Who is the data controller of your personal information?
We, that is Bitrock, Inc., 900 Kearny Street Suite 500, San Francisco, CA 94133, USA, ("BitRock" or "we") are the data controller. We are responsible for, and control, the processing of your personal information.
What personal information do we collect?
In the context of rendering our Services, be it online or offline, we may collect information about you. This information regularly includes the following:
- If you register on our websites or sign up for a trial: Name, e-mail address, mailing address, phone number, company name, job title, IP address, username and password; for any images or instances downloaded, pulled or deployed we may additionally collect the instance type and operating system version.
- If you register for a paid service: in addition to the above, credit card or other payment information and information on your order such as price, license, service plan.
- If you download, pull or deploy images or instances without registration: IP address.
- If you subscribe to our newsletter: Name, email address, marketing campaign information such as your reaction to our marketing and your interest in our Services.
- If you contact us (via our websites or via phone, email or letter), e.g. for a support request, respond to a survey, send us an inquiry or post to our forum: Name, e-mail address, IP address, information on our communication with you and any additional information you provide us with.
- If you merely visit our websites: IP address, network file system, browser data, browser type, device type, device ID, Uniform Resource Locators (URL), operating system, language preferences, information on your usage of our websites and online activities.
How do we collect your information?
This personal information is collected in many ways and may include:
- personal information you provide to us: Most of the personal information we receive comes to us voluntarily from our users in the course of using our Services, such as when visiting our website, communicating with us or in the process of requesting our Services. You are free to choose which information you want to provide to us or whether you want to provide us with information at all. However, some information, such as your name, address, payment information and information on your requested Services may be necessary for the performance of our contractual obligations. Without providing this information, you will not be able to order certain Services or enter into a contract with us.
- personal information we receive from others: We may receive personal information about users from third parties such as Clearbit, that provides us with additional information regarding our email and web form contacts, providers of denied party screening, data information agencies such as Dun & Bradstreet, and other marketing partners and consultants, such as our cloud partners, Microsoft and Oracle who may pass on lead data of users of our applications on their marketplaces.
Why and on which legal basis do we collect and use your personal information?
The reasons for using your personal information may differ depending on the purpose of the collection. Regularly we use your information for the following purposes and on the following legal grounds:
- We use your information in order to perform our contractual services or prior to entering into a contract with you . If you order Services from BitRock or if you contact us to request our Services, we use your information to provide you with these Services. Information we use includes: information we need to contact you or otherwise communicate with you; information to manage your account; information to enable the download or usage of Services; information for invoicing and payment follow up.
- We use your information if justified by our legitimate interests. The usage of your information may also be necessary for our own business interests. For example, we may use some of your information to evaluate and review our business performance, create financial statements; improve our Services or to identify potential cyber security threats. If necessary, we may also use your information to pursue or defend ourselves against legal claims. We may use your email address for our email marketing campaigns. You can object to this use at any time by following the link to unsubscribe at the bottom of our marketing emails.
We use your information after obtaining your consent.
In some cases, we may ask you to grant us separate consent to use your information.
You are free to deny your consent and the denial will have no negative consequences for you.
You are free to withdraw your consent at any time with effect for the future. If you have
granted us consent to use your information, we will use it only for the purposes specified
in the consent form.
This also includes our marketing campaigns. If you sign up to one of our email newsletters or when providing us with your email address allow us to use this email address for email marketing, we will use your personal information in the relevant email marketing campaigns. You may unsubscribe from any of our email newsletters at any time by following the link to unsubscribe at the bottom of the newsletter. You may also contact us via email, phone or mail at the addresses provided at the end of this document to request that we remove you from our email list.
- We use your information to comply with legal obligations. We are obligated to retain certain information because of legal requirements, for example, tax or commercial laws.
We will only use your information for the purposes for which we have collected them. We will not use your information for other purposes. We do not use your personal information for automated individual decision-making.
How long do we keep your information?
We will store personal information for as long as necessary to fulfil the purposes for which we collect the personal information, in accordance with our legal obligations and legitimate business interests.
