Effective as of August 28th, 2018.
Users in the European Economic Area (“EEA”) should be sure to read the important information provided here.
- NuoDB’s Services and Client Services Data
- Personal Information We Collect
- How We Use Your Personal Information
- How We Share your Personal Information
- Your Choices
- Tracking and Targeted Advertising
- Social Media Widgets
- Payment Information
- International Data Use
- Third Party Sites and Services
- User Generated Content
- Contact Us
- Additional Information for European Union and EEA Users
Registered customers of the Service (“Clients”) use it to collect information about how their own users use Client websites, applications, services (“Client Services”) and related third-party applications ("Client Services Data”). Clients also use the Services to more efficiently route Client Services Data to their own third party applications/services and control how their own third party applications/services exchange Client Services Data.
Client Services Data may include, without limitation, information about the identity of Client users (such as name, postal address, e-mail address, IP address and phone number), as well as information about the pages users visit, the features they use, and the actions they take while using the Client Services.
We collect personal information about you in the following ways:
INFORMATION YOU GIVE US
Personal information that you may provide through the Services or otherwise communicate with us includes:
- Identity information, such as your Customer Data, Administrative and Personal Data, including first name, last name, username or similar identifier, professional titles, company name, date of birth and gender, and other information you provide during set-up, purchase, or administration of the Services;
- Contact information, such as Billing Data, including your postal address, business address, home or business email address and telephone number;
- Profile information, such as your username and password, account credentials, and preferences;
- Feedback and correspondence, such as information you provide when you request newsletters, respond to surveys and offers, notify the winners and award prizes, participate in market research activities, report a problem with Service, receive customer support or otherwise correspond with us;
- Payment and Transaction information, such as Billing Data, including payment details as described in the Payment Information section below, credit references, and other financial data; details provided pursuant to the provision of the Services, as well as information derived by the operation of the Services from such submissions, such as reports and checklists; and about purchases you make through the Services;
- Usage information, such as information about how you use the Services and interact with us; and
- Marketing information, such your preferences for receiving marketing communications and other promotional materials related to Services .
“Customer Data” is information submitted into the Services when you use the Services or when you receive customer support. “Administrative and Personal Data” is information you provide during set-up, purchase, or administration of the Services. “Billing Data” is financial qualification and information you provide as our customer when you purchase, subscribe to, renew, or expand the Services.
INFORMATION WE GET FROM OTHERS
We may obtain additional information about you from third party sources to enrich your experience with the Services and provide you with more relevant information in the Service.
INFORMATION AUTOMATICALLY COLLECTED
Our servers may also automatically record certain information about how a person uses Services (we refer to this information as “Log Data”), including both site visitors and users of NuoDB software (either, a “User”). Log Data we collect includes the User’s IP Address, HTTP protocol elements, click-stream data, search terms, browser User agent, operating system, the web page a user was visiting before accessing our services, pages or features within the Services to which a User browsed, and links within the Services in which a user clicked on.
We collect this information in server logs and by using cookies and similar tracking technologies to analyze trends, administer the website, track users’ movements around the website, and gather demographic information about our user base as a whole. See our Cookies Notice for more information.
SENSITIVE PERSONAL INFORMATION
Subject to the following paragraph, we ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Services or otherwise.
CHANGES TO YOUR PERSONAL INFORMATION
It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us by updating your registration profile or emailing us at firstname.lastname@example.org.
We use your personal information for the following purposes or as otherwise described to you at the time of collection:
TO PROVIDE THE SERVICE
If you visit our site or use our Service, we may use your personal information:
- to operate, maintain, administer and improve the Service;
- to manage and communicate with you regarding your Services , including by sending you Services announcements, technical notices, updates, security alerts, and support and administrative messages;
- to better understand your needs and interests, and personalize your experience with the Service; and
- to respond to your Service-related requests, questions and feedback.
TO SEND YOU MARKETING COMMUNICATIONS
If you request information from us, use the Services or participate in our surveys, promotions or events, we may send you NuoDB-related marketing communications as permitted by law but will provide you with the ability to opt out.
TO DELIVER YOU ADVERTISING
We and our partners may serve you ads in the Services or third party sites, including to tailor ads based on your interests and browsing history. See the Tracking and Targeted Advertising section below for more details.
TO CREATE ANONYMOUS DATA
We may create aggregated and other anonymous data from our users’ personal information. We make personal information into anonymous data by removing information that makes the data personally identifiable to you. Anonymous data does not identify you or your users and, therefore, we may disclose it to third parties as appropriate to support our business needs and for our lawful business purposes.
