DataHut Privacy Statement
Date: Dec 10th, 2019
This DataHut Privacy Statement (“Privacy Statement“) describes how DataHut and its affiliates (together, “DataHut” or “we“) collect and process your information.
We appreciate that you trust us when you provide us with your information. Protection of information is our top priority because we want to keep your trust.
We design all of our products and services with data protection in mind. We work hard to keep your information secure. We have teams dedicated to keeping your information safe and secure. We constantly update our security practices and invest in our security efforts to enhance your privacy.
Please read this Privacy Statement carefully. When you submit information to us, you consent to the processing of your information as described in this Privacy Statement. IF YOU DO NOT AGREE WITH ANY PART OF THIS PRIVACY STATEMENT, THEN PLEASE DO NOT USE THE SERVICES.
1. WHO WE ARE
The data controller for the information you provide or that we collect on DataHut.cloud and its subdomains is DataHut.
2. WHERE THIS PRIVACY STATEMENT APPLIES
Our right to process information also is described in our agreements with our business customers (“Customer Agreements“). DataHut is contractually prohibited from accessing the personal data that customers store and otherwise process through DataHut products and services. If a provision of a Customer Agreement conflicts or otherwise is inconsistent with a provision of this Privacy Statement, then the term of the Customer Agreement will prevail to the extent of the conflict or inconsistency.
This Privacy Statement does not apply to information that is collected by any third-party website or service that you access through the Services.
In this Privacy Statement, to “process” information means to perform any operation on the information, whether or not by automated means, such as collection, recording, organizing, storing, adapting, use, disclosure, combining, erasing or destroying.
3. PRIVACY SHIELD & CROSS-BORDER DATA TRANSFERS
Sharing of information sometimes involves cross-border data transfers. We use lawful mechanisms to legitimize data transfers from the EEA to other countries (together, “Privacy Shield“).
4. CHANGES TO THIS PRIVACY STATEMENT
The Effective Date of this Privacy Statement is set forth at the top of this webpage. As we add new features to the Services, we may amend this Privacy Statement. Your continued use of the Services after the Effective Date constitutes your acceptance of the amended Privacy Statement. The amended Privacy Statement supersedes all previous versions.
5. INFORMATION WE COLLECT
When you use the Services, we collect the information you give us when using the Services. This includes:
- When you create an account, you provide us with at least a user name and password, business information, such as name, business name, business address, email address, business phone number and any other information that you provide us.
- When you make a purchase, you provide us or the payment processor with payment information, such as your debit or credit card number.
- When you participate in surveys or focus groups, you give us your insights into our products and services
- If you contact our customer service team, we collect the information you give us during the interaction. Sometimes, we monitor or record these interactions for training purposes and to ensure a high quality of service.
Information we receive from others
We receive information about you from others, including our vendors, our Service Providers and Resellers and our other business partners. We also receive information about you from the third parties that help us operate the Services, such as for fraud detection, digital forensics, and similar functions.
Information collected when you use the Services
When you use the Services, we collect information about which features you use and how you use them and the computer, tablet or mobile telephone (“Device“) that you use to access the Services (collectively, “Usage Data“), which includes:
- Server Logs
We collect information about your activity on the Services, such as features you use through our server logs. A server log is a list of the activities that a server performs. DataHut servers automatically collect and store in server logs your search queries, Internet Protocol (IP) address, browser type and language, time zones, the date and time of your request and referral URL and certain cookies that identify your browser or DataHut account.
- Device information
We collect information from and about the Device that you use to access the Services, including:
- hardware and software information such as Device ID and type, Device-specific settings and characteristics, operating system, identifiers associated with cookies or other technologies that may uniquely identify your Device or browser; and
- information on your wireless and mobile network connection, like your internet vendor and signal strength.
We may link personal data and Usage Data or different types of Usage Data. We also may link publically-available personal data, such as personal data available in public databases. If the linked information may identify an individual person, we treat it as personal data.
Information collected through Data Collection Technology
Other information with your consent
We collect other information when you give us permission at the time of collection, such as when you choose to participate in the DataHut Customer Experience Program (CEP).
6. COOKIES AND OTHER DATA COLLECTION TECHNOLOGY
Cookies are small text files that are sent to or accessed from your web browser or your computer’s hard drive. A cookie typically contains the name of the domain (internet location) from which the cookie originated, the “lifetime” of the cookie (i.e., when it expires) and a randomly generated unique number or similar identifier. A cookie also may contain information about your computer, such as user settings, browsing history and activities conducted while using the Services. A web beacon (also called a pixel tag or clear GIF) is a piece of computer code that enables us to monitor user activity and website traffic. To learn more about cookies and web beacons, visit www.allaboutcookies.org.
