mirrors/oneuptime
1
0
Fork 0
mirror of https://github.com/OneUptime/oneuptime synced 2024-11-22 15:24:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
cbbc3c79d0
oneuptime/Home/views/privacy.ejs
Simon Larsen 314a9ef61c
fix company in legal
2023-06-13 10:37:24 +01:00

374 lines
24 KiB
Plaintext
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<header id="pagmt">
<% if (section === "privacy") { %>
<h1>Privacy Policy</h1>
<% } %>
<% if (section === "gdpr") { %>
<h1>General Data Protection Regulation (GDPR)</h1>
<% } %>
<p>Please Read Carefully Prior To Using This Product</p>
</header>
<section>
<% if (section === "gdpr") { %>
<h3>OneUptime GDPR Policy</h3>
<p>OneUptime is part of HackerBay, Inc. This GDPR and Privacy will explain how our organization uses the personal data
we
collect from you when you use our website and our product.</p>
<p>
Topics:
<br /> <br />
- What data do we collect? <br />
- How do we collect your data? <br />
- How will we use your data? <br />
- How do we store your data? <br />
- Marketing <br />
- What are your data protection rights? <br />
- What are cookies? <br />
- How do we use cookies? <br />
- What types of cookies do we use? <br />
- How to manage your cookies <br />
- Privacy policies of other websites <br />
- Changes to our privacy policy <br />
- Audit Rights <br />
- How to contact us <br />
- How to contact the appropriate authorities <br /></p>
<% } %>
<p>You can read full text of <a href="https://gdpr-info.eu">GDPR</a> from the GDPR official website</p>
<h3>Introduction</h3>
<p>At OneUptime, it is one of our fundamental values to deliver a great customer experience. Based upon this
philosophy, HackerBay, Inc. and its affiliated companies and subsidiaries (“OneUptime”) established this privacy
statement (“Privacy
Statement”)
to assist our customers, business partners, and other visitors of this website, any other webpage or mobile
applications
that OneUptime operates, or any other location where we post a direct link to this policy (“Website”) with
understanding
the types of information that we collect from and about you when you visit our Website, why we collect it, what
we
do with it, and your ability to control certain uses of it. We want you to feel informed and comfortable when
you
visit with us.
<p>When you visit our Website, please read the Privacy Statement carefully. By using or accessing our Website,
you agree
to the collection, use, and disclosure of information in accordance with this Privacy Statement. This
Privacy
Statement may change from time to time, and your continued use is deemed to be acceptance of such changes.
So,
please check this periodically for updates! </p>
</p>
<h3>Data Collection</h3>
<p>Information You Provide to Us. OneUptime collects information from you when you choose to provide it to us. Such
information
may be provided to us when you: apply for a job at OneUptime; download and install a product for evaluation;
download
and install a free tool; request a quote; purchase or register a product; sign up for newsletters, support
materials,
white papers, our email list, or other assets offered by OneUptime; obtain support, services, or training;
create a
user account on our Website, customer portal or community forum; or otherwise contact us. The personal
information
we collect may include your name, address, email address, telephone number, user name, password(s), information
about
the products that you own and use, or your payment information. Such information may be required to create your
account
or to complete your purchase. If you use a third party to create your account or otherwise link to us, we may
receive
certain information about you from the third party (such as a social network) based on your registration and
privacy
settings on that third party service. This information does not include tracking user behavior on our product.
</p>
<p>Information We May Collect. OneUptime may use cookies, web beacons, web analytics, or other technologies to
automatically
collect certain information about you when you visit our Website, utilize the OneUptime products, or otherwise
interact
with us. Please note, these may be first party cookies or tools, which are hosted within a OneUptime domain
name, or
third party cookies or tools, which are hosted by another party. Please reference the OneUptime Cookie Policy
for further
information.
</p>
<p>Information Collected from Other Sources. OneUptime may obtain information about you from other sources,
including updated
addresses, contact information, demographic information, and other publicly available data.
</p>
<p>Combination of Information. OneUptime may combine the information it receives from and about you, including
personal information,
non-personal information, and information collected offline, with information collected from third party
sources.
Real User Monitoring Service (“RUM”). OneUptime uses customized and proprietary software code to analyze and
obtain
information regarding how third party visitors (“Visitor”) interact with its Clients websites. When a Visitor
visits
a website that uses RUM, this code contacts OneUptimes servers and enables OneUptime to collect and analyze the
Visitors
activity while visiting that website (“Visitor Data”). This information is stored on OneUptimes database
servers and
converted to an aggregate and anonymized form to perform analyses and produce reports for its Clients.
