Effective Date: November 9, 2020
Please see the Product Privacy Statement to understand how customer personal data is collected, used and protected by the BetterCloud platform, applications and services separately from the Sites.
- Personal information we collect directly from you
- What personal data we collect about you from other sources
- Changes to your personal information
- Cookies and similar technologies
- How We Use your Personal Information
- How We Share your Personal Information
- Your Choices
- International Transfer
- Other Sites and Services
- User Generated Content
- Contact Us
- Additional Information for UK and European Union Users
- Additional Information for Californian Users
This policy also addresses the rights of individuals in the US, EU or elsewhere with regards to their personal information and the means and contacts needed to assure those rights.
Personal Information We Collect Directly From You
The information we collect from you directly is classified in the category of “Personal Identifier”. This data category includes consumer name, postal address, email address, phone, employer and similar information. We collect that information in several ways:
- We collect ‘personal identifiers’ when you complete forms or request information from us through our Sites
- When you contact us to report a problem with our Sites
- When you contact our customer support or otherwise correspond with us by phone, email, or other means.
We collect this identifying information for the purpose of providing the services and information you are requesting. We also use this information when communicating with you and responding to any inquiries or communications that you have initiated.
We are also required under Californian and similar laws to specifically disclose the categories of information that we have collected and sold or disclosed for any commercial purpose for the prior twelve-month period. We do not sell or disclose ‘personal identifiers’ or any other category of collected personal information for any commercial purpose or for the commercial benefit of any party. We have not done so in the past 12-months or at any time prior to that.
What we collect about you from other sources
We also collect information about you indirectly from other sources. We collect that information in several ways:
- When you connect to a social networking site (SNS) through the interfaces we provide on our Sites
- Through any referral section of our Sites
- Through cookies and other automated means
We may get your name and email address through any referral section of our website. We may add this to information we get from our Sites to offer you products and services that may be of interest to you or to invite you to events or webinars that may be of interest to you.In addition to Personal Identifiers we collect:
- Commercial Information (browsing patterns)
- Geographic Information (for localization and market perspective)
- Internet, Network, Technical identifiers (information about your device for better interaction with it)
- Employment related information (title, role, office location and contact information)
- Inferential data (about your interests).
- Personal information as described by applicable privacy laws, including the CCPA, the GDPR, or UK Privacy Law.
As an example of our data collection practices we may log your computer or mobile device IP address, geographic location (should you choose to provide it), operating system name and OS version, manufacturer and model, browser type, browser language, screen resolution, the website you visited before browsing to our Sites, pages you viewed, how long you spent on a page, access times and information about your use of and actions on our Sites.
We collect this information for the purposes of better understanding our market, global distribution, technology and our prospective customers’ and customers’ wants and needs.
For more information, please refer to the How We Use Your Personal Information section.
We collect this information about you using cookies. Please refer to the Cookies and Similar Technologies section for more details.
Changes to Your Personal Information
It is important that the personal information we hold about you is accurate and current. Please let us know if your personal information changes during your relationship with us by updating your registration profile or emailing us at firstname.lastname@example.org.
Cookies and Similar Technologies
What are cookies?
We may collect information using “cookies.” Cookies are small data files stored on the hard drive of your computer or mobile device by a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them) to provide you with a more personal and interactive experience on our Sites. We use two broad categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which we use to recognize your computer or mobile device when it revisits our Sites; and (2) third party cookies, which are served by service providers on our Sites, and can be used by such service providers to recognize your computer or mobile device when it visits other websites.
