2. Collection of Anonymous, Passive Information.2.1
We reserve the right to monitor your use of this Website. As you navigate through this Website, certain anonymous information may be passively collected (that is, gathered without you actively providing the information) using various technologies, such as cookies, Internet tags or web beacons, and navigational data collection (log files, server logs, clickstream). The following is the list and a brief explanation of passive information collection methodologies, which we may use from time to time to better understand how this Website is being used.2.2.
A “cookie” is a text file that this Website sends to your browser in the form of a text file. The information generated by the cookie about your use of this Website (including your IP address) will be transmitted to us and stored. Most browsers automatically accept cookies, but they usually can be modified to decline cookies if you prefer; however, certain features of this Website may not work without cookies.
2.3 “Session” cookies are temporary bits of information that are used to improve navigation, block visitors from providing information where inappropriate (the Website “remembers” previous entries of age or country of origin that were outside the specified parameters and blocks subsequent changes), and collect aggregate statistical information on the Website. They are erased once you exit your web browser or turn off your computer.
2.4 “Persistent” cookies are more permanent bits of information that are placed on the hard drive of your computer and stay there unless you delete the cookie. Persistent cookies store information on your computer for a number of purposes, such as retrieving certain information you have previously provided, helping to determine what areas of the Website you may find most valuable, and customizing the Website based on your preferences on an ongoing basis. Persistent cookies placed by this Website in your computer do not hold Personal Information.
2.5 You can set your browser to accept all cookies, to reject all cookies, or to notify you whenever a cookie is offered so that you can decide each time whether to accept it or not. To learn more about cookies and how to specify your preferences, please search for “cookie” in the “Help” portion of your browser.
2.6 An Internet Protocol (IP) address is a number assigned to your computer by your Internet service provider so you can access the Internet and is generally considered to be non-Personal Information (some exceptions apply), because in most cases an IP address is dynamic (changing each time you connect to the Internet), rather than static (unique to a particular user’s computer). The IP address can be used to diagnose problems with a server, report aggregate information, determine the fastest route for your computer to use in connecting to the Website, and administer and improve the Website.
2.7 “Internet tags” (also known as Web Beacons, single-pixel GIFs, clear GIFs, invisible GIFs, and 1-by-1 GIFs) are smaller than cookies and tell a website server information such as the IP address and browser type related to a visitor’s computer. Tags may be placed both on online advertisements that bring people to a website and on different pages of a website. Such tags indicate how many times a page is opened and which information is consulted.
2.8 “Navigational data” (log files, server logs, and clickstream data) are used for system management, to improve the content of the Website, market research purposes, and to communicate information to visitors.
3. Use and Sharing of Anonymous, Passive Information.Tis Website may make full use of passively collected anonymous information, including without limitation the right to use such information to provide better service to Website visitors, customize the Website based on your preferences, compile and analyze statistics and trends, and otherwise administer and improve this Website for your use. We reserve the right to share this anonymous, passive information in aggregated form.
4. Use of Third Party Cookies.We reserve the right to use web analytics services provided by third parties. These web analytics services use their own cookies that collect anonymous, passive information about your use of this Website (see explanation of cookies in Collection of Anonymous, Passive Information above). We use this information for the purpose of evaluating your use of this Website, compiling reports on Website activity, and providing you with services. These web analytics services may also transfer this information to third parties if required to do so by law. We do not have access or control over such cookies.
5. Collection of Personal Information.
“Personal Information,” also known as personal data or personally identifiable information, is any information related to an identifiable person.
Company may collect Personal Information from you when you:
- sign up for an account;
- fill out a survey or request a Demo form; and
- reach out to the Company via Contact Form, Support Form, or Intercom Form.
Personal Information we may collect: name, physical address, email address, phone number, company name, profile picture and any Personal Information you choose to provide to us voluntarily.
When you try to sign up to be our partner, we may collect the following company information from you: company name (name of parent company if this one is a division or subsidiary), type of business, primary contact details, tax ID, contact information of your legal support, and other company related information.
Please keep in mind that we do not collect your payment information. When you make a payment via the Website, our partner BrainTree collects and processes that information on our behalf.