How We Use Data Collection Technology: Data Collection Technology helps us improve your experience of the Services by, for example, storing your website language preferences, so you do not have to select it each time you use the Services, compiling statistics about use of the Services, helping us analyze technical and navigational information about the Services, and detecting and preventing fraud.
The Services use the following cookies:
- Strictly necessary cookies, which are required for the operation of the Services. Without them, for example, you would not be able to register or log in for the Services that we may offer.
- Analytical/performance cookies, which allow us to recognize and count the number of visitors, to learn how visitors navigate the Services and to help us to improve the way Services function.
- Functionality cookies, which are used to recognize you when you return to the Services.
We also use Google Analytics, which is a Google service that aggregates information about use of the Services and reports website trends. Google Analytics does not directly identify individual users.
Your Control of Cookies: Some web browsers (including some mobile web browsers) provide settings that allow you to control or reject cookies or to alert you when a cookie is placed on your Device. You also may be able to reject Device identifiers by activating the appropriate setting on your Device. Although you are not required to accept cookies or mobile device identifiers, if you block or reject them, you may not have access to all features available through the Services.
Our Statement On Do Not Track Signals: Some web browsers (including Safari, Internet Explorer, Firefox, and Chrome) incorporate a “Do Not Track” (“DNT“) or similar feature that signals to websites that a user does not want to have his or her online activity and behavior tracked. If a website that responds to a particular DNT signal receives the DNT signal, the browser can block that website from collecting certain personal data about the browser’s user. Not all browsers offer a DNT option, and DNT signals are not yet uniform. For this reason, many website operators, including DataHut, do not respond to DNT signals.
7. HOW WE PROCESS PERSONAL DATA
DataHut processes personal data:
- To set up and maintain your account;
- To communicate with you;
- To prevent and investigate fraud and other misuses of the Services;
- To protect our rights and property;
- To operate, manage, secure and improve the Services;
- To respond to your questions and to try to resolve problems with one of our products;
- To complete transactions requested by you;
- To improve the performance and reliability of our products and services using information collected through the DataHut Customer Experience Program (CEP); and
- To help us improve our customer service.
DataHut processes Usage Data:
- To analyze trends and statistically monitor how many people are using the Services;
- To develop, improve and protect the Services;
- For customer preferences research;
- To audit and analyze the Services; and
- To ensure the technical functionality and security of the Services.
To process your information as described above, we rely on the following legal bases:
- Provide our service to you: Most of the time, the reason we process your information is to perform the contract that you have with us to use the Services.
- Legitimate interests: We may use your information when we have legitimate interests to do so. For instance, we analyze users’ behavior on the Services to continuously improve our offerings, marketing our new products and features and process information for administrative, fraud detection and legal purposes.
- Consent: From time to time, we may ask for your consent to use your information for certain specific reasons.
8. HOW WE SHARE INFORMATION
DataHut may share personal data collected through the Services as follows:
- Vendors: We share information with our vendors that help us operate the Services, such as by providing customer service, helping us with marketing or testing our security measures. DataHut will ensure that any vendor with which we share personal data agrees to use commercially reasonable measures to safeguard it
- Resellers: We share information with our resellers and other third parties that promote, resell and/or white-label the Services.
- Corporate Transaction: We may share and transfer personal data if we are involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control by DataHut or any affiliated company (in each case, whether in whole or in part).
- When Required by Law: DataHut or DataHut’s affiliates may use servers and other equipment to provide the Services that are located in countries where litigants, law enforcement, courts, and other agencies of the government may have the right to access personal data stored within their jurisdictions upon terms and conditions provided by local law. DataHut may also provide access to your personal data to government authorities if DataHut suspects or believes that your data contains child pornography or other prohibited content or data or that the data is being used for illegal purposes. DataHut reserves the right, consistent with data privacy and other user data protection requirements applicable to the jurisdiction where personal data is stored, and if mandated by applicable law, regulation, legal process, or governmental order, disclose personal data, but only to the extent required to satisfy those laws, regulations, or orders. Unless prohibited by law or other order, DataHut will provide reasonable notice of any such required or requested disclosure to you and reasonably cooperate to limit such disclosure to the extent allowed by law.
- Other Lawful Disclosures: We also share information if (i) disclosure would mitigate DataHut liability in an actual or threatened lawsuit; (ii) as necessary to protect legal rights of DataHut, users, customers, vendors, business partners or other interested parties; (iii) to pursue available remedies or limit the damages; (iv) to enforce our agreements; and (v) to respond to an emergency.
DataHut may aggregate information collected through the Services and remove identifiers so that the information no longer identifies or can be used to directly identify an individual (“Aggregated Information“). DataHut shares Aggregated Information with third parties and does not limit third parties’ use of the Aggregated Information.
