Privacy and Data Protection Policy
Xtype.IO Ltd. (“us”, “we” or “our”) operates this website (the “Website”) and the related propriety Enterprise Application Lifecycle Management Services which are provided under separate agreement (the “Subscription Services”, and collectively with the Website, the “Services”).
We collect several different types of data for various purposes to provide and improve our Services to you.
Processing of any Personal data collected from our customers in the framework of our Services is subject to terms of the Data Processing Addendum located at https://www.xtype.io/dpa.html (“DPA”).
The Personal Data You Provide
While using our Services, we may ask you to provide us with certain Personal Data, which may include, but is not limited to:
(i) Email address;
(ii) First name and last name;
(iii) Phone number;
(iv) Address, State, Province, ZIP/Postal code, City;
(v) Demographic Information;
(vi) Information concerning professional background;
(vii) Billing Information
When you contact us, or when we contact you, we may receive and process any Personal Data that you provide us.
The Personal Data that we collect
When you access our Services, our servers log certain ‘traffic/session’ information from your device, such as the country from which you use the Service, the browser type, operating system, geo-location and the Internet Protocol (IP) address. We also collect information about your activity, for example your log-in and log-out time, the duration of sessions, viewed webpages or specific content on webpages, etc. (“Usage Data“).
We do not collect any Personal Data of our customer’s end users, however we may collect Personal Data (such as the log-in details) of our Customers’ personnel in connection with provision of our Services.
Aggregated and Analytical Information
We may use Google Analytics and additional or other analytics tools, from time to time, to learn about how users use the website and Subscription Services, in support of our Service-related activities and operations. The privacy practices of these tools are subject to their own privacy policies and they use their own cookies to provide their service (for further information about cookies, please see the ‘Cookies’ section in this policy).
You can also read How Google uses data when you use Google partners’ sites or apps at: https://policies.google.com/technologies/partner-sites
Tracking & Cookies Data
Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Services.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services.
You can find more information about cookies and other online tracking technologies through the US Federal Trade Commission and the EU Commission websites at: https://www.consumer.ftc.gov/articles/0042-online-tracking or https://wikis.ec.europa.eu/display/WEBGUIDE/04.+Cookies
If you wish to learn more about the types of cookies that we and our service providers use, and the ways these cookies are used, please contact us at: firstname.lastname@example.org.
What we do with your Personal Data
We use the Personal Data we collect and receive to provide you with Services, to study and analyze the functionality of our Services, to analyze users’ activities, and to maintain, develop and improve our Services.
We may use your email address, and other contact information you provide, to contact you when necessary, to send you reminders and to provide you information and notices about our Services and the products and services of our commercial partners.
We obey the law and expect you to do the same. If necessary, we may use your Personal Data to enforce our terms, policies and legal agreements, to comply with court orders and warrants and assist law enforcement agencies, to collect debts, prevent fraud, misappropriation, infringements, identity thefts and any other misuse of our Services, and to take any action in any legal dispute and proceeding.
Sharing Personal Data with Others
We will share your Personal Data with service providers and other third parties as necessary to fulfill the purposes for collecting the information and deliver the Services to you. We may also share your Personal Data with our affiliates – these include any subsidiaries, sister-companies and parent companies.
Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Additionally, circumstances may arise where we may be required to transfer your Personal Data to other entities in connection with a merger, acquisition, reorganization or sale of assets or in the event of liquidation or bankruptcy.
Removal of Personal Data from Our System
At any time, you can unsubscribe our mailing lists or newsletters, by sending us an opt-out request to: email@example.com.
At any time, you can exercise your following opt-out options: (i) object to the disclosure of your Personal Data to a third party, other than to third parties who act as our agents to perform tasks on our behalf, under our instructions, or third party publishers who received such Personal Data pursuant to the Terms and/or separate agreement with you; and (ii) object to the use of your Personal Data for a purpose that is materially different from the purposes for which we originally collected such Personal Data. You can exercise your choice by contacting us at: ____@_____________.
