Effective August 15, 2017
“Personal Information” is information about you that is personally identifiable. The Personal Information collected actively by us may include items from registrations and transactions, such as name, username, title, address, company, phone number and email address. As is true of most websites, we also gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
We collect and use Personal Information for the following purposes: to improve the Services, to contact customers, to market our products and services, to collect and handle feedback, to improve customer service, to comply with applicable laws and legal processes, to enforce our terms and conditions, to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others, and to allow us to pursue available remedies or limit any damages that we may sustain.
Visitor Identification and Collection of Personal Information
We may collect Personal Information from users in a variety of ways, including, but not limited to, when you visit our website, place an order, subscribe to our newsletter, and in connection with other activities, services, features or resources we make available through the Services.
If you submit any Personal Information relating to individuals authorized to use your account, such as employees or contractors, please do so only if you have secured permission to do so. If you have not secured permission, please do not submit to Skytap the Personal Information of any individual.
We may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify new customers and provide products and services that may be of interest to you. This can include purchased marketing data about our customers from third parties that is combined with information we already have about you to create more tailored advertising and products.
- Strictly Necessary Cookies: These cookies are necessary for the website to function. They are usually only set in response to actions made by you that amount to a request for services, such as logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
- Performance Cookies: These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
- Functionality Cookies: These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, then some or all of these services may not function properly.
- Targeting Cookies: These cookies may be set through our site by us or our advertising partners. They may be used to build a profile of your interests and show you content in which you may be interested. Generally they do not store any personally identifiable information, but are based on uniquely identifying your browser and internet device. However, we sometimes use these cookies to do individualized tracking down to the name for marketing purposes. If you do not allow these cookies, you will experience less targeted content.
Disclosure of Personal Information
Skytap may disclose Personal Information in the following ways:
- If you elect to purchase third party applications, we may share Personal Information with companies who provide those applications. In those cases, we encourage you to review and understand the terms and conditions and privacy policies of those third parties, over whom we have no control.
- We may disclose generic aggregated demographic information not linked to any Personal Information regarding visitors and users to our business partners, trusted affiliates and advertisers.
- We may use third party service providers to help us operate or administer the Services, such as sending out newsletters or surveys. We may share Personal Information with these third parties for the purpose of implementing these types of marketing campaigns.
- We may disclose Personal Information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
- As we believe to be necessary or appropriate, we may disclose Personal Information: (a) under applicable laws, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities, including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety, or property, and/or that of our affiliates, you, or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.
- In certain situations, Skytap may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Retention of Personal Information
How we Protect your Information
Skytap has adopted reasonable security measures to protect Personal Information against loss, theft, unauthorized access, alteration, disclosure or destruction. These measures include policies, procedures, employee training, physical access and technical elements relating to data access controls. In addition, Skytap uses industry standard high-grade encryption to facilitate the exchange and the transmission of data. We do not process Personal Information in a way that is incompatible with the purposes for which it has been collected unless authorized by the individual.
In the event that Personal Information is acquired by an unauthorized person and applicable law requires notification, we will notify the affected individual of the breach by email or, if Skytap is unable to contact the individual by email, by regular mail. Notice will be given promptly, consistent with the legitimate needs of law enforcement and any measures necessary for Skytap or law enforcement to determine the scope of the breach and to ensure or restore the integrity of a system. Skytap may delay notification if we or a law enforcement agency determines that the notification will impede a criminal investigation, and in such case, notification will not be provided unless and until we or the agency determines that notification will not compromise the investigation.
Choices and Access
Skytap provides you with choices about the use and disclosure of the Personal Information for marketing purposes. You may opt out of the following:
- Receiving electronic communications from us: To stop receiving promotional emails from us, you may use the unsubscribe option contained in our emails.
- Our sharing of your Personal Information with our affiliates: To stop our sharing of your Personal Information with our affiliates for their direct marketing purposes, you may opt out by contacting us at email@example.com.
- Access to Personal Information: Skytap acknowledges that you have the right to access your Personal Information. Upon request, Skytap will provide you with information about whether we hold any of your Personal Information. You may update your Personal Information by editing your information in the Services. If your Personal Information changes, or if you no longer desire information about our Services, you may have your Personal Information updated or removed from our records by emailing firstname.lastname@example.org or by contacting us by telephone or postal mail at the contact information listed below.