We store your personal data during the time that you are a customer of BitRock or a registered account holder at Bitnami.com for purposes of providing you the services, and for up to three years after you cease to be a customer or delete your Bitnami.com account.
For customers of InstallBuilder with a perpetual license, we will retain the necessary personal data for as long as necessary for us to issue you with a new license key on your request.
If you have never been a customer or registered account holder, but have consented to receive a newsletter, we will continue to process your personal data for this purpose until you unsubscribe from this service or you have not viewed the newsletter for 12 consecutive months.
If you have never been a customer or registered account holder, but have consented to receiving other marketing inquiries or information from us, we may store your data for up to two years.
We reserve the right to store or delete your personal data earlier or later than set forth herein if required to do so by an applicable law or regulation, including the GDPR, especially where necessary to comply with statutory retention periods and for the exercise or defense of legal claims.
How do we protect your information?
We implement a variety of security measures to maintain the safety of your personal information when you place an order. We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) may be kept on file solely for the purpose of processing your recurring subscription payments until such a subscription is cancelled.
How do we safeguard your personal information when there is an international transfer?
As we are located in the USA, any information you provide, will be processed and stored in the USA. If you are in the European Union or European Economic Area, this may mean that your personal information will be stored in a jurisdiction that offers a level of protection that may, in certain instances, be less protective of your personal information than the jurisdiction you are typically a resident in.
For this reason, we have entered into guarantees to ensure appropriate safeguards. If we transfer information from the European Union to third parties outside the European Union and to countries not subject to schemes which are considered as providing an adequate data protection standard, we will enter into contracts which are based on the EU Standard Contractual Clauses with these parties.
What rights and choices do you have?
We want you to understand your rights and choices regarding how we may use your personal information. Depending on how you use your information, these rights and choices may include the following:
You have specific rights under applicable privacy law in respect to your personal information
that we hold, including a right of access and erasure and a right to prevent certain processing
If you are a resident in the European Union, you have the following rights in respect to your personal information that we hold:
- Right of access: The right to obtain access to your personal information.
- Right to rectification: The right to obtain rectification of your personal information without undue delay where that personal information is inaccurate or incomplete.
- Right to erasure: The right to obtain the erasure of your personal information without undue delay in certain circumstances, such as where the personal information is no longer necessary in relation to the purposes for which it was collected or processed.
- Right to restriction: The right to obtain restriction of the processing undertaken by us on your personal information in certain circumstances, such as, where the accuracy of the personal information is contested by you, for a period of time enabling us to verify the accuracy of that personal information.
- Right to portability: The right to portability allows you to move, copy or transfer personal information easily from one organization to another.
- RIGHT TO OBJECT: YOU HAVE THE RIGHT TO OBJECT TO ANY PROCESSING BASED ON OUR LEGITIMATE INTERESTS WHERE THERE ARE GROUNDS RELATING TO YOUR PARTICULAR SITUATION. YOU CAN OBJECT TO MARKETING ACTIVITIES FOR WHATEVER REASON WHATSOEVER.
If you wish to exercise one of these rights, please contact us using the contact details below. For cookies or e-mail marketing, we provide the following easily usable option:
- Cookies Settings and Preferences: You may disable cookies and other tracking technologies through the settings in your browser.
- E-Mail Settings and Preferences: If you no longer want to receive marketing e-mails from us, you may choose to unsubscribe at any time by following the unsubscribe instructions provided in the particular newsletter (or for Bitnami registered users in the subscription settings in your Bitnami user account).
In addition to the afore listed rights, as an EU resident, you also have the right to lodge a complaint with your local data protection authority. Further information about how to contact your local data protection authority is available at http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
Policy for Children
How to contact us
You may also contact our EU representative, BitRock S.L., at email@example.com.
Data Privacy Management Team
For all enquiries regarding Bitrock's activities you may also want to contact our Data Privacy Management Team who can be reached at: firstname.lastname@example.org.