“Do Not Track” Signals
We do not support Do Not Track (“DNT”). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser.
Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)
If the data protection laws of the European Union apply to you, then the following terms will apply:
(i) when you register to the Services we process the contact information that you provide to us, for the purpose of sending you from time to time (by email, SMS text message, telephone, post or other electronical means) information about our Services which may be important or of interest to you;
(ii) when processing of your Personal Data is necessary for us to perform our agreement with you;
(iii) when the processing of your Personal Data is necessary for us to comply with legal obligations to which we are subject, or to protect your and others’ vital interests;
(iv) when processing of your Personal Data is necessary for legitimate interests, such as cyber security and data protection, fraud detection, service maintenance and control, support, back-up, data disaster recovery.
(i) to access the Personal Data as specified below;
(ii) to contact us if you want to withdraw your consent to the processing of your Personal Data; exercising this right will not affect the lawfulness of processing based on consent before its withdrawal;
(iii) to request to delete or restrict access to your Personal Data – we may postpone or deny your request if your Personal Data is in current use for providing the Services (for example you have a pending claim) and/or according to other legitimate purposes such as compliance with regulatory requirements.
(iv) you may ask to transfer your Personal Data in accordance with your right to data portability;
(v) you may object to the processing of your Personal Data for direct marketing purposes;
(vi) you have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you and/or similarly significantly affecting you;
(vii) You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
A summary and further details about your rights under the European Union data protection laws, is available on the European Commission’s website at: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en
Accessing Your Personal Data
At any time, you may contact us at: firstname.lastname@example.org and request to access the Personal Data that we keep about you. Note that when you send us a request to exercise your rights, we will need to reasonably authenticate your identity and location. We will ask you to provide us credentials to make sure that you are who you claim to be and may ask you further questions to understand the nature and scope of your request.
If you find that the Personal Data on your account is not accurate, complete or updated, then please provide us the necessary information to correct it.
If you’d like us to delete Personal Data that you have provided, please contact us at: email@example.com and we will respond in a reasonable time. Please be advised that we may retain and use your Personal Data as necessary to comply with our legal obligations, resolve disputes and enforce our agreements. In addition, after we delete your Personal Data, residual copies may take some time before they are deleted from our active servers and may remain in our backup systems.
If you have any concerns about the way we process your Personal Data, you are welcome to contact our data protection team at: firstname.lastname@example.org. We will look into your enquiry and make good-faith efforts to resolve any existing or potential claim you may have. If you remain unsatisfied with our response, you may also refer the matter to the relevant supervisory authority.
Retention of Data
We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of the Services, or when we are legally obligated to retain this data for longer time periods.
Transfer of Data
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
We store and process information in Amazon AWS regions where our clusters run.
If you are a resident in a jurisdiction where transfer of your
Personal Data to another jurisdiction requires your consent, then you provide us your express and unambiguous consent to such transfer. You can contact our data protection team at: email@example.com for further information about data transfer.
We will use our best efforts to protect the confidentiality of your Personal Data. We use reasonable data security measures in line with industry standards. We also adopted strict rules that include technical and physical administrative measures for protecting your Personal Data, including protecting against Personal Data misuse and against unauthorized hacking.
Although we make efforts to protect your privacy, we cannot guarantee that the Service will be immune from any wrongdoings, malfunctions, unlawful interceptions or access, or other kinds of abuse and misuse. Should, despite of our security measures, a security breach occur that is likely to result in a risk to the data privacy of a data subject, we will inform the relevant data subjects and other affected parties, as well as relevant authorities when required by applicable data protection and privacy laws, about the security breach as soon as reasonably possible.
We may employ third party companies and individuals to facilitate our Services, to provide the Services on our behalf, to perform Service-related services or to assist us in analyzing how our Services are used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Links to Other Websites
Data Controller: Xtype.IO Ltd.
LAST UPDATED: July 1, 2020