Cookies we use
Our Sites use the following types of cookies for the purposes set out below:
|Type of cookie||Purpose|
|Essential Cookies||These cookies are essential to provide you with services available through our Sites and to enable you to use some of its features. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.|
|Functionality Cookies||These cookies allow our Sites to remember choices you make when you use our Sites. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-select your preferences every time you visit our Sites.|
|Analytics and Performance Cookies||These cookies are used to collect information about traffic to our Sites and how users use our Sites. The information gathered may include the number of visitors to our Sites, the websites that referred them to our Sites, the pages they visited on our Sites, what time of day they visited our Sites, whether they have visited our Sites before, and other similar information. We use this information to help operate our Sites more efficiently, to gather broad demographic information and to monitor the level of activity on our Sites.|
|Social Media Cookies||These cookies are used when you share information using a social media sharing button or “like” button on our Sites or you link your account or engage with our content on or through a social networking website such as Facebook or Twitter. The social network will record that you have done this.|
|Targeted and advertising cookies||These cookies track your browsing habits to enable us to show advertising which is more likely to be of interest to you. These cookies use information about your browsing history to group you with other users who have similar interests. Based on that information, and with our permission, third party advertisers can place cookies to enable them to show advertisements which we think will be relevant to your interests while you are on third party websites. You can disable certain cookies which remember your browsing habits and target advertising at you by visiting this site or, in the EU, this site. If you choose to remove targeted or advertising cookies, you will still see advertisements but they may not be relevant to you. Even if you do choose to remove cookies by the companies listed at the above link, not all companies that serve online behavioral advertising are included in this list, and so you may still receive some cookies and tailored adverts from companies that are not listed.|
You can typically remove or reject cookies via your browser settings. In order to do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools,” or “edit” facility). Many browsers are set to accept cookies until you change your settings. Further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org.
If you do not accept our cookies, you may experience some inconvenience in your use of our Sites. For example, we may not be able to recognize your computer or mobile device and you may need to log in every time you visit our Site.
Local Storage Objects
We use Local Storage Objects (LSOs) such as HTML5 to store Your user information and settings. Third parties with whom We partner to provide certain features on Our site or to display advertising based upon Your Web browsing activity use LSOs such as HTML 5. Various browsers may offer their own management tools for removing HTML5 LSOs.
We may also use pixel tags (which are also known as web beacons and clear GIFs) on our Sites to track the actions of users on our Sites. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages. Pixel tags measure the success of our marketing campaigns and compile statistics about usage of the Sites, so that we can manage our content more effectively. The information we collect using pixel tags is not linked to our users’ personal data.
Some of our pages utilize framing techniques to serve content to/from our partners while preserving the look and feel of our Sites. Please be aware that you are providing your information to these third parties and not to us.
How We Use Your Personal Information
To operate the Sites
We use your personal information to:
- operate, maintain, administer, improve, and secure the Sites;
- study how the Sites are used and to improve the Sites and our other products and services;
- manage and communicate with you regarding your account on the Sites, if you have one, including by sending you service announcements, technical notices, updates, security alerts, and support and administrative messages;
- better understand your needs and interests, and personalize your experience with the Sites;
- provide support and maintenance for the Sites and our services;
- respond to your service-related requests, questions and feedback.
To send marketing communications
If you request information from us or register for an account on the Sites, we may send you BetterCloud-related marketing communications as permitted by law. You will have the ability to opt out of such communications.
To provide a requested service
If you request a service through the Sites, such as signing up for our newsletter, we may request personal information that we need to provide the requested service.
To comply with law
We use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
With your consent
We may use or share your personal information with your consent, such as when you consent to let us post your testimonials or endorsements on our Sites, you instruct us to take a specific action with respect to your personal information, or you opt into third-party marketing communications.
For compliance, fraud prevention and safety
We use your personal information as we believe necessary or appropriate to (a) enforce the terms and conditions that govern the Sites; (b) protect our rights, privacy, safety or property, and/or that of you or others; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
How We Share your Personal Information
- Professional advisors. We may disclose your personal information to professional advisors, such as lawyers, bankers, auditors and insurers, where necessary in the course of the professional services that they render to us.
- Compliance with Laws and Law Enforcement; Protection and Safety. BetterCloud may disclose information about you to government or law enforcement officials or private parties as required by law, and disclose and use such information as we believe necessary or appropriate to (a) comply with applicable laws and lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (b) enforce the terms and conditions that govern the Service; (d) protect our rights, privacy, safety or property, and/or that of you or others; and (e) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity. See Our Transparency Report for more information.
Access, update, correct or delete your information
Upon request, We will provide you with information about whether We hold, or process on behalf of a third party, any of your personal information. If Your Personal Information changes, or if You no longer desire Our Services, You may correct, update, or delete it by emailing email@example.com. We will respond to Your request within a reasonable timeframe.