Skytap will comply with your request(s) as soon as reasonably practicable. Please also note that if you opt out of receiving marketing-related messages from us, we may still send you important administrative messages regarding our Services, from which you cannot opt out.
Collection and processing of Personal Information is based on your consent given by accessing and using the Services. However, you may at any time exercise your right to have incomplete, incorrect, unnecessary or outdated Personal Information deleted or updated by contacting Skytap at email@example.com. Please note that by requesting Skytap to delete your Personal Information, we may not be able to provide you the Services you have inquired about or ordered.
The use of information collected through our Services shall be limited to the purpose of providing the services for which a customer has engaged Skytap.
Skytap collects information under the direction of its customers, and may have no direct relationship with the individuals whose Personal Information it processes. An individual who seeks access, or who seeks to correct, amend or delete inaccurate data should direct his query to the Skytap’s customer (the data controller). If requested to remove data, we will respond within a reasonable timeframe. We may transfer Personal Information to companies that help us provide our Services. Transfers to subsequent third parties are covered by the service agreements with our customers.
We will retain the information we process on behalf of our customers for as long as needed to provide Services to our customer. Skytap will retain this information as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
Mobile App Disclosure
When you download and use our Services, we automatically collect information on the type of device you use, operating system version and the device identifier.
We may send you push notifications from time to time in order to update you about any events or promotions that we may be running. If you no longer wish to receive these types of communications, you may turn them off at the device level. To ensure you receive proper notifications, we will need to collect certain information about your device such as operating system and user identification information.
We use mobile analytics software to allow us to better understand the functionality of our software on your phone. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.
EU-U.S. Privacy Shield
Skytap participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. Skytap is committed to subjecting all Personal Information received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List. (https://www.privacyshield.gov/list)
Skytap is responsible for the processing of Personal Information it receives, under the Privacy Shield Framework, and subsequently transfers to third parties acting as an agent on its behalf. Skytap complies with the Privacy Shield Principles for all onward transfers of Personal Information from the EU, including the onward transfer liability provisions.
With respect to Personal Information received or transferred pursuant to the Privacy Shield Framework, Skytap is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Skytap may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
General Data Protection Regulation (GDPR)
The GDPR applies to both individuals and businesses and regulates the way in which personal data of citizens in the European Union should be handled and is scheduled to be effective in May 2018. It applies to businesses that operate inside geographical EU. It also applies to businesses operating outside of the EU that process EU citizens’ data in connection with the offering of goods and services or the monitoring of their behavior.
The GDPR distinguishes between Controllers and Processors. Unlike the existing Directive, however, the GDPR applies to both Controllers and Processors, with some rule differences between the two. Because Skytap is primarily responsible for providing its customers with hosting infrastructure, has limited knowledge of customer data within its infrastructure, and only processes hosted data in accordance with the customer’s instructions, Skytap is a Processor of hosted data. The customer is a Controller.
In limited circumstances during the account registration process for customer use of Skytap Services, Skytap collects and maintains customer data. This data is collected and maintained solely for the offer and maintenance of Skytap Services for customer use. In this instance, Skytap is the Controller.
Skytap will continue to treat customer data with the sensitivity and confidentiality required. We are undertaking a gap analysis to determine if any changes may be required to the way in which we handle customer data in light of the GDPR. Skytap will continue to invest in the security of its customer solutions to ensure it remains compliant with applicable legislation.
Skytap is committed to fulfilling its responsibilities under Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA). For purposes of fulfilling these responsibilities, if applicable, you consent to using Skytap’s website and services, and you consent to Skytap’s collection and use of your Personal Information for the purposes described above. If you do not consent, you may not access our website or the Services. Please contact our Manager of Information Security (see below) with any questions, concerns or requests about how Personal Information is collected or used.
Information from Children
Skytap’s website and services are not designed for use by children under the age of 13. Skytap does not voluntarily or knowingly collect information from children under 13. As such, if you are under the age of 13, please stop using this website and/or Skytap services. If you are a parent or guardian and believe that we may have collected Personal Information from someone under the age of 13, please let us know by emailing firstname.lastname@example.org.
Inquiries may also be addressed to:
Manager of Information Security
719 2nd Avenue, Suite 800
Seattle, WA 98104