FOR SECURITY, COMPLIANCE, FRAUD PREVENTION AND SAFETY
We may use your personal information as we believe appropriate to (a) investigate or prevent violation of the law or our Terms of Service; (b) secure the Service; (c) protect our, your or others’ rights, privacy, safety or property; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
FOR COMPLIANCE WITH LAW; LEGAL CLAIMS
We may use your personal information as we believe appropriate to (a) comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) where permitted by law in connection with a legal investigation; and (c) to prosecute or defend legal claims.
WITH YOUR CONSENT
In some cases we may ask for your consent to collect, use or share your personal information, such as when you let us post your testimonials or endorsements in the Service.
- Services Providers. We may employ third party companies and/or individuals to administer and provide the Services on our behalf (such as marketing, customer support, hosting, website analytics, information technology and related infrastructure provision, auditing, email delivery, database management services, and other services). For example, we may store encrypted copies of our database backups in facilities provided by third party providers, such as Amazon Web Services. These third parties do not have the right to access such data.
- Payment processors. We may share your payment information to process your payments as described in the Payment Information section below.
- Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services they render to us.
- Compliance with Laws and Law Enforcement; Protection and Safety. We may disclose your personal information as we believe appropriate to government or law enforcement officials or private parties (a) for the security, compliance, fraud prevention and safety purposes described above; (b) as required by law, lawful requests or legal process, such as to respond to subpoenas or requests from government authorities; (c) where permitted by law in connection with any legal investigation; and (d) to prosecute or defend legal claims.
- Business Transfers. We may sell, transfer or otherwise share some or all of our business or assets, including your personal information, in connection with a business deal (or potential business deal) such as a merger, consolidation, acquisition, reorganization or sale of assets, or in the event of bankruptcy.
ACCESS, UPDATE, CORRECT OR DELETE YOUR INFORMATION
Upon request we will provide you with information about whether we hold any of your personal information, including any personal data in Administrative and Personal Data or Billing Data. If you wish to correct, update or request the deletion of personally identifiable information provided to us you may also contact us using the information below. We will respond to your request to access within 30 days. We will retain your information for as long as you remain identified as a potential customer or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations and to resolve disputes. Please note that customer ID or user ID cannot be changed without creating a new account and/or new user.
You may opt out of marketing-related emails by following the opt-out prompt in the email or by contacting the NuoDB Marketing Department at email@example.com. You may continue to receive service-related and other non-marketing emails.
If you gave us consent to post a testimonial to our site, but wish to update or delete it, please contact us at firstname.lastname@example.org.
CHOOSING NOT TO SHARE YOUR PERSONAL INFORMATION
If you do not provide information indicated as required or mandatory within the Service, or that is otherwise necessary to provide a requested service or feature within the Service, that portion or all of the Services may be unavailable to you.
Some Internet browsers may be configured to send a "Do Not Track" request to the online services that you visit. We currently do not acknowledge or operate upon this type of request. To find out more about "Do Not Track," please visit http://www.allaboutdnt.com
In some of our communications, we track clicks on links in the communications to content in the Services to help us measure the effectiveness of our communications.
Any information you use to make a purchase on the Services is neither collected nor saved by the Company, as payments are processed directly by our customers.
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about security on our website, you can contact us at email@example.com.
NuoDB is headquartered in the United States and has affiliates and service providers in other countries, and your personal information may be collected, used and stored in the United States or other locations outside of your home country. Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country.
European Union users should read the important information provided here about transfer of personal information outside of the European Economic Area.
The Services may contain links to other websites and services operated by third parties, such as social media platforms, advertising services and other websites and applications. These links are not an endorsement of, or representation that we are affiliated with, any third party. We do not control third party websites, applications or services, and are not responsible for their actions. Other websites and services follow different rules regarding their collection, use and disclosure of your personal information. We encourage you to read their privacy policies to learn more.
We may make available in the Service, or link to, features that allow you to share information online (e.g., on message boards, in chat areas, in file uploads, through events, etc.). Please be aware that whenever you voluntarily disclose personal information online, that information becomes public and can be collected and used by others. We have no control over, and take no responsibility for, the use, storage or dissemination of such publicly-disclosed personal information. By posting personal information online in public forums, you may receive unsolicited messages from other parties.
The Services is not directed at, and NuoDB does not knowingly acquire or receive personal information from, children under the age of 16. If we learn that any user of the Services is under the age of 16, we will take appropriate steps to delete that individual’s personal information and restrict that individual from future access to the Service.