</p>
<h3>Our Commitment to GDPR</h3>
<p>On May 25, 2018, the European Unions General Data Protection Regulation (GDPR) takes effect. GDPR regulates the
governance
of personal data for EU citizens with an emphasis on data security and privacy. The GDPR does not only apply to
companies
that operate in the EU. This regulation will also impact companies operating outside of the EU if they have any
EU
customers or personal data of anyone in the EU.
</p>
<p>HackerBay, Inc. has made information security and data privacy foundational principles of everything we do, and
we recognize
the importance of passing regulations to advance information security and data privacy for citizens of the EU.
We
are firmly committed to GDPR readiness.
</p>
<% if (section === "privacy") { %>
<p>You can read more about our <a href="/legal/gdpr">GDPR policy here.</a>
</p>
<% } %>
<h3>Data Use</h3>
<p>OneUptime may use the information we collect to: - Administer or operate the OneUptime products, services, or
Website, including
completing a transaction, providing you with products or user support, responding to your requests for
information,
preventing transactional fraud, or otherwise contacting you; - Provide or contact you with customized content,
targeted
offers, information, newsletters, and advertising or other promotional material about OneUptime or its partners
on
the Website, other websites, or via telephone or email (if you have agreed to such communications); - Research,
address,
develop, and improve the usage and operations of the Website or existing or new OneUptime products and services;
-
Protect the security or integrity of the Website and our business; and - Perform any other functions as
otherwise
described to you at the point of data collection.
</p>
<h3>Data Sharing</h3>
<p>OneUptime may disclose the information we collect from and about you (a) to our third party service providers,
partners,
and distributors to enable the service provider, partner, or distributor to perform a business, professional, or
technical support function for OneUptime; (b) in association with law enforcement, fraud prevention, a subpoena,
or
other legal or government investigatory action; (c) as required by law, rule, or regulation; (d) if OneUptime
reasonably
believes it is required to protect OneUptime, its customers, or the public; or (e) as described to you at the
point
of collection.
</p>
<p>Except as otherwise set forth herein, OneUptime may provide aggregated statistics about users to third parties,
but such
information will be aggregated so that it does not identify a particular individual or company. OneUptime is not
in
the business of selling or renting your personally identifiable information to others and will not share your
personally
identifiable information with others, except as otherwise described in this Privacy Statement.
</p>
<p>OneUptime may sell or purchase assets during the normal course of our business. If another entity acquires
OneUptime or any
of our assets, information we have collected about you may be transferred to such entity. In addition, if any
bankruptcy
or reorganization proceeding is brought by or against us, such information may be considered an asset of ours
and
may be sold or transferred to third parties. Should such a sale or transfer occur, we will use reasonable
efforts
to try to require that the transferee use personal information provided through the Website in a manner that is
consistent
with this Privacy Statement.
</p>
<h3>Data Storage</h3>
<p>As OneUptime operates globally, using the Internet to collect and process your information necessarily involves
the transmission
and storage of data on an international basis. Therefore, by using our Website, our products, and communicating
electronically
with us, you acknowledge our processing of your information in this way. We may transfer your personal
information
among our global locations or to destinations of our storage facilities and/or our third party providers,
including
to countries outside the European Economic Area (EEA). Your personal information may be stored on servers in a
global
location. It may also be processed by staff operating outside of the EEA, who work for us or one of our
suppliers.
</p>
<p>Some of these locations may have data protection standards that are different to those in your country. For EEA
residents,
we have taken commercially reasonable measures to ensure that your personal information is treated securely and
in
accordance with this Privacy Statement. Additionally, your personal information may be subject to the laws of
other
countries, where the data protection and other laws may differ from those of your country of residence. Your
personal
information may be disclosed in response to inquiries or requests from government authorities in the countries
in
which we operate.
</p>
<h3>Audit Rights</h3>
<h4>1. Purpose</h4>
<p>The purpose of this Customer Audit Rights Policy is to outline the rights of customers regarding audits of their personal data as provided under the General Data Protection Regulation (GDPR). This policy aims to ensure transparency and accountability in the processing of personal data by our organization while respecting the rights and privacy of our customers.</p>
<h4>2. Scope</h4>
<p>This policy applies to all customers who have provided their personal data to our organization, whether collected directly from the customers or obtained from other sources, and it aligns with the principles and requirements set forth in the GDPR.</p>
<h4>3. Customer Audit Rights</h4>
<p>Under the GDPR, customers have the right to request an audit of the processing activities carried out by our organization concerning their personal data. The following provisions apply to such audit requests:</p>
<h5>3.1. Process for Audit Request</h5>
<p>Customers can submit a written request for an audit of their personal data to our designated Data Protection Officer (DPO) or the relevant point of contact specified by our organization. The request should clearly state the purpose and scope of the audit.</p>
<h5>3.2. Audit Scope and Timing</h5>
<p>Upon receiving an audit request, our organization will assess the request's validity and evaluate its scope. The scope should be relevant to the processing activities related to the customer's personal data. The timing of the audit will be determined by our organization, taking into consideration the complexity of the request and other ongoing operational requirements.</p>
<h5>3.3. Audit Methodology</h5>
<p>The audit will be conducted in a manner that ensures the confidentiality and integrity of personal data and other proprietary information of our organization. The audit methodology may include a review of relevant documentation, interviews, site visits, or any other reasonable methods necessary to assess the processing activities.</p>
<h5>3.4. Third-Party Audit</h5>
<p>In some cases, our organization may engage an independent third-party auditor to conduct the audit on behalf of the customer. The third-party auditor must be bound by appropriate confidentiality obligations and comply with the GDPR requirements.</p>
<h5>3.5. Audit Findings and Reporting</h5>
<p>Upon completion of the audit, our organization will provide the customer with a summary of the findings, including any identified compliance gaps or areas of improvement. The report will be shared in a reasonable timeframe, taking into account the complexity of the audit and the need to ensure accuracy and completeness.</p>
<h5>3.6. Corrective Actions</h5>
<p>If the audit reveals any non-compliance or deficiencies in the processing activities, our organization will take appropriate corrective actions to address the identified issues promptly. These actions may include implementing additional safeguards, revising policies and procedures, or providing additional training to staff members.</p>
<h4>4. Confidentiality and Security</h4>
<p>All audit-related information, including personal data obtained during the audit, will be treated with strict confidentiality and in compliance with applicable data protection laws. Our organization will implement appropriate technical and organizational measures to safeguard the confidentiality, integrity, and security of the personal data processed during the audit.</p>
<h4>5. Policy Review</h4>
<p>This Customer Audit Rights Policy will be reviewed periodically and updated as necessary to ensure its continued relevance and compliance with the GDPR and other applicable laws and regulations.</p>
<h4>6. Contact Information</h4>
<p>For any questions or concerns regarding this policy or to submit an audit request, customers can contact our designated Data Protection Officer or the relevant point of contact as provided by our organization.</p>
<h3> Confidentiality and Security - Technical and Organizational Measures</h3>
<p>All personal data processed by our organization is subject to strict confidentiality and security measures. We have implemented a comprehensive set of technical and organizational measures to ensure compliance with the General Data Protection Regulation (GDPR). These measures include:</p>
<h4>1. Data Encryption</h4>
<p>We utilize strong encryption algorithms to protect personal data both during transmission and at rest. Encryption mechanisms are applied to prevent unauthorized access and maintain data integrity.</p>
<h4>2. Access Control</h4>
<p>We have implemented strict access controls to ensure that personal data is only accessible to authorized personnel. Access rights are granted based on the principle of least privilege, ensuring that individuals only have access to the data necessary for their specific roles and responsibilities.</p>
<h4>3. Employee Training and Awareness</h4>
<p>We provide regular training sessions and awareness programs to our employees regarding data protection, privacy, and GDPR compliance. This ensures that our staff members understand their obligations and responsibilities when processing personal data and are equipped with the necessary knowledge to maintain data confidentiality and security.</p>
<h4>4. Incident Response and Breach Management</h4>
<p>We have established an incident response and breach management process to handle any potential data breaches or security incidents. This process includes proactive monitoring, incident detection, response planning, and timely reporting to the relevant supervisory authorities and affected individuals, as required by the GDPR.</p>
<h4>5. Regular Security Audits and Assessments</h4>
<p>We conduct regular security audits and assessments to identify vulnerabilities, assess risks, and ensure compliance with the GDPR. These audits are performed internally or by independent third-party security experts to validate the effectiveness of our security controls and identify areas for improvement.</p>
<h4>6. Data Minimization and Retention</h4>
<p>We follow the principle of data minimization, only collecting and retaining personal data that is necessary for the specified purposes. We establish appropriate retention periods for different types of personal data and securely dispose of data that is no longer required, in accordance with our data retention policy and legal obligations.</p>
<h4>7. Vendor Management</h4>
<p>We ensure that our third-party vendors and service providers who have access to personal data comply with the GDPR and maintain appropriate confidentiality and security measures. We have established robust vendor management processes to assess the privacy and security practices of our vendors and regularly monitor their compliance.</p>
<h4>8. Confidentiality</h4>
<p>We ensure that employees of OneUptime are subject to confidentiality. Such an undertaking is signed when a new employee is hired. All of our employees have confidentiality agreement in place.</p>
<h3>Marketing Choices</h3>
<p>OneUptime may periodically send you emails with information regarding OneUptime, its products or its partners. If
you no
longer wish to continue receiving such information, please click the “unsubscribe” link available at the bottom
of
the relevant email. You can also contact OneUptime at privacy@oneuptime.com and let OneUptime know that you
no longer
wish to receive such information. Alternatively, you can reply to an email from OneUptime and type "REMOVE" in
the
subject line.
