Nov 23, 2020
In this Policy, We Use the Following Definitions
We refer to our website as the “Site.”
We refer to ourselves (i.e., OctoML, Inc.) as “OctoML,” “we,” “us,” and “our.”
We refer to all of the online products and services that we provide to you, individually and collectively, as the “Services.”
We refer to you, the person accessing our Site or accessing or using our Services, as “you,” “yourself,” and “your.” In the event that you purport to be an agent or other representative of an entity (e.g., as an officer or employee) or in the event that you otherwise, in fact, act on behalf of such an entity, the terms “you,” “yourself,” and “your” comprise you and such entity, unless the context suggests that the applicable term applies only to you, as an individual.
Other Definitions We Use in this Policy
The term “Data Controller” refers to the organization (in this case, OctoML) that decides the purposes for which and the way in which any Personal Information received is processed. As a Data Controller, we are bound by the requirements of the GDPR (as defined below).
The term “Data Processing” refers to any operation or set of operations performed upon Personal Information (whether automated or not). By way of example, the following activities are explicitly listed in the text of the GDPR as examples of Data Processing: collection, recording, organizing, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure, or destruction.
The term “Personal Information” refers to any information that identifies, relates to, or could reasonably be linked to you, as an individual, or to your household. Personal Information that has been rendered anonymous in such a way that neither you, as an individual, nor your household can be identified (and in a manner that is irreversible) is no longer considered Personal Information. Also, information that can be used to identify an entity but cannot be used to identify a living individual (or his or her household) is not Personal Information. Personal Information also does not include publicly available information that is from federal, state, or local government records. The term Personal Information, as used in this policy, is meant to include the definition of “personal data” found in the GDPR and the definition of “personal information” found in the CCPA (as defined below).
What Regulations are Addressed by this Policy?
There are many privacy and data security laws and regulations to address, not to mention our policy of ensuring our customers’ privacy. So, while we strive to endeavor to comply with the requirements of each privacy and data security law and regulation that governs our activities as a business (“Applicable Laws”), we do so across the board for all of our customers and all such laws and regulations, and all
Personal Information is treated with the same level of care.
Depending on the circumstances, including, without limitation, your place of residence, the location from which you access and use the Services, and the nature of the Personal Information received, the Applicable Laws may include:
The European Union’s General Data Protection Regulations (European Parliament and Council of European Union (2016) Regulation (EU) 2016/679) (“GDPR”); and
The California Consumer Protection Act (California Consumer Privacy Act of 2018, Civil Code sections 1798.100 et seq., and the California Consumer Privacy Act Regulations promulgated pursuant thereto) (“CCPA”).
While we handle all personal information equally – meaning that we likely exceed the requirements for a specific single regulatory authority – we respond to inquiries and requests about Personal Information based on the residency of the individual identified by the Personal Information (for example, for someone resident in the EU, we would base our response on the GDPR and, for a resident of California, we would base our response on the CCPA).
What Information Do We Collect?
We may collect the following types of Personal Information from you:
Your name and email address
The name of any entity that you represent (e.g., as an officer or employee) and that entity’s physical address
Information you choose to provide us through our forums or other features and functions of our Services
We may retain server logs, which include the Internet Protocol (or IP) address of every request to our servers
We may also collect and aggregate information about the use of the Site and Services. That information could include information such as your IP address (an IP address is a unique numerical address assigned to a computer as it logs on to the internet), browser type, operating system, the web page that you were visiting before accessing the Site, the pages or features of the Site that you browsed and the time spent browsing those pages or features, search terms you use, the links on the Site that you clicked on, and other use statistics. If you access the Site using a mobile device, we collect information such as a device identifier, user settings, and the operating system of your device, as well as information about your use of the Services.
What Do We Use Your Personal Information For?
To compile statistics and analysis about your and other customers’ use of the Site and Services.
To personalize your experience — your Personal Information helps us to better respond to your individual needs.
To improve the Site and Services — we continually strive to improve the Site’s offerings based on the information and feedback we receive from you and other customers.
To improve customer service — your Personal Information helps us to identify issues affecting your use of the Services and to more effectively respond to your customer service requests and support needs, including contacting you about your customer service requests or issues.
To contact you about the Services that you have requested that we provide to you, including sending you periodic emails — the email address you provide may be used to send you information, notifications that you request about changes or in response to your username, respond to inquiries and/or other requests or questions, or to alert you of updates to protect your system from new types of online attacks and to send periodic emails containing information relevant to your account and the products you use.
To comply with the law – we may use your Personal Information if and when it is necessary to do so in order for us to comply with a legal obligation, including sharing information with courts, regulatory authorities, law enforcement officers, and private parties if and when we believe it is necessary and appropriate to do so in order to comply with the law (e.g., a stature or a regulation), in response to legal process (e.g., a subpoena or a claim), or in response to other lawful government requests (e.g., court or agency orders). This may include use and disclosures that we believe are necessary and appropriate to protect our property, rights, and safety and the property, rights, and safety of other, including the general public, and to try to put an end to any activity that we believe is illegal, unethical, or legally actionable.
How Do We Protect Your Personal Information?
We implement a variety of security measures to maintain the safety of your Personal Information when you enter, submit, or access your Personal Information.
We may also collect information via standard server logs or clear GIFs (also known as “Web Beacons”). Web Beacons and pixel tags are images embedded in a webpage or email for the purpose of measuring and analyzing usage and activity. We, or third-party service providers acting on our behalf, may use Web Beacons and pixel tags to help us analyze usage and improve our functionality. Social media tools, like
We use the following third-party Advertising Cookies to present you with opportunities to access Services on the Site:
“Do Not Track” Options Will Not Affect How We Use Your Personal Information
Do We Disclose Any Information to Outside Parties?
