laws.

1. Information We Collect

1.1 Information You Provide Directly

When you register for an account, subscribe to our services, enroll in educational courses, or contact our developer support team, we may collect the following categories of personal information:

• Identifiers such as your full name, email address, phone number, and company name.
• Professional information including your job title, company size, and industry sector.
• Account credentials including username and securely hashed passwords (we never store plaintext passwords).
• Payment information such as billing address. Note: credit card numbers are processed exclusively by our PCI-DSS compliant payment processor and are never stored on our servers.
• Communication records including support tickets, form submissions, and chat transcripts.

1.2 Information Collected Automatically

When you access our website or use our services, we automatically collect certain technical information, including:

• Device information such as your IP address, browser type and version, operating system, and device identifiers.
• Usage data including pages visited, time spent on pages, click patterns, and referring URLs.
• API usage data including request timestamps, endpoint calls, response times, and error codes associated with your account.
• Cookie data and similar tracking technologies. Please see Section 6 for details on our cookie policy.

2. How We Use Your Information

We use the personal information we collect for the following business purposes:

• To provide, maintain, and improve our SaaS platform, API services, and educational courses.
• To process subscriptions, manage your account, and provide technical support.
• To communicate with you about service updates, security notifications, and educational content relevant to your usage patterns.
• To personalize your learning experience and recommend relevant courses or API features based on your development activity.
• To analyze aggregate usage patterns to improve our VMI protocol performance and platform reliability.
• To detect, prevent, and address technical issues, fraud, and security incidents.
• To comply with legal obligations and enforce our Terms of Service.

3. Legal Basis for Processing (GDPR)

For users located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to deliver the services you have subscribed to.
• Legitimate Interests: Processing for platform improvement, security monitoring, and fraud prevention, balanced against your privacy rights.
• Consent: Processing based on your explicit consent, such as marketing communications and non-essential cookies. You may withdraw consent at any time.
• Legal Obligation: Processing required to comply with applicable laws and regulations.

4. Data Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information only in the following limited circumstances:

• Service Providers: We work with carefully selected third-party service providers who assist us in operating our platform, processing payments, delivering email communications, and providing analytics. These providers are contractually bound to process your data only as instructed by us and to maintain appropriate security measures.
• Legal Requirements: We may disclose your information when required by law, regulation, legal process, or enforceable governmental request.
• Business Transfers: In the event of a merger, acquisition, or asset sale, your personal information may be transferred as part of the transaction. We will notify you of any such change in ownership.
• With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.

5. Your Rights

5.1 California Residents (CCPA)

Under the California Consumer Privacy Act, California residents have the following rights:

• Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You may request deletion of your personal information, subject to certain legal exceptions.
• Right to Opt-Out: You have the right to opt out of the sale of your personal information. As stated above, we do not sell personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

5.2 EEA, UK, and Swiss Residents (GDPR)

Under the General Data Protection Regulation, you have the following rights:

• Right of Access: You may request a copy of the personal data we hold about you.
• Right to Rectification: You may request correction of inaccurate personal data.
• Right to Erasure: You may request deletion of your personal data under certain conditions.
• Right to Restrict Processing: You may request that we limit processing of your personal data in certain situations.
• Right to Data Portability: You may request a copy of your data in a structured, machine-readable format.
• Right to Object: You may object to processing based on legitimate interests or direct marketing.

To exercise any of these rights, please contact us at [email protected] or call us at +1 (408) 555-0144. We will respond to verified requests within 30 days for GDPR and 45 days for CCPA.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our platform, analyze usage patterns, and provide personalized content. You may configure your browser to reject cookies or alert you when cookies are being set. Note that disabling cookies may affect the functionality of certain features on our platform.

• Essential Cookies: Required for platform operation, including authentication, session management, and security. These cannot be disabled.
• Analytics Cookies: Help us understand how visitors use our website so we can improve performance and content.
• Preference Cookies: Store your settings and preferences such as language, dashboard layout, and notification preferences.

7. Data Security

We implement industry-standard security measures to protect your personal information, including:

• 256-bit TLS encryption for all data transmitted between your browser and our servers.
• AES-256 encryption at rest for all stored personal data.
• SOC 2 Type II certified infrastructure with quarterly third-party penetration testing.
• Role-based access controls limiting employee access to personal data on a need-to-know basis.
• Continuous monitoring and automated anomaly detection across our infrastructure.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Account data is retained for the duration of your subscription plus 30 days. API usage logs are retained for 13 months for performance analysis and then anonymized. You may request deletion of your data at any time by contacting our support team.

9. International Data Transfers

Our primary servers are located in the United States. If you access our services from outside the United States, your data may be transferred to and processed in the United States. For EEA, UK, and Swiss residents, we ensure adequate safeguards through Standard Contractual Clauses (SCCs) approved by the European Commission.

10. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will take immediate steps to delete that information.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. We will notify registered users of material changes via email at least 30 days before the changes take effect. The "Last updated" date at the top of this policy indicates when the latest revision was made.

12. Contact Us

If you have questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us:

• Email: [email protected]
• Phone: +1 (408) 555-0144
• Mail: TRX Rent Inc., Attn: Privacy Team, 100 W San Fernando St, San Jose, CA 95113, United States