150 Cambridge Park Drive
Cambridge, MA 02140
Attention: Legal Department
Phone: (617) 500-0001
If you are based within the European Economic Area (“EEA”) or another jurisdiction with similar data protection laws, you have the following rights in certain circumstances: to be told how your information is used and obtain access to your information; to have your information rectified or erased or place restrictions on processing your information; to object to the processing of your information (e.g. for direct marketing purposes); to have the information you provided on an automated basis returned to you in a structured, commonly used and machine-readable format, or sent directly to another company, where technically feasible (“data portability”); where the processing of your information is based on your consent, the right to withdraw that consent subject to legal or contractual restrictions; to object to any decisions based on the automated processing of your personal data, including profiling; and to file a complaint with the applicable supervisory authority responsible for data protection matters.
CONTROLLER, DATA PROTECTION OFFICER AND EU REPRESENTATIVE
NuoDB UK Ltd.
Highlands House Basingstoke Road
Spencer Woods, Reading, Berkshire, England
LEGAL BASES FOR PROCESSING
We only use your personal information, including such information found in the Administrative and Personal Data and Billing Data, as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below. If you have questions about the legal basis of how we process your personal information, contact us at firstname.lastname@example.org.
|Processing Purpose||Legal Basis|
||These processing activities constitute our legitimate interests. We consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).|
For compliance with law
Processing is necessary to comply with our legal obligations
With your Consent
Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Services or by contacting us at email@example.com.
USE FOR NEW PURPOSES
We will only retain your personal information and other information, including customer data, administrative data, or billing data, for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
European data protection laws give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
- Opt-out. Stop sending you direct marketing communications. You may continue to receive Service-related and other non-marketing communications.
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete. Delete your personal information.
- Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. Restrict the processing of your personal information.
- Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You can submit these requests by email to firstname.lastname@example.org or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
CROSS-BORDER DATA TRANSFER
If we transfer your personal information out of the European Economic Area or Switzerland and are required to apply additional safeguards to your personal information under European data protection legislation, we will do so. Such safeguards may include applying the European Commission Model contracts for the transfer of personal data to third countries described here: (ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en#international-data-transfers-using-model-contracts), or for transfers to third parties in the United States, ensuring they participate in the EU-U.S. Privacy Shield Framework or Swiss-U.S. Privacy Shield Framework. Please contact us for further information about any such transfers or the specific safeguards applied.
NuoDB itself has self-certified to the EU-U.S. and Swiss-U.S. Privacy Shield. For more information, see our Privacy Shield Notice.
Last Updated: August 7th, 2018
WHAT ARE “COOKIES”?
Cookies are small data files stored in your browser by a website. Each cookie is a piece of information sent to a browser by a web server. The browser then returns that information to the web server. This is how some websites “remember” your previous visits; for example, an e-commerce site might use a cookie to remember which items you’ve placed in your online shopping cart. Cookies can also store user preference information, log-in data, etc. Cookies let sites provide you with tailored information.
Cookies transmit information about your use of the site to its operator or to third parties that placed the cookie. Some cookies are “session cookies” that expire when you close your browser, and others are “persistent cookies” that stay on your computer or mobile device until you delete them.
Our cookies are non-identifiable, meaning we can’t (and don’t want to) identify you or any individual person via this data. We collect cookie data to help improve our web site and our clients’ web sites. Our sites and applications use both session and persistent cookies to enable you to sign in and use our sites and applications, store your preferences and settings within them; analyze how they perform, personalize your experience with them, provide interest-based advertising, facilitate social media interaction; help you reach the right page; and for other lawful purposes. We may also use other similar technologies for these purposes, such as web pixels that track browsing activity, social media widgets that facilitate interaction with social media platforms and unique device identifiers. In some cases, these cookies and similar technologies are used by third parties.
The cookies and similar technologies used in our sites are as follows:
Essential to provide you with services available through our sites and to enable you to use some of their features. We cannot provide the services our users request without them.
Allow our sites to remember the choices you make when you use our sites. Intended to provide you with a more personal experience and to avoid you having to re-select your preferences every time you visit our sites.
Allow you to log into our sites by using your Google or Facebook account credentials.
Collect information about traffic to our sites and how our users use them, such as the number of visitors, the websites that referred them, the pages they visited, what time of day they visited, whether they have visited before, what features they used and other similar information. We use this information to help operate and improve our sites.
Google Analytics. Learn more information about Google Analytics cookies here and about how Google protects your data here. You can prevent the use of Google Analytics relating to your use of our sites by downloading and installing the browser plugin available here.here.