You may opt out of marketing-related emails by clicking on a link at the bottom of each such email, or by contacting us at firstname.lastname@example.org. You may continue to receive service-related and other non-marketing emails.
If you gave us consent to post a testimonial on our Sites, but wish to update or delete it, please contact us at email@example.com.
Choosing not to share your personal information
Where we are required by law to collect your personal information, or where we need your personal information in order to provide a requested service to you or operate the Sites, if you do not provide this information when requested (or you later ask to delete it), we may not be able to provide you with the requested service(s) or operate the Sites. We will tell you what information you must provide to receive a requested service or interact with the Sites by designating it as required on the Sites or through other appropriate means.
The security of your personal information is important to us. We use a variety of industry-standard technical, contractual, administrative and physical security measures and procedures to protect the personal information we collect, both during transmission and once we receive it. However, no security safeguards are 100% secure and we cannot guarantee the security of your information. If You have questions about Our security measures in place, please contact Us at firstname.lastname@example.org.
Our Site is not directed to children under 16. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at email@example.com. We will delete such information from our files as soon as reasonably practicable.
Other Sites and Services
The Sites may contain links to other websites and services. These links are not an endorsement, authorization or representation that we are affiliated with that third party. We do not exercise control over third party websites or services, and are not responsible for their actions. Other websites and services follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies of the other websites you visit and services you use.
User Generated Content
We may make available on our Sites, or link to, features that allow you to share information online (e.g., on publicly-accessible blogs or community forums). Please be aware that whenever you voluntarily disclose personal information online, that information becomes public and can be collected and used by others. We have no control over, and take no responsibility for, the use, storage or dissemination of such publicly-disclosed personal information. By posting personal information online in public forums, you may receive unsolicited messages from other parties.
330 7th Avenue 14th Floor
New York, NY 10001
Additional Information for UK and European Union Users
Legal bases for processing
We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information which are based on one or more of the following:
- Consent: The consent you provide to us when you share or submit your personal information with or to us;
- Legitimate interest: Our “legitimate interest,” as defined by GDPR and UK Privacy Law, or the legitimate interest of a third party, including you. For example, we may use your data for fraud and security monitoring to ensure our networks and websites are secure, to administer and conduct our business with you, and to respond to your requests, inquiries and complaints.
- Contract: Our performance of a contract, directly or indirectly, between us and you or your employer.
- Legal Obligation: Our compliance with a legal obligation that we are or may be subject to.
If you have questions about the legal bases of how we process your personal information, contact us at firstname.lastname@example.org.
Use for new purposes
We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
We keep basic information about our customers for the duration of the agreement.
GDPR and UK Privacy Law gives you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
- Opt-out.Stop sending you direct marketing communications. You may continue to receive service-related and other non-marketing emails.
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete. Delete your personal information.
- Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. Restrict the processing of your personal information.
- Object. Object to our reliance on our applicable legal bases (see list of legal bases above) for processing your personal information.
You can submit these requests by email to email@example.com or our postal address provided above. You may also contact our Data Protection Representative (see here for more information). We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us as described above or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
Cross-Border Data Transfer
Whenever we transfer your personal information out of the European Economic Area (EEA) to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based on one of the following safeguards recognized by the European Commission as providing adequate protection for personal information, where required by EU data protection legislation:
- The consent you provide to us when you share or submit your personal information with or to us, and when you visit our Sites;
- Contracts approved by the European Commission which impose data protection obligations on the parties to the transfer. For further details, see the European Commission Model contracts for the transfer of personal information to third countries; or
- Other valid and applicable safeguards under GDPR and UK Privacy Law.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.
EU-U.S. and Swiss-U.S. Privacy Shield
BetterCloud, Inc. participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to complying with the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, visit the U.S. Department of Commerce’s Privacy Shield List.
BetterCloud is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily with regard to our participation in the Privacy Shield Frameworks, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Data Protection Representative in the European Union and UK
We have appointed DataRep as our Data Protection Representative in the European Union and the UK pursuant to GDPR and UK Privacy Law. Data Rep is also our Data Protection Representative in the UK. As described in more detailed in the “Your rights” section above, GDPR and UK Privacy Law gives you certain rights regarding our processing of your personal information. If you want to pose a question regarding our processing of your personal information or otherwise exercise your rights in respect of such processing, you can contact DataRep by:
- Sending an email to firstname.lastname@example.org,
- Using the online webform available at www.datarep.com/bettercloud
- Sending a letter to one of the addresses listed below. Please note:
- We also have addresses in all other EU member countries and in the UK which can be provided upon request by sending an email to email@example.com.
