We provide important information for individuals located in the European Union, European Economic Area, Switzerland and United Kingdom (collectively, “Europe” or “European”) below.
FROM WHOM WE COLLECT PERSONAL INFORMATION
Our customers. Those who register on their own or on behalf of an entity or organization to use any of our Services (as defined below), including administrators on a customer account. For the purposes of this Policy, “Services” shall refer to all products or service offerings made available by us.
Our website Visitors. Individuals who visit our Websites and who may volunteer certain contact data (such as their email address) to receive communications from us. For the purposes of this Policy, “Websites” shall refer collectively to pinecone.io. For clarity, “Websites” does not include any sites owned or operated by our customers.
WHAT PERSONAL INFORMATION WE COLLECT.
We collect personal information directly from you through your use of our Websites. This information may include:
- Business contact data, such as your name, email address, and phone number. If you choose to log in, access or otherwise connect to the Services through networking service (such as Google or GitHub), we may collect your user ID and/or username associated with that social networking service, as well as any information you make public using that social networking service or that the social networking service allows us to access.
- Employment information, such as your employer’s name and job title.
- Location information, such as when you authorize our Websites to access your general location information such as city, state or geographic area.
- Feedback or correspondence, such as information you provide when you contact us with questions, feedback, or otherwise correspond with us online.
- Usage information, such as information about how you use the Websites and interact with us, including information associated with any information you provide when you use any features of the Websites.
- Marketing information, such as your preferences for receiving communications from us and details about how you engage with our communications.
Information we obtain from social media platforms.
Information that we obtain from other third parties.
We may receive personal information about you from third-party sources. For example, a business partner may share your contact information with us if you have expressed interest in learning specially about our services. We may obtain your personal information from other third parties such as marketing and advertising partners, publicly-available sources and data providers.
Website visitors may have the opportunity to refer contacts to us. You may only submit a referral if you have permission to provide the referral’s contact information to us so that we may contact them.
Use of Information
To operate the Websites. We may use personal information to operate the Websites and to provide related services, including to:
- provide, operate and improve the Websites;
- provide information about our services and product offerings;
- enable security features of the Websites;
- understand your needs and interests, and personalize your experience with the Websites and our communications;
- respond to your requests, questions and feedback;
- protect the security of the Websites and our systems; and
- provide you with customer support when needed.
For research and development. We may analyze use of the Websites to evaluate and improve the Websites, including by studying user demographics and use of the Websites.
Advertising. We may also work with third-party advertising partners to collect statistics about the usage of our Websites, perform analytics, deliver content which is tailored to your interests and administer services to our Users, advertisers, publishers, customers and partners.
To comply with law.. We may use your personal information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal process, such as to respond to subpoenas or requests from government authorities.
For compliance, fraud prevention and safety . We may use your personal information and disclose it to law enforcement, government authorities, and private parties as we believe necessary or appropriate to: (a) protect our, your or others’ rights, privacy, safety or property (including by making and defending legal claims); (b) enforce the terms and conditions that govern the Websites; and (c) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.
With your consent. In some cases, we may specifically ask for your consent to collect, use or share your personal information, such as when required by law.
To create anonymous, aggregated or de-identified data. We may create anonymous, aggregated or de-identified data from your personal information and other individuals whose personal information we collect, by removing the information that makes the data personally identifiable to you. We may use and share such anonymous, aggregated or de-identified data for any purpose we deem appropriate, such as to maintain and improve the Website.
To send you marketing and promotional communications . We may send you Pinecone-related marketing and promotional communications about the products or services that we offer. You will have the ability to opt-out of our marketing and promotional communications as described in the “Options” section below.
Sharing of Information
We may share personal information with the following categories of recipients:
Service providers. We work with service providers that work on our behalf that may need access to certain Personal Data in order to provide their services to us. These companies may include, but are not limited to, cloud storage providers, analytics services, fraud prevention, identity verification providers, etc. We may share your personal information with third-party companies and individuals that provide services on our behalf or help us operate the Websites (such as customer support, hosting, analytics, email delivery, marketing and database management services).
Payment processors. We share your payment information with third party payment processors, for the purpose of facilitating your payments when using our Services. These third parties may have access to your Personal Data so that they may perform these tasks on our behalf;
Third party advertisers. We may partner with third parties to either display advertising on our Services or to manage our advertising on other websites or apps. Our third party advertisers may use Tracking Technologies to gather information about your activities on our Services and other websites and apps in order to provide you advertising based upon your browsing activities and interests;
Third Party Integrations. The Services allow you to integrate with certain third-party services, such as in order to connect your Facebook or Apple account to our Services or to place purchases, in which case you will be bound by the terms and conditions and privacy notices of said third parties (e.g., Google or GitHub). Please make sure that you read and accept them in advance. We do not receive or store your passwords for any of these third party services;
Professional advisors. We may share your personal information with professional advisors, such as lawyers, auditors, bankers and insurers, where necessary in the course of the professional services that they render to us.
