All capitalized terms not defined herein are defined in our Terms of Service.
2.2. A “cookie” is a text file that this Website sends to your browser in the form of a text file. The information generated by the cookie about your use of this Website (including your IP address) will be transmitted to us and stored. Most browsers automatically accept cookies, but they usually can be modified to decline cookies if you prefer; however, certain features of this Website may not work without cookies.
2.3 “Session” cookies are temporary bits of information that are used to improve navigation, block visitors from providing information where inappropriate (the Website “remembers” previous entries of age or country of origin that were outside the specified parameters and blocks subsequent changes), and collect aggregate statistical information on the Website. They are erased once you exit your web browser or turn off your computer.
2.4 “Persistent” cookies are more permanent bits of information that are placed on the hard drive of your computer and stay there unless you delete the cookie. Persistent cookies store information on your computer for a number of purposes, such as retrieving certain information you have previously provided, helping to determine what areas of the Website you may find most valuable, and customizing the Website based on your preferences on an ongoing basis. Persistent cookies placed by this Website in your computer do not hold Personal Information.
2.5 You can set your browser to accept all cookies, to reject all cookies, or to notify you whenever a cookie is offered so that you can decide each time whether to accept it or not. To learn more about cookies and how to specify your preferences, please search for “cookie” in the “Help” portion of your browser.
2.6 An Internet Protocol (IP) address is a number assigned to your computer by your Internet service provider so you can access the Internet and is generally considered to be non-Personal Information (some exceptions apply), because in most cases an IP address is dynamic (changing each time you connect to the Internet), rather than static (unique to a particular user’s computer). The IP address can be used to diagnose problems with a server, report aggregate information, determine the fastest route for your computer to use in connecting to the Website, and administer and improve the Website.
2.7 “Internet tags” (also known as Web Beacons, single-pixel GIFs, clear GIFs, invisible GIFs, and 1-by-1 GIFs) are smaller than cookies and tell a website server information such as the IP address and browser type related to a visitor’s computer. Tags may be placed both on online advertisements that bring people to a website and on different pages of a website. Such tags indicate how many times a page is opened and which information is consulted.
2.8 “Navigational data” (log files, server logs, and clickstream data) are used for system management, to improve the content of the Website, market research purposes, and to communicate information to visitors.
Company may collect Personal Information from you when you:
- sign up for an account;
- fill out a survey or request a Demo form; and
- reach out to the Company via Contact Form, Support Form, or Intercom Form.
Personal Information we may collect: name, physical address, email address, phone number, company name, profile picture and any Personal Information you choose to provide to us voluntarily.
When you try to sign up to be our partner, we may collect the following company information from you: company name (name of parent company if this one is a division or subsidiary), type of business, primary contact details, tax ID, contact information of your legal support, and other company related information.
Please keep in mind that we do not collect your payment information. When you make a payment via the Website, our partner BrainTree collects and processes that information on our behalf.
We will not share, sell, or rent your Personal Information to others. The only exceptions to this general policy: (i) are described in the subsections below, and (ii) if you explicitly approve such usage through our Website. We may at times combine your Personal Information with passively collected information in order to personalize this Website and offers we may present to you, but we will only do so where and to the extent explicitly approved by you.
6.2 Affiliates and Service Providers.
6.3 Acquisition; Bankruptcy.
In the event that we are acquired by or merged with a third party entity, we reserve the right to transfer such Personal Information as part of such merger, acquisition, sale, or other change of control. In the unlikely event of our bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we reserve the right to transfer such Personal Information to protect our rights or as required by law. You will be notified via email and/or a prominent notice on our Website of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
6.4 Enforcement; Legal Process.
Company reserves the right to transfer such information if we have a strong belief that access, usage, preservation or disclosure of such information is reasonably necessary (i) to satisfy any applicable law, regulation, legal process or enforceable governmental request,(ii) to investigate or enforce violations of our rights or the security of our Website, or (iii) to protect your safety or the safety of others.
In the course of providing product or service support requested by a Customer, Company may have incidental access to Content. Any Customer request for product or service support will be deemed express permission for us to access your Content as needed for the limited purposes of providing the requested product or service support.