Except as set forth below, we do not sell, trade, or otherwise transfer to outside parties your Personal Information. Non-personally identifiable visitor information, however, may be provided to other parties for marketing, advertising, or other uses. We may contract with third-party service providers to assist us in better understanding the Site visitors. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business. We may also release your Personal Information when we believe release is appropriate to comply with the law; enforce our contracts with you and policies; or protect our or others’ rights, property, or safety, as described in more detail above.
Your Personal Information may also be transferred to another company in the event of a merger; acquisition; reorganization; or other change of ownership or control that involves a transfer or assignment of all or part of our businesses or assets. This will occur if the parties have entered into an agreement under which the collection, use, and disclosure of Personal Information is limited to the purposes of the business transaction, including a determination whether or not to proceed with the business transaction. You will be notified via email or prominent notice on the Site for thirty (30) days of any such change in ownership or control that involves a transfer or assignment of your PersonalInformation or as otherwise required or permitted by law.
How Do We Handle Global Transfers and Processing of Your Personal Information?
The Site and Services are designed, developed, hosted, operated, supported, maintained, and otherwise offered by us in the United States. If you are located in another jurisdiction or access or use the Site or Services from another jurisdiction, know that your information will be transferred to, stored, and processed in the United States. By accessing and using the Site and Services and permitting us to receive information, you consent to this transfer, processing, and storage of your information in the United States. It is important to note that the privacy laws in the United States may not be as comprehensive as those in other countries, such as the European Union, Asia, or other regions of the world. Our service providers use appropriate safeguards to transfer your Personal Information to the United States, and this is provided for in the terms related to privacy and data security that we have entered into with those service providers.
Personal Information that we receive from you may be processed by staff operating outside the United States who work for us or for one of our suppliers. For example, such staff may be engaged in the processing of an order for the Services, the processing of your payment details, and the provision of customer support services. By permitting us to receive your Personal Information, you agree to this transfer, storing, or processing. We will take all reasonable steps to make sure that your
Personal Information that we receive is stored on secure servers. Details relating to any transactions entered into via the Site or the websites or services operated by our service providers will be encrypted in motion and at rest.
The transmission of information via the internet is not completely secure; therefore, we cannot guarantee the security of Personal Information that we receive electronically and transmission of such Personal Information is entirely at your own risk. Where we have given you (or where you have chosen) a password so that you can access certain areas of the Site, you are responsible for keeping this password confidential.
For customers who are licensing our products or services, it is our policy that we do not “sell” (as defined under the CCPA) customers’ data processed by us. Our customers’ data is always treated as sensitive.
In certain situations, we may be required to disclose Personal Information in response to lawful requests by government authorities, including to meet national security or law enforcement requirements. Where our third-party suppliers are in the United States, we have ensured that their services comply with the EU-US Privacy Shield Framework’s principles.
Retention of Your Personal Information
We retain your Personal Information for as long as we need to fulfill the Services. In addition:
We may keep data linked to Cookies, Web Beacons, and other online identifiers up to three years.
If we are involved in litigation or a governmental or regulatory investigation, then we keep data throughout the period of litigation or investigation and for five years after that. If a settlementmeans that we have to keep data for longer, then we keep data for the period required to administer the settlement. If we provide data to law enforcement officers, then we keep a record of this for one year beyond the end of the investigation.
Children’s Online Privacy Protection Act Compliance
The Site and Services are directed to people who are at least 13-years-old or older. We strive to comply with the requirements of the Children’s Online Privacy Protection Act (or COPPA). If you are under the age of 13, do not use the Site or Services. We do not knowingly collect personal information from children under the age of 13 years. If you nevertheless believe that your child has provided us with their Personal Information, please contact us and we will delete it.
Other rights you have concerning Personal Information that we receive include the rights to:
Ask for a copy of your Personal Information
This is known as a Subject Access Request. If you would like a copy of some or all your Personal Information, please contact us at the address listed below.
Ask us to correct your Personal Information
It is your right to lodge an objection to the processing of your Personal Information if you believe that the legal ground “relating to your particular situation” applies. The only reasons we will be able to deny your request is if we can show compelling legitimate grounds for the processing, which override your interest, rights, and freedoms, or the processing is for the establishment, exercise, or defense of a legal claim.
Ask us to erase certain categories or types of information
If you choose to remove your Personal Information, you acknowledge that we may retain archived copies of your Personal Information.
Ask us to restrict certain processing
You have the right to object to processing of Personal Information. Where we have asked for your consent to process information, you have the right to withdraw this consent at any time.
Obtain the information you provide in a structured, machine-readable format, and Ask us to transfer your Personal Information to other organizations.
And, for California Residents, you have rights as a California resident under the CCPA to:
Ask we not sell your data.
We do not sell, as defined by the CCPA, any consumer information, so we do not need or have a ”do not sell my info” button
Request information about what information we hold on you (see above list of categories)
Request information about the specific pieces of Personal Information we have collected about you.
Request the categories of third parties with whom the business shares Personal Information.
Have inaccurate data corrected
Request that we delete any Personal Information about you that we have collected about you within the limits of the CCPA
Have equal service and price, even if you exercise your privacy rights.
How Do You Contact Us?
If you have questions about our practices regarding the collection, storage, use, processing, and disclosure of Personal Information that we receive in the course of providing the Site and Services to you, you may contact us as at:
1000 N Northlake Way
Seattle, WA 98103 USA