Used by advertising companies to collect information about how you use our sites and other sites and applications over time. These companies use this information to show you ads they believe will be relevant to you within our sites and elsewhere, and to measure how the ads perform.
Used by social media widgets that enable “like” buttons and allow you to share content within our sites and applications on social media. Your social media platform may be able to link information or actions about your interactions with our sites and applications to your account with them.
Facebook, Twitter, LinkedIn, YouTube
Please see your social media platform’s privacy policies for more details.
Disabling cookies. Most browsers let you remove or reject cookies. To do this, follow the instructions in your browser settings. Many browsers accept cookies by default until you change your settings. For more information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org. If you do not accept our cookies, you may experience some inconvenience on our sites. For example, you may not be able to store preferences in our sites. If you disable cookies, certain features of our website may not work.
For more information about targeting and advertising cookies and how you can opt out, you can visit the Network Advertising Initiative’s opt-out page, the Digital Advertising Alliance’s opt-out page, or youronlinechoices.eu.
Effective as of December 17, 2018.
NuoDB, Inc. (“NuoDB” or “we”, “us” or “our”) complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data transferred to it in the United States from the European Economic Area (“EEA”) or Switzerland, respectively. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles. To learn more about the Privacy Shield program, the Privacy Shield Principles and to view our certification, please visit www.privacyshield.gov.
Scope. Our certification of adherence to the Privacy Shield Principles applies to the personal data that (a) we collect from our customers and other visitors to our website for account management, billing or marketing purposes (“NuoDB User Data”), (b) that we process on behalf of our customers in providing online services to them under a service agreement (“Services Data”) and (c) we collect about our employees (past or present) collected in the context of the employment relationship (“HR Data”). NuoDB commits to cooperate with the panel established by the EU data protection authorities (DPAs) and comply with the advice given by the panel with regard to HR Data transferred from the EU in the context of the employment relationship. Please contact us to be directed to the relevant DPA contacts.
Inquiries and complaints. If you believe NuoDB maintains your personal data within the scope of our Privacy Shield certification, you may direct any inquiries or complaints concerning our Privacy Shield compliance to email@example.com. If you are located in the EEA or Switzerland and have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/about/submitacase
Arbitration. If you are located in the EEA or Switzerland and neither NuoDB nor our dispute resolution provider resolves your complaint, you may be entitled to invoke binding arbitration under certain conditions more fully described on the Privacy Shield website.
- Service Providers. We may employ third party companies and individuals to administer and provide the Service on our behalf (such as customer support, hosting, website analytics, email delivery, database management services). NuoDB maintains contracts with these service providers restricting their access, use and disclosure of personal data in compliance with our Privacy Shield obligations, including the onward transfer provisions, and we may be liable if they fail to meet those obligations and we are responsible for the event giving rise to damage.
- Legal requirements. We may disclose Services Data if required to do so by law in order to (for example) respond to a subpoena or request from law enforcement, a court or a government agency, or in the good faith belief that such action is necessary (a) to comply with a legal obligation, (b) to protect or defend our rights, interests or property or that of third parties, (c) to prevent or investigate possible wrongdoing in connection with the services, (d) to act in urgent circumstances to protect the personal safety of customers, their users or the public; or (e) to protect against legal liability.
- Business Transfers. As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Services Data may be part of the transferred assets.
In addition, we may be required to disclose any personal data that we process in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Your rights to access, to limit use, and to limit disclosure. Individuals in the EEA and Switzerland have rights to access personal data about them, and to limit use and disclosure of their personal data. With our Privacy Shield self-certification, we have committed to respect those rights. We process Services Data only on behalf of our customers in accordance with their instructions. This means that if you wish to access Services Data and request that we correct, amend or delete it if it is inaccurate or processed in violation of Privacy Shield, you should contact that customer with your request. We will then help them to fulfil that request in accordance with their instructions.
If your personal data includes NuoDB Personal Data, you can request access to that data and request that we correct amend, or delete it if it is inaccurate or processed in violation of Privacy Shield by emailing your request to firstname.lastname@example.org. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.
U.S. Federal Trade Commission Enforcement. NuoDB’s commitments under the Privacy Shield are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
If there is any conflict between the terms in this Privacy Shield Notice and the Privacy Shield Principles, the Privacy Shield Principles shall take precedence.
Following the European Union Court of Justice’s invalidation of the EU-US Privacy Shield Framework, we will no longer rely on the EU-US Privacy Shield as a mechanism of international data transfer until further notice.
Nevertheless, we do remain committed to maintaining our self-certification under the EU-US Privacy Shield Principles and will respect its principles, as an additional measure of protection of its users’ privacy, until further notice.