Moreover, our automated system analyzes your Content to provide you with relevant product or service features such as sensitive data search, incident response monitoring results, data audit results, and ransomware detection. This analysis occurs during the backup process.
We highly recommend all account owners including SB Staff members to not store within their accounts in any form, be it via a table, script, function, file, pdf, image or any other means: Social Security Numbers (SSNs), credit card numbers, passport numbers, bank account numbers or bank account routing numbers.
Any Personal Information which we may collect on this Website will be stored and processed in our servers located in the United States, Australia, and Europe. If you reside outside of these areas, by using this Website you consent to the transfer of Personal Information outside your country of residence.
Unfortunately, no data transmission over the Internet or method of data storage can guarantee 100% protection. While we strive to protect your Personal Information by following generally accepted industry standards, we cannot ensure or warrant the absolute security of any information you transmit to us.
We also have a Support Form, where you may leave any comment to us. If you leave any feedback, review, or suggestion about the Website or our products and services (collectively, “Feedback”) via the Website, phone or email, you hereby assign to Company all rights in the Feedback and agree that Company shall have the right to use such Feedback and related information in any manner it deems appropriate. We will
treat any Feedback you provide to us as non-confidential and non-proprietary. You agree that you will not submit to us any information or ideas that you consider to be confidential or proprietary.
Company is subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC). You may also refer a complaint to your local data protection authority and we will work with them to resolve your concern. In certain circumstances, the Privacy Shield Framework provides the right to invoke binding arbitration to resolve complaints not resolved by other means, as described in Annex I to the Privacy Shield Principles.
Notwithstanding the foregoing, we no longer rely on the EU-U.S. Privacy Shield to transfer data that originated in the EEA or the UK to the U.S. Instead, we rely on Model Contract Clauses.
Because the UK left the UE, the UK now has its own version of GDPR known as the UK-GDPR. It is almost identical to EU GDPR. Therefore, we combined rights of those who access or use this Website from the from the European Union, the European Economic Area, and the UK under one section.
If you are accessing and using the Website from the European Union, the European Economic Area, or the UK, you have the following rights with regard to your Personal Information:
- the right of access (you can request us to provide you verbally or in writing with the type of information we store about you and we have a month to respond to your request);
- the right to rectify (amend/correct) any Personal Information about you that is inaccurate;
- the right to erasure (some conditions apply, see Data Retention section below);
- the right to restrict processing your Personal Information, however, if you restrict us from processing a part of your Personal Information that is essential to our provision of the Website, you may be asked to terminate your subscription or services and stop using the Website;
- the right to data portability (the right to data portability allows users of the Website to obtain and reuse their Personal Information for their own purposes across different services; you may request us to transmit your Personal Information directly from our servers to another company’s servers and we will do so if it is technically feasible);
- the right to object (for example, you have an absolute right to stop us from using your Personal Information for direct marketing – read our opt-out instructions below; you may express your objection verbally or in writing and we have a month to respond to any such objection; we might still continue processing your Personal Information if we are able to show that we have a compelling reason for doing so);
- the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or that affects you significantly.
We represent and warrant that your Personal Information is:
- processed lawfully, fairly and transparently;
- collected only for specific legitimate purposes;
- collection of personal data is adequate, relevant and limited to what is necessary;
- accurate and kept up to date (with your help);
- stored only as long as is necessary; and
- is secure and kept in confidence.
Data Retention: Generally, your Personal Information will be erased when (i) it is no longer needed for its original processing purpose, (ii) you withdraw your consent for us to store by deleting your Account, (iii) there is no preferential justified reason for the processing of your Personal Information and you object to our processing of your Personal Information, or (iv) erasure of your Personal Information is required in order to fulfil a statutory obligation under the UK law, EU law or the right of the EU Member States. Therefore, we will make sure your Personal Information will be erased under all of the above-mentioned circumstances. You may request us to erase your Personal Information verbally or in writing and we have one (1) month to respond to any such request.
Data Breach Notification: Should there be a personal data breach leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed, we will notify you and appropriate supervisory authority without undue delay and, where feasible, not later than seventy-two (72) hours after having become aware of it.