Last updated: September 01, 2020
- Definitions. For the purposes of this Policy:
- Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
- Data Protection Law means the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR), as and to the extent applicable to You or Us.
- Personal Data means the information about You, as such term is defined and used in the applicable Data Protection Law.
- Site means Our website at https://mondoo.com and the on-line accessible parts of Our platform.
- We/Us/Our means Mondoo, Inc. a Delaware corporation operating in San Francisco, California and Berlin, Germany.
- You/Your means, as applicable, either the individual accessing or using the Site or the organization on behalf of which the Site is accessed or used. When multiple users of the same organization use the Site, the term "You" refers to the users collectively except where context requires reference only to an individual.
- Our Information Collection
- Types of Data. We collect various types of information from and about You as a user of the Site, including:
- Personal Information by which You can be personally identified, such as Your name, e-mail address and other of Your contact details that You provide to Us; and
- Other Information related to You but doesn't identify You individually, such as details about Your internet connection, equipment You use to access the Site and other usage data related to You.
- Types of Collection. We collect information directly from You when You provide it to Us (for example: when You establish Your account on the Site), automatically as You navigate through the Site (including information collected from Cookies and other tracking technology used by Us or Our third party providers), and from third parties You authorize to share information with Us (for example: from the technologies with which You integrate or in which You use Our platform).
- Cookies & Tracking Technologies. We use session and persistent Cookies and similar tracking technologies to track activity on the Site and We store certain of this Cookie information. Tracking technologies We use are beacons, tags, and scripts to collect and track information and to improve and analyze Our Site. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of the Site. Our Site does not operate Do Not Sell or Do Not Contact functions.
- Use of Your Personal Data. We may use Your Personal Data for the following purposes:
We may also use Your information to contact You about Our own products and services that may be of interest to You. If You do not want Us to use Your information in this way, You can elect not to be contacted for this purpose by e-mailing Us.
- to present the Site and its contents to You;
- to provide You with information, products, or services that You request from us
- to fulfill any other purpose for which You provide it;
- to provide You with notices about Your account or about changes to the Site;
- to meet Our obligations and enforce Our rights under contracts entered into between You or Your organization and us;
- to allow You to participate in interactive features on the Site;
- in any other way We may describe when You provide the information; and
- for any other purpose with Your specific consent.
- Disclosure of Your Personal Data. We may disclose and/or transfer Your Personal Data to others in the following situations:
- With Our Providers: with certain third parties that assist Us in operating the Site and otherwise conducting Our business. These third parties need Personal Data to monitor and analyze the use of Our Site, to show advertisements to You to help support and maintain Our Site, to contact You, to advertise on third party websites to You after You visited Our Site, or to process Your payments for Our paid offerings. Further details about these third parties are included in this Policy below
- For Business Transfers: in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
- With Our Affiliates: including Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us for purposes of fulfillment of Our obligations to You under the Terms of Service or other agreement between You and Us.
- With Other Users: when You share personal information or otherwise interact in the public areas of Our Site with other users, such information (including Your Personal Data, where applicable) may be viewed by all users and may be publicly distributed within or outside Our Site.
- With Consent: for any other purpose not listed here if We have obtained Your consent;
- For Security Purposes: if We believe disclosure is necessary or appropriate to protect the rights, property, or safety of Our company or Our personnel, customers, or others, We may share or transfer Your Personal Data.
- Retention of Your Personal Data. We will retain and use Your Personal Data (i) for as long as is reasonably required for the purposes set out in this Policy; and (ii) for so long as, and to the extent necessary, to comply with Our legal obligations (for example, if We are required to retain Your Personal Data to comply with Data Protection Law), resolve disputes, and enforce Our legal agreements and policies. We may also retain Usage Data related to You for analysis purposes and to improve the functionality of Our Site. Your personal information that We use for marketing purposes will be kept until You notify Us that You no longer wish to receive marketing communications from Us.
- Security of Your Personal Data. The security of Your Personal Data is important to Us. The Site is hosted on secure servers provided by Our hosting services provider in the United States and We have implemented other reasonable and appropriate measures to secure Your Personal Data from accidental loss and from unlawful or unauthorized access, use, alteration, and disclosure. While We strive to protect Your Personal Data, We cannot guarantee its absolute security. The safety and security of Your information also depends on You and the ways and manners in which You use the Site (for example: You are responsible for keeping Your account password confidential). For additional details about Our security measures, please contact Us.
- E-mail Marketing. We may use Your Personal Data to contact You with newsletters, marketing or promotional materials and other information that may be of interest to You. You may opt-out of receiving any, or all, of these communications from Us by following the unsubscribe link or instructions provided in any e-mail We send or by contacting Us. We use Mailchimp to perform and manage Our e-mail marketing functions. Their services and privacy practices can be reviewed on their website at https://mailchimp.com/legal/privacy/
- Legal Compliance. While We provide Our services to customers throughout the world, We handle certain data in the US. We recognize that the European Union and the State of California, USA have established protections regarding the handling of Personal Data. We are committed to processing personal data in accordance with Our obligations under the Data Protection Laws.
- If You are based in the EU or are otherwise directly or indirectly subject to EU data protection laws, including the General Data Protection Regulation 2016/679 ("GDPR"), upon request by You, We will execute and comply with the applicable standard contractual clauses approved by the European Commission. Our committed requirements to GDPR compliance include: operating as a data "process" (or "subprocessor", as applicable); processing customer personal data only in compliance with customer instructions, and promptly informing customers if We cannot comply; promptly notifying customers if We have any reason to believe that law applicable to Us would prevent Us from complying with customer processing instructions; implementing and maintaining specific and appropriate technical and organizational security measures to protect personal data; promptly notifying Our customers about any legally binding request for disclosure of personal data by law enforcement, any accidental or unauthorized access to personal data, or any request received by Us from an EU-based individual whose personal data We may be processing pursuant to the customers' instructions; submitting Our data processing facilities to audit; obtaining consent from Our customers for Our use of any service providers who will be processing any personal data; and ensuring that Our service providers agree in writing to comply with these requirements.
- If You are in based in California or are otherwise subject to the California Consumer Privacy Act ("CCPA"), please note that We do not intend to sell Your data to any parties. As such, We endeavor to complete contracts with Our services providers in compliance with the legal requirements, inclusive of such providers instituting Do Not Sell mechanism where applicable to their exchange of personal information about You.
- Children's Privacy. Our Site is not intended for use by anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If We discover that We have collected or received personal information from or about a child under 13 without verification of parental consent, We will delete that information. If You believe We might have any information about a child under 13, please reach out via the method(s) listed in the "Contact Us" section below.
- Contact Us. If You have any questions about this Policy or Our practices related to Your information in connection with the Site, You can contact Us via e-mail at firstname.lastname@example.org.