This Policy also explains the Personal Data we collect, how we use and share it and how to manage your marketing preferences.
It also describes how we process any Personal Data you may ask us to either (i) back up using our 14 day free trial (“Free Trial”) (“Trial Data”) or (ii) when you sign a contract with us for the provision of backup and data recovery services (“Protected Data”), (collectively the “Services”).
Terms defined in this Policy are explained further below.
1. ABOUT US
This site is run by DataBunker Limited (“DatabunkerDataBunker”, “we, “us”), a UK company incorporated under registered number 07066255. Our contact details are provided further below.
For the purposes of applicable data protection laws, including the EU General Data Protection Regulations (“GDPR”), Databunker is the Controller of any Personal Data (defined in the GDPR) collected through the Site or by telephone or any in other way.
Where you provide us with Personal Data in the context of the Services, you are the Controller of such data and we are the Processor or Sub-Processor. See further Section 7 under “Processing of Personal Data”. Other than as provided for in Section 7, references to Personal Data in this Policy are only to Personal Data of which we are the Controller.
2. HOW WE COLLECT INFORMATION
Information collected when you visit the Site
We will collect Personal Data that you provide to us when you fill in any form or sign up online and create an account with us.
We will also collect certain information automatically at several different points on our Site.
We may also collect information as to how our Site is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s internal protocol address (e.g. IP address), browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on out Site’s pages, unique device identifiers and other diagnostic data.
Information we collect when you contact us
We may collect Personal Data from you when you contact us by telephone, email or via our Site.
Information we collect if you apply for a job with us
The Personal Data we collect from you may include your name, contact details, employment history and any information contained in your CV.
Information received from Third Parties
We may also receive Personal Data about you from law enforcement authorities.
Do Not Track
We do not support Do Not Track (“DNT”). DNT is a preference you may be able to set in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the Preferences or Settings page of your web browser.
3. HOW WE USE YOUR INFORMATION
We will use your information in the following ways:
- To comply with our contractual obligations. In order to provide the Services to you, we need certain Personal Data. For example, we will need to collect your contact and billing information to collect payment from you.
- Where we have a legitimate interest in using your Personal Data. For example, to administer and monitor our Site, to improve our Services, to communicate with you about your account, to send you direct marketing information and to review any job application that you submit to us.
- Where we are required by applicable law to collect and pass your information to comply with our legal or regulatory obligations. For example, we can pass details of fraudulent or other criminal activity affecting our business to law enforcement.
You may opt out of receiving any or all marketing communications from us by following the unsubscribe link or instructions provided in any email we send you.
We take reasonable steps to ensure that the Personal Data we collect is limited to that which is necessary for the purposes out in this Policy or otherwise to provide the Services to you.
4. HOW WE SHARE YOUR INFORMATION
We share information with our core service providers and third party platforms for our business to function including, for example, IT systems and support, data centres, customer relations management, payment service providers and professional advisors. We also engage service providers to assist us in analysing how our Site is used.
Your information may be processed by a third party in order to maintain the functionality of our Site and customer database.
Our third party service providers will have access to your Personal Data only to perform the tasks for which they have been engaged and they are not permitted to disclose it or use it for any other purpose.
We may also share your Personal Data with relevant third parties in the event that we sell all or the relevant portion of our business or assets (including pursuant to any insolvency procedures).
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Site. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/
The payment processors we work with are:
5. HOW LONG WE KEEP YOUR INFORMATION
DataBunker will retain your information only for so long as is necessary for the purposes set out in this Policy and to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable laws e.g. for tax and accounting purposes), resolve disputes and enforce our legal agreements and policies. Your information will also be retained for so long as you subscribe to receive marketing information.
DataBunker will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for 14 months except where this data is used to strengthen security or to improve the functionality of our Services or we are legally obliged to retain this data for longer time periods.
At the end of the applicable retention period, your data will be either deleted or anonymised. In the latter case, the data will be used in a non-identifiable way for statistical and business planning purposes.
6. HOW WE STORE YOUR INFORMATION
We keep the data which we collect from you on a secure server.
Your information may be processed by our staff or the staff of our suppliers to the extent necessary to operate your account with us. By submitting your information to us, you agree to the transfer of your Personal Data, its storage and processing.
We will not store or collect your payment card details. We use third-party services for payment processing (e.g. payment processors) through a secure payment gateway on the Site. Your credit card information is provided directly to our third-party payment processors whose use of your Personal Data is governed by their privacy policies. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.
Databunker is committed to protecting the security of your Personal Data. We use a variety of security technologies and procedures to help protect Personal Data from unauthorised access, use and disclosure. Whilst we strive to use commercially acceptable means to protect your Personal Data, Databunker cannot ensure or guarantee that the Personal Data or private communications you transmit to us will always remain confidential or secure. For example, as the transmission of data via the internet is not completely secure, if you transmit data to us in this way, you do so at your own risk.
Where we have given you a password (or you have chosen one) to access our Services, you are responsible for keeping it confidential.