- When sending letters, it is essential to address them to “DataRep,” and not to “BetterCloud, Inc.,” or your inquiry may not reach us.
|Ireland||DataRep, The Cube, Monahan Road, Cork, T12 H1XY, Republic of Ireland|
|United Kingdom||DataRep, BPM 335368, 372 Old Street, EC1V 9AU, London, United Kingdom|
On receiving your communication, DataRep may request evidence of your identity, to ensure your personal information is not provided to anyone other than you. If you have any concerns over how DataRep will handle your personal information required to undertake its services, please refer to www.dpr.eu.com/legal-privacy.
Additional Information for Californian Consumers
If you need to access this notice in an alternative format please contact us at firstname.lastname@example.org.
We do not, and will not, sell – as defined under CCPA – your personal information.
For more details please click here.
What is Personal Information under CCPA
“Personal information” is anything that identifies, relates to, describes, or is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Californian consumer or household.
How We Obtain Your Data (Please see the following sections)
- What data we collect directly from you
- What data we collect about you from other sources
Note on Children
The CCPA requires opt-in consent to information use for minors under the age of 16 and verified parental consent for children under the age of 13. We do not knowingly collect or process the information of children. For more information, please refer to the Children section.
Your Rights under CCPA with regard to Your Personal Information
You have the right as a Californian consumer to expect disclosures as to how we collect, use and care for your personal information, our purposes for collection and what we do with the information we collect, and in specific, if your information is sold to other parties.
California law provides you as a consumer specific rights with regard to the management and sale of your personal information. You have the right as a Californian consumer to expect disclosures as to whether we for our benefit or on behalf of another company, share or sell the personal information we collect or process for commercial gain. The law imposes on certain businesses an obligation to provide the means by which these rights can be exercised.
You may ask that we or partners for whom we process or those working on our behalf take specific actions with regard to the information about you.
- You may exercise these rights without concern. You cannot be charged for these requests, penalized in any way, denied benefits, products or services or charged differently for benefits, products or services for doing so.
- You can do this by contacting us as described here or here.
- You, or your authorized agent, may request the following actions in relation to your personal information:
- Opt-out. Discontinue the sharing, transfer, disclosure or sale of your information and not be contacted to request the resumption of those activities for at least 12-months.
- Request to Know. Provide you with information about what we hold and the processing of your personal information.
- Request to Delete. You have the right to request that we erase your personal information and for us to direct the same of any third-party service providers processing your information on our behalf.
- Portability. Request that any information held be returned by mail or electronically, and if electronically held, be returned in a format permitting its transfer to another service.
Verifying Your Identity
Please note that after submitting your initial request we may require additional information about your identity if we cannot verify it with the information you submitted and the information we already have. We are restricted from using that additional information for any purpose other than verifying your request or for security or fraud prevention. Except as required under CCPA, we must delete any additional information collected for the purpose of verifying your identity as soon as practical after processing your request. We will confirm receipt of your request within ten (10) days from receiving it and will respond within the timelines established under CCPA.
We, or our partners, on verification of your identity and legitimate standing to make the request, and if not an undue or unreasonable hardship for us, must act on your request, or at a very minimum, advise you as to why we cannot. There are specific reasons under the law which prevent accommodation of some requests, but if denied, we will advise as to why, to whom you may submit a complaint, and your options for challenge, redress or escalation.
Exercising your rights
You may exercise these rights twice in a 12-month period. If an option is available to compensate you for the use of your information, you must be advised of this. We will make best efforts to address your requests within 45 days, but where that is not possible will advise you of the need for an extension of an additional 45 days.
Inquiries, data or information requests, complaints
If you have questions, would like to submit an inquiry, data or information request(s), or have a complaint about our use of your personal information or our response or handling of your requests regarding your personal information, you may contact us as described here.