Datavail (“us”, “we”, or “our”) respects the privacy of our customers and their data.
This Services Privacy Statement describes our privacy practices with respect to the collection, use, and disclosure of information obtained when customers purchase, use or engage our hosted software services (“Subscription Services”) related support services (“Support Services”), or our technical services, including systems management services and professional services (the “Technical Services”) that we provide to Customers. For the purposes of this Privacy Statement, the Subscription Services, Support Services, and the Technical Services will collectively be called the “Service.” This Service Privacy Statement also covers information processed by Datavail for customer service management purposes (such as customer address and billing information collected for processing Customer’s engagement of Datavail’s Service).
- This Policy does not cover a Customer’s use or disclosure of information it stores in the Subscription Service.
- This Policy also does not cover any information or data collected by Datavail for purposes outside of the Service.
- This Policy does not cover the use or disclosure of any information stored in a Subscription Service hosted by a Customer (meaning Datavail software or system hosted by the customer.)
Please see our Privacy Statement for details on our privacy practices with respect to data collected on our websites and at events.
For the purposes of this Services Statement:
“Customer” means the entity that purchases our Service.
“User” means an individual authorized by the Customer to access and use the Subscription Service.
“Customer Data” means the electronic data uploaded into the Subscription Service by or for Customer or its Users.
How We Collect Information
Datavail collects specific information in the course of providing services to our customers as described below.
In the normal course of business, Customers will process Customer Data on their own systems within their own technical domains. Customers will also process Customer data in the practice of using our service. Datavail’s access to and use of this data is limited to that needed to provide the Service as provided for in the Master Services Agreement with the Customer. Datavail may also collect information by way of performing the services including:
- Data and correspondence from our customers that they send to us in order to administer, manage or use the service.
- Alert and event information and logs used to provide the service
Datavail will also collect and administer specific data as a controller for the purposes of administering and managing the Service and engagement with the Customer such as the Customer’s company name, address and principal contact information.
How We Use Information
Datavail uses information collected to provide the Service including providing service management and administration, customer reporting and alerting services, and our Support and Technical Services. We may also use information we collect for billing and contract management. We will not use, disclose, review, share, distribute, transfer, or reference Customer Data except as permitted in the Customer Agreement or as required by law.
How We Share Information
Datavail will rarely share Customer Data or Personal Information of any type as a course of business. However, for specific purpose, we may disclose information that Customers or Users provide to us as follows:
- To our subsidiaries (including those located outside of the US, or of the European Economic Area and Switzerland) as needed to support the Services as agreed to in the Master Services Agreement.
- To service providers we use to support our service
- To a potential buyer (and their agents or assignees) to support any proposed merger, acquisition, or any form of sale or transfer of some or all of our assets.
- To competent law enforcement organization, regulatory, government agency, court or other third party to: (i) comply with any court order, a request from any competent law enforcement agency, or any other legal obligation; (ii) enforce or apply the terms of the Customer Agreement; and (iii) protect the rights, property, or safety of Datavail, our Customers, Users, or others.
- As directed by Customer.
Retention of Data
Datavail will retain Customer Data as per the agreements defined in the Master Services Agreement. We will retain general information where we have an ongoing legitimate business need to do so (such as to comply with regulatory or tax accounting purposes.)
International Transfer of Data
Datavail stores data almost exclusively in the United States and, when specified, Canada. For Customer Data transferred to us in the United States of America, Datavail complies with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom, and Switzerland to the United States, respectively. You can view a description of how we comply with the Privacy Shield Principles in our Privacy Shield Policy. To learn more about the Privacy Shield Framework, please visit the Department of Commerce’s website, located here.
For other international transfers of personal information from the EEA, we implement such measures as are necessary to ensure we provide appropriate safeguards for the transferred Customer Data, as agreed with our Customers.
Security of Data
Datavail maintains organizational, physical and technical security safeguards for all customer data we hold. We maintain protocols, controls and relevant policies, procedures and standards in order to manage the risk to Customer Data.
In order to affect these protections, Datavail undertakes industry standard measures to protect your data including:
- Maintaining an ISO27001 certification, which demonstrates that we adhere to the highest information security standards. The ISO standard is a security standard awarded by the British Standards Institution (“BSI”) that serves as international accreditation that Datavail adheres to the highest defined standards. This certification is the only auditable international standard that defines the requirements for an Information Security Management System (“ISMS”), and such a certification confirms that Datavail’s processes and security controls provide an effective framework for protecting our clients’ and our own information.
- We have a global Privacy Protection program in place which advises and manages our data protection standards of your data.
- We have regular third party audits and testing that continue to validate our security posture and help us protect customer data.
- Datavail has a dedicated team responsible for monitoring and responding to security incidents.
Your Privacy Rights
If you are a resident of the European Economic Area (EEA), Canada, or California, you have certain data protection rights under law. Datavail aims to take reasonable steps to allow you choices regarding the information you provide to us and how to limit the use of your Personal Data. Specifically:
- If you wish to access, correct, update, or request deletion of your personal information, you can send us an e-mail at firstname.lastname@example.org. You may also contact your Service Delivery Manager or, where possible, use our Datavail Service Portal to carry out these requests.
- Certain jurisdictions, for example the European Economic Area, provide their residents specific privacy rights under applicable law. We will process your requests to exercise such rights, including if you object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information, in accordance with applicable data protection laws. You may send us an e-mail at email@example.com or use the contact details below.
We will respond to each request in accordance with appropriate data protection laws. Please note that we may ask you to verify your identity before responding to such requests. Datavail will not discriminate against any individual on the basis of executing these rights.
Our Service does not address anyone under the age of 18 (“Children”).
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
Changes to This Services Privacy Statement
If you have any questions about this Privacy Notice, please contact us:
- By email: firstname.lastname@example.org
- By telephone at +1.206.686.5196 or 1.833.742.0951
- By writing to us at:
11800 Ridge Parkway
Broomfield, CO 80021