6. Using and Sharing Your Personal Information: General Policy and Exceptions.6.1
Company may use Personal Information for responding to and processing inquiries, orders and service requests or generally for any other purpose related to the original purpose for which the Personal Information was collected. Company also may use Personal Information to support your relationship with Company by designing services suitable to your needs, as well as to provide general product or service support and updates, and/or to alert you about new product or service offerings as they become available. This Information may also be used to provide you with notices about your purchases, your use of the products or services, and to carry out Company’s obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection purposes.
We will not share, sell, or rent your Personal Information to others. The only exceptions to this general policy: (i) are described in the subsections below, and (ii) if you explicitly approve such usage through our Website. We may at times combine your Personal Information with passively collected information in order to personalize this Website and offers we may present to you, but we will only do so where and to the extent explicitly approved by you.6.2
Affiliates and Service Providers.
6.3 Acquisition; Bankruptcy.
In the event that we are acquired by or merged with a third party entity, we reserve the right to transfer such Personal Information as part of such merger, acquisition, sale, or other change of control. In the unlikely event of our bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we reserve the right to transfer such Personal Information to protect our rights or as required by law. You will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
6.4 Enforcement; Legal Process.
Company reserves the right to transfer such information if we have a strong belief that access, usage, preservation or disclosure of such information is reasonably necessary (i) to satisfy any applicable law, regulation, legal process or enforceable governmental request,(ii) to investigate or enforce violations of our rights or the security of our Website, or (iii) to protect your safety or the safety of others.
7. Your Content.
“Your Content” shall mean your email messages, files, contact lists, calendars, and metadata. Company will not view, access or use Content, including Personal Information within Content, except as needed to actually provide our products or services, as authorized by you in connection with product or service support. Depending on the products and services you request, we may require you to provide us with full access to your Content. Sometimes we may only need “read only” or “edit” permissions. We request access to your Content in order to perform services like Backup, Recovery, Scanning, Monitoring, Blocklist/Allow List Management, User management, etc. Please keep in mind that Company is not a data controller (as defined under EU GDPR) of any Content.In the course of providing product or service support requested by a Customer, Company may have incidental access to Content. Any Customer request for product or service support will be deemed express permission for us to access your Content as needed for the limited purposes of providing the requested product or service support.
Moreover, our automated system analyzes your Content to provide you with relevant product or service features such as sensitive data search, incident response monitoring results, data audit results, and ransomware detection. This analysis occurs during the backup process.
We highly recommend all account owners including SB Staff members to not store within their accounts in any form, be it via a table, script, function, file, pdf, image or any other means: Social Security Numbers (SSNs), credit card numbers, passport numbers, bank account numbers or bank account routing numbers.
9. Data Protection & Security.
We follow generally accepted industry standards to protect your Personal Information. To read more on how we protect your Personal Information please visit our Data Protection and Security page.
Unfortunately, no data transmission over the Internet or method of data storage can guarantee 100% protection. While we strive to protect your Personal Information by following generally accepted industry standards, we cannot ensure or warrant the absolute security of any information you transmit to us.
12. Links to Other Sites Including Online Ads.Occasionally, at our discretion, we may include or offer ads on our Website. These ads may contain links that would lead to third party or affiliate websites. We encourage you to read privacy policies of such third parties or affiliates before buying any product or service from them. Nonetheless, we seek to protect the integrity of our Website and services and welcome any feedback about these third party websites.
13. Blog; Support Form; Feedback.
Our Website offers publicly accessible blog, when anyone can leave a comment. You should be aware that any information you provide in a comment may be read, collected, and used by the public. To request removal of your Personal Information from our blog, contact us at firstname.lastname@example.org
. In some cases, we may not be able to remove your Personal Information, in which case we will let you know that we are unable to do so and why.We also have a Support Form, where you may leave any comment to us. If you leave any feedback, review, or suggestion about the Website or our products and services (collectively, “Feedback”
) via the Website, phone or email, you hereby assign to Company all rights in the Feedback and agree that Company shall have the right to use such Feedback and related information in any manner it deems appropriate. We will
treat any Feedback you provide to us as non-confidential and non-proprietary. You agree that you will not submit to us any information or ideas that you consider to be confidential or proprietary.
15. Children’s Online Policy.We are committed to protecting children’s Personal Information and comply with the strictest privacy laws (COPPA, EU GDPR, UK GDPR) out there. We do not knowingly collect or solicit Personal Information from anyone under the age of majority. If you are a minor, please do not send any information about yourself to us, including your name, address, telephone number, or email address. In the event that we learn that we have collected Personal Information from a minor, we will delete that information as quickly as possible. Please contact us if you believe we may have collected information from a minor.