</p>
<h3>Public Forums</h3>
<p>Any information that you may disclose on community forums or other public areas of the Website (“User
Contribution”)
becomes public information, and you are solely responsible for your User Contributions. OneUptime has no
responsibility
for any information, including personally identifiable information, that you choose to submit in these forums.
We
do encourage you to exercise caution when disclosing personal information in these public areas, as OneUptime
has no
control over who has access or will utilize said information. Additionally, OneUptime is not responsible for any
circumvention
by third parties of any privacy setting or security measures contained on the Website. Even after removal, your
User
Contributions may remain viewable in cached or archived pages or may have been copied or stored by other Website
users. Proper access and use of information on the Website, including User Contributions, is governed by this
Privacy
Statement and the Terms of Use relating thereto. Any known or suspected violations should be reported to at
legal_team@oneuptime.com.
</p>
<h3>Third Party Sites</h3>
<p>The Website may include links to third party websites for your convenience and information only. OneUptime does
not own
or control these third party websites. OneUptime is not responsible for the availability, content, data
collection,
utilization of data, use of cookies, or otherwise on the third party websites, and any data that you choose to
give
to unrelated third parties is not covered by this Privacy Statement. We encourage you to review the privacy
policy
of any company before submitting any information to them. If you have any questions about how such third
parties
privacy and data use practices, you should contact such third parties directly.
</p>
<h3>How to Update and Access Information</h3>
<p>Certain areas of this Website will require you to provide certain personal information. It is your responsibility
to
provide the most recent available and accurate information. Additionally, please inform OneUptime of any change
of
name, address, or other information. If you have created an account on the Website, you may update certain
information
in your account profile, or you may request that OneUptime update, modify, or delete your registered information
by
sending an email to privacy@oneuptime.com with the words "UPDATE USER INFORMATION" in the subject line. You
have
the right, subject to certain exemptions, to obtain a copy of any personal data we hold about you and to correct
any inaccuracies in such data. If you wish to avail of any of these rights, please contact us at:
privacy@oneuptime.com.
While we will strive to accommodate your request, we may reject a request to satisfy our legal obligations,
resolve
disputes, enforce our agreements, where we have a legitimate reason to do so, or where the request may impose a
risk
on the privacy of others, is unreasonable, repetitive, or requires disproportionate technical effort.
</p>
<h3>Security</h3>
<p>OneUptime uses commercially reasonable security measures, such as physical access controls, encryption,
firewalls, and
network monitoring, and strives to safeguard information concerning and submitted by users. Despite the security
measures employed by OneUptime, users should be aware that it is impossible to guarantee absolute security with
respect
to electronic information, and User agrees and accepts the risks associated with the same.
</p>
<h3>Children under the Age of 13</h3>
<p>This Website is not intended for children under 13 years of age. No one under age 13 may provide any personal
information
to or on the Website; OneUptime does not knowingly collect personal information from children under 13. If you
are
under 13, please do not register on the Website, make any purchases through the Website, or send any information
about yourself to us. If you believe that information from or about a child under 13 is in our possession,
please
contact us at legal_team@oneuptime.com.</p>
<h3>Questions</h3>
<p>If you have any questions about this Privacy Statement or our data handling practices, you may contact us at
privacy@oneuptime.com.
In order for us to properly respond to you, you will need to provide us with sufficient details regarding your
question.
We will contact you if we require any additional information from you.</p>
<h3>Modifications to this Privacy Statement</h3>
<p>OneUptime reserves the right to review, modify, and update this Privacy Statement and will note the date of its
most recent
revision. In the event OneUptime updates or modifies this Privacy Statement, OneUptime shall endeavor to post
such updates
or modifications on this Website following any such modifications. It we update or modify the Privacy Statement
in
a material way, we will utilize commercially reasonable efforts to provide appropriate notice to you.</p>
</section>
Reference in New Issue View Git Blame Copy Permalink