7. PROCESSING OF PERSONAL DATA
This Section 7 forms part of our Terms and Conditions where you have signed up for a Free Trial.
The terms of this Section 7 shall apply to the processing of any Personal Data contained in Trial Data and, if you have not entered into a separate data processing agreement (“DPA”) with us, Protected Data. If you have a DPA with us, the terms of that agreement, and not those below, shall apply to the processing of your Protected Data.
We are the Processor (or Sub-Processor) of any Personal Data contained in the Trial Data and the Protected Data. You are the Controller (or Processor where we are the Sub-Processor) of any Personal Data contained in such data. By signing up for our Services via our website, or by signing our Customer or Reseller Agreement, you agree to the processing or sub-processing of your Personal Data (if any) by us (such processing or sub-processing being inherent in the nature of our Services).
The duration of such processing or sub-processing can be chosen by you via the retention setting feature of our Services. On termination of your Free Trial or Customer or Reseller Agreement, we will delete your account and your data within 30 days.
When using our Services, your data is encrypted and so we cannot determine the type of Personal Data that may be contained within, or any data subjects categorised in, your Trial or Protected Data.
We, as a Processor or Sub- Processor, and in the context of any Personal Data provided by you in the context of our Services, shall:
- only process or sub-process your Personal Data in accordance with your written (including email) instructions;
- implement appropriate technical and organisational measures to protect your Personal Data;
- delete your data within 30 days of the termination of the Services;
- keep your Personal Data confidential and take reasonable steps to ensure that all our staff are aware of their confidentiality obligations in relation to same;
- if we engage any sub-processor, we shall only do so where we have entered into a written contract with them containing appropriate protections and we shall also notify you of any such engagement;
- notify you as soon as possible in the event of any Personal Data breach;
- if requested by you (and at your cost), assist you, where relevant and reasonable, in complying with your data protection obligations including in relation to Personal Data impact assessments, data subject access requests, submitting to audits and notifying breaches to the relevant authorities.
Nothing in this Policy shall relieve you of your own obligations, responsibilities and liabilities under applicable data protection and data privacy law.
8. TRANSFER OF DATA
If you are based in the European Union, we do not transfer or process your Trial Data or Protected Data outside the European Economic Area. If you are based outside the European Union, (i) your Trial Data or Protected Data will be transferred to, and processed (or sub-processed) in, Ireland or the United Kingdom and (ii) your account and billing information may be stored in the European Union.
Trial Data and Protected Data is stored on servers fully operated and controlled by us in our UK data centre. Once your Trial Data or Protected Data has been transmitted to our datacentre, it is not transmitted out of country.
Your Personal Data (other than any as may be contained in your Trial Data or Protected Data), may be transmitted to third party service providers located in countries outside the European Economic Area. Your submission of any Personal Data to us represents your agreement to the transfer and processing of such data as outlined in this Policy.
DataBunker will take all steps reasonably necessary to ensure that the Personal Data you submit to us is treated securely and in accordance with this Policy. No transfer of Personal Data will take place to an organisation or country unless there are adequate controls and contractual provisions in place including in relation to the security of such data.
9. LINKS TO OTHER SITES
Our Site may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites. We advise that your review the privacy policies of any third party sites you visit.
10. SENSITIVE PERSONAL DATA
We will not ask you for sensitive Personal Data (i.e. information relation to race or ethnic origin, political opinions, religious beliefs, physical or mental health, trade union membership, criminal records or sexual orientation). Please do not provide any such information to us.
11. CHILDREN’S PRIVACY
Our Site does not address anyone under the age of 13 (a ”Child”).
We do not knowing collect Personal Data from anyone under the age of 13. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without consent, we take steps to remove that information from our servers.
12. YOUR RIGHTS
You may have certain rights in relation to any Personal Data we may hold about you. These include the right to request access to your Personal Data, to request that it is erased, that its processing is restricted or that inaccurate Personal Data is rectified. You have the right to data portability of the Personal Data you provide to us. You may also have the right to complain about the use of your Personal Data to the data protection regulator. We may require proof of your identity before assisting you with the exercise of any rights you may.
Whenever possible, you can update your information directly within your account settings. If you care unable to change your information, please contact us for assistance.
13. CHANGES TO THIS POLICY
We may change this Policy from time to time. If we make changes, we will notify you by revising the date at the top of this Policy, and if the changes are significant, we may provide you with additional notice such as adding a statement to the homepage of the Site or sending you an email with the update. We advise you to review this Policy periodically for any changes.
In this Policy:
“Controller” means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any Personal Data is, or is to be, processed
“Personal Data” mean any information relating to an identifiable individual who can be directly or indirectly identified in particular by reference to an identifier.
“process”, “processing” and “processed” means anything that is done to, or with, Personal Data (including collecting, storing or deleting that data)
“Processor” means any person or entity that processes Personal Data on behalf of a Controller (other than employees of the Controller)
“Sub-Processor” means any person or entity that processes Personal Data on behalf of a Processor.
15. CONTACT US
If you have any queries regarding this Policy, please contact us by email at firstname.lastname@example.org.