16. EU-U.S. and Swiss-U.S. Privacy Shield Framework.
Company complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information transferred from European Union member countries (including EEA member countries) and the UK as well as Switzerland, respectively. Company has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. Company remains responsible for any of your personal information that is shared under the Onward Transfer Principle with third parties for external processing on our behalf, as described in the “Using and Sharing Your Personal Information” section. To learn more about the Privacy Shield program, please visit the Privacy Shield
website.Company is subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC). You may also refer a complaint to your local data protection authority and we will work with them to resolve your concern. In certain circumstances, the Privacy Shield Framework provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.
Notwithstanding the foregoing, we no longer rely on the EU-U.S. Privacy Shield to transfer data that originated in the EEA or the UK to the U.S. Instead, we rely on Model Contract Clauses.
17. Model Contract Clauses.
The European Commission has approved the use of model contract clauses
as a means of ensuring adequate protection when transferring data outside of the EEA. By incorporating model contract clauses into a contract established between the parties transferring data, personal data is considered protected when transferred outside the EEA or the UK to countries which are not covered by an adequacy decision. We rely on these model contract clauses for data transfers.
18. Your Rights Under EU and UK GDPR.
The European General Data Protection Regulation (“GDPR”) is a regulation in EU law on data protection and privacy for all natural persons accessing the Internet from the European Union and the European Economic Area, whatever their nationality or place of residence is. It also addresses the transfer of personal data outside the EU and EEA areas.Because the UK left the UE, the UK now has its own version of GDPR known as the UK-GDPR. It is almost identical to EU GDPR. Therefore, we combined rights of those who access or use this Website from the from the European Union, the European Economic Area, and the UK under one section.
If you are accessing and using the Website from the European Union, the European Economic Area, or the UK, you have the following rights with regard to your Personal Information:
- the right of access (you can request us to provide you verbally or in writing with the type of information we store about you and we have a month to respond to your request);
- the right to rectify (amend/correct) any Personal Information about you that is inaccurate;
- the right to erasure (some conditions apply, see Data Retention section below);
- the right to restrict processing your Personal Information, however, if you restrict us from processing a part of your Personal Information that is essential to our provision of the Website, you may be asked to terminate your subscription or services and stop using the Website;
- the right to data portability (the right to data portability allows users of the Website to obtain and reuse their Personal Information for their own purposes across different services; you may request us to transmit your Personal Information directly from our servers to another company’s servers and we will do so if it is technically feasible);
- the right to object (for example, you have an absolute right to stop us from using your Personal Information for direct marketing – read our opt-out instructions below; you may express your objection verbally or in writing and we have a month to respond to any such objection; we might still continue processing your Personal Information if we are able to show that we have a compelling reason for doing so);
- the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or that affects you significantly.
We represent and warrant that your Personal Information is:
- processed lawfully, fairly and transparently;
- collected only for specific legitimate purposes;
- collection of personal data is adequate, relevant and limited to what is necessary;
- accurate and kept up to date (with your help);
- stored only as long as is necessary; and
- is secure and kept in confidence.
Data Retention: Generally, your Personal Information will be erased when (i) it is no longer needed for its original processing purpose, (ii) you withdraw your consent for us to store by deleting your Account, (iii) there is no preferential justified reason for the processing of your Personal Information and you object to our processing of your Personal Information, or (iv) erasure of your Personal Information is required in order to fulfil a statutory obligation under the UK law, EU law or the right of the EU Member States. Therefore, we will make sure your Personal Information will be erased under all of the above-mentioned circumstances. You may request us to erase your Personal Information verbally or in writing and we have one (1) month to respond to any such request.
Data Breach Notification: Should there be a personal data breach leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed, we will notify you and appropriate supervisory authority without undue delay and, where feasible, not later than seventy-two (72) hours after having become aware of it.
19. Changing, Deleting And Updating Personal Information.
Upon request, we will permit you to request or make changes or updates or delete your Personal Information. We request identification prior to approving such requests. We reserve the right to permit you to access your Personal Information in any account you establish within our Website for purposes of making your own changes or updates. Should you need to make any changes to your Personal information, you may send us your request by contacting us at email@example.com