9. YOUR CHOICES ABOUT YOUR PERSONAL DATA
- The right to know what personal data we hold about you: If you would like to know the personal data that DataHut maintains about you, please contact us in writing using the contact information below. If you are a registered user, you can review certain personal data that you provided to DataHut by logging in to your account. If you are not a registered user, DataHut may take reasonable steps to verify your identity before providing access to personal data.
- The right to correct or delete personal data: The easiest way to correct or delete certain personal data that you have provided to the Services is to log in to your account and enter the necessary changes in your profile settings. If you have additional questions regarding the correction or deletion of the personal data we hold about you, please contact us using the contact information below. Please be reminded that we will review your request but may be restricted in our ability to change or delete your personal data. If the Services are made available to you by a corporate customer that is sponsoring your use of the Services, your eligibility to receive Incentives and Rewards from such parties, if any are offered, may be adversely affected by your election to remove personal data about you from the Services. You must contact the corporate customer directly for further information.
We may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or privacy rights of a third party.
10. LINKS TO OTHER WEBSITES AND SERVICES
The Services may include links to third-party websites and services that are not operated by us. When you click these links, you will be directed away from the Services. A link to a third-party website or service does not mean that we endorse it or the quality or accuracy of information presented on it. If you decide to visit a third-party website or service, you are subject to its privacy practices and policies, not ours. This Privacy Statement does not apply to any personal data that you provide to these other websites and services.
11. PROTECTION & RETENTION OF PERSONAL DATA
We take precautions intended to help protect personal data that we collect and store. For example, we protect the information transmitted from your browser to the Services using Secure Sockets Layer (SSL) software or similar encryption technology. Any transmission is at your own risk. We expect that you will use appropriate security measures to protect your information.
We may suspend your use of all or part of the Services without notice if we suspect or detect any breach of security. If you believe that information you provided to us is no longer secure, please notify us immediately using the contact information provided below.
We keep your personal data only as long as we need it for legitimate business purposes and as permitted by applicable law. In practice, this means that we delete or anonymize your account after three (3) years of continuous inactivity unless we must keep it to comply with applicable law; because an issue, claim or dispute has not yet been resolved; or the information must be kept for our legitimate business interests, such as fraud prevention and enhancing users’ safety and security. Please note that, although our systems are designed to carry out data deletion processes, we cannot promise that deletion will occur within a specific timeframe due to technical constraints.
12. CHILDREN’S PRIVACY
The Services are not directed to or intended for use by minors. If we learn that we have received any information directly from a child under age 13 without his or her parent’s verified consent, we will use that information only to respond directly to that child (or his or her parent or legal guardian) to inform the child that he or she cannot use the Services.
13. G SUITE1 TERMS AND CONDITIONS
DataHut utilizes certain Google APIs to provide backup and recovery Services for your data in the following G Suite products: Gmail, Google Contacts, Google Calendar, Google Drive, Google Team Drives (collectively, “Google User Data“). In order to provide such backup and recovery Services to you, DataHut requires read-only access to the lists of users and Team Drives in your G Suite organizational structure as well as reading and writing access to all other Google User Data.
DataHut stores the Google User Data in data centers operated by DataHut or DataHut’s data center providers.
DataHut does not share the Google User Data with third parties without appropriate consent except as follows:
- Corporate Transaction: We may share and transfer Google User Data if we are involved in a merger, sale, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy or other change of ownership or control by DataHut or any affiliated company (in each case, whether in whole or in part);
- When Required by Law: DataHut or DataHut’s affiliates may use servers and other equipment to provide the Services that are located in countries where litigants, law enforcement, courts, and other agencies of the government may have the right to access Google User Data stored within their jurisdictions upon terms and conditions provided by local law. DataHut may also provide access to your Google User Data to government authorities if DataHut suspects or believes that the Google User Data contains child pornography or other prohibited content or data or that the Google User Data is being used for illegal purposes. DataHut reserves the right, consistent with data privacy and other user data protection requirements applicable to the jurisdiction where Google User Data is stored, and if mandated by applicable law, regulation, legal process, or governmental order, disclose Google User Data, but only to the extent required to satisfy those laws, regulations, or orders. Unless prohibited by law or other order, DataHut will provide reasonable notice of any such required or requested disclosure to you and reasonably cooperate to limit such disclosure to the extent allowed by law.
- Other Lawful Disclosures: We also share Google User Data if (i) disclosure would mitigate DataHut liability in an actual or threatened lawsuit; (ii) as necessary to protect legal rights of DataHut, users, customers, vendors, business partners or other interested parties; (iii) to pursue available remedies or limit the damages; (iv) to enforce our agreements; and (v) to respond to an emergency.
14. HOW TO CONTACT US
Please contact our Data Protection Officer at info@DataHut.cloud.