Authorities and others. We may share your personal information with law enforcement, government authorities, and private parties, as we believe in good faith to be necessary or appropriate for the compliance, fraud prevention and safety purposes described above.
Business transferees. We may share your personal information with relevant participants in business transactions (or potential transactions) involving a corporate divestiture, merger, consolidation, acquisition, reorganization, sale or other disposition of all or any portion of the business or assets of, or equity interests in, (including, in connection with a bankruptcy or similar proceedings).
Access or update information. If your personal information changes, or if you no longer desire to have a relationship with us, you may correct or update by emailing email@example.com. We will respond to your request within a reasonable timeframe.
Information about Children
Our Websites are not directed to children under 16. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at firstname.lastname@example.org. We will delete such information from our files as soon as reasonably practicable.
We maintain various physical, electronic and procedural safeguards designed to protect the personal information we collect. However, security risk is inherent in all internet and information technologies and we cannot guarantee the security of personal information.
International Data Transfers
We are headquartered in the United States and may have service providers in other countries, and your personal information may be transferred to the United States or other locations outside of your state, province, or country where privacy laws may not be as protective as those in your state, province, or country.
European users should read the important information provided in the “Notice to European Users” section to learn more about transfer of personal information outside of Europe.
Pinecone Systems, Inc548 Market StPMB 19327San Francisco, CA 94104-5401
Notice to European Users
The information provided in this “Notice to European Users” section applies only to individuals in Europe.
|Processing purpose (click link for details) Details regarding each processing purpose listed below are provided in the section above titled “Use of Personal Information”.
|Processing is necessary to perform the contract governing our provision of services to you or to take steps that you request prior to entering an agreement for our services. If we have not entered into a contract with you, we process your personal information based on our legitimate interest in providing our services (including our Website) to you.
|These activities constitute our legitimate interests. We do not use your personal information for these activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). Processing activities are necessary for the performance of a contract to which you are a party or a representative of a party.
|The legal bases for processing this data are the performance of our contractual obligations towards you; your consent (for example, when you provide Personal Data); compliance with our legal obligations; and our legitimate interests. Our legitimate interests in this case are enforcing our policies, protection against fraud and misuse of our Services.
|The legal bases for processing this data are your consent (where required) and our legitimate interests. Our legitimate interests in this case are providing you with tailored services, content and advertisements that better correspond with your interests.
|Processing is necessary to comply with our legal obligations.
|Processing is based on your consent. Where we rely on your consent you have the right to withdraw it any time in the manner indicated when you consented.
Sensitive personal information
We retain personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, to establish or defend legal claims, or for fraud prevention purposes. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. When we no longer require the personal information we have collected about you, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. If we anonymize your personal information (so that it can no longer be associated with you), we may use this information indefinitely without further notice to you.
European data protection laws give you certain rights regarding your personal information. If you are located within Europe, you may ask us to take the following actions in relation to your personal information that we hold:
- Access. Provide you with information about our processing of your personal information and give you access to your personal information.
- Correct. Update or correct inaccuracies in your personal information.
- Delete. Delete your personal information.
- Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. Restrict the processing of your personal information.
- Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You may submit these requests by email to email@example.com or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or our response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
End users: We have no direct relationship with end users. Even where we may be indicated as the authoritative name server for a domain, unless we are the owner of that domain, we have no control over a domain’s content. Accordingly, we rely on our customers to comply with the underlying legal requirements for subject access requests. If an End User requests that we access, correct, update, or delete their information, or no longer wishes to be contacted by one of our customers that use our services, we will direct that End User to contact the customer website(s) with which they interacted directly. Our customers are solely responsible for ensuring compliance with all applicable laws and regulations with respect to their website users.
Cross-Border Data Transfer
Whenever we share personal information originating in the EEA, the UK or Switzerland with a Pinecone entity located outside the EEA, the UK or Switzerland, we do so in accordance with the EU standard contractual clauses or other applicable frameworks..
General Data Protection Regulation (GDPR) – European Representative
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Pinecone Systems, Inc has appointed European Data Protection Office (EDPO) as its GDPR Representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:
- by using EDPO's online request form https://edpo.com/gdpr-data-request/
- by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium
UK General Data Protection Regulation (GDPR) - UK Representative
Pursuant to Article 27 of the UK GDPR, Pinecone Systems, Inc has appointed EDPO UK Ltd as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
- by using EDPO's online request form https://edpo.com/uk-gdpr-data-request/
- by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom