Effective Date: November 25, 2019
This Privacy Notice describes how Cloud9 Technologies, LLC, for itself or on behalf of any of its wholly-owned subsidiaries Cloudnimbus Holdings Ltd., Jetstream Technologies PTE, Ltd., and Jetstream Technologies (HK) Ltd (“Cloud9”), collects and uses the personal information you provide or that is generated on our websites or mobile applications (the “Site”) or in connection with our services (the “Services”). It also describes options that may be available to you regarding the use of, your access to, and updating or correcting your personal information. Note that this Privacy Notice does not apply to any third-party websites or services, including those you reach through links we have provided on the Site. We encourage you to request and review the privacy policies of any third party prior to disclosing information to such party.
In connection with the Site, Cloud9 may collect and process personal information that you provide to us or that pertains to your use of the Site (“Site User Information”) or that we require our clients to provide in order to use the Services (“Registration Information”). Cloud9 Technologies, LLC, whose principal office location is 565 5th Ave, New York, NY 10017, is the “data controller” of Site User Information and Registration Information for purposes of European or other applicable law.
Separate from the Site User Information and the Registration Information, Cloud9 collects and otherwise processes personal information in the course of providing services to its clients (“Service User Information”), but such processing is performed under the direction of its Clients, and Cloud9 has no direct relationship with the individuals whose personal information is processed. Cloud9 is a “data processor” of Service User Information for purposes of European or other applicable law.
In the normal course of the Services, we transfer Service User Information (such as the content of communications) to individuals as directed by users of the Service, and to third parties that help or are necessary for us to provide our service. Transfers to such third parties are further addressed in the service agreements with our clients.
- The Types of Personal Information We Collect and Use
- Site User Information
- Registration Information
- Service User Information
- Cookies and Similar Technologies
- Cookies We Use
- How We Share Your Personal Information
- Where We Store Personal Information; How We May Transfer Personal Information; Retention
- How Personal Information is Protected
- User Access and Choice
- Children’s Privacy
- Contact Us
- Privacy Notice Updates
- Links to Other Websites
The Types of Personal Information We Collect and Use
Site User Information
In connection with the operation of the Site, we may collect and use the following Site User Information about you:
- Information you provide: You may give us information about you by using our site or by corresponding with us by phone or e-mail concerning the Site, or using interactive features that we may include on the Site for the purpose of receiving and responding to your comments, inquiries, or expressions of interest in our products and services. Under European Union (EU) and other law, if and where applicable, the legal basis for the processing of data in connection with these communications is performance of a contract or to take steps at your request towards the possibility of a contract. We may use the information you provide to contact you regarding products, services, and company or business partner news that we believe may be of interest to you, and, under EU or other law, if and where applicable, we do so based on our legitimate interests in marketing and subject to your right to contact us and opt-out of such marketing.
We collect and maintain contact information including name, company, work phone number, and email address for primary client users whose registration information is maintained by us under a given account. For those users, we may collect and maintain business contact information, such as name, job title, company name, and work email address, phone number and postal address, as well as username and encrypted password for use of the Services. Under EU and other law, if and where applicable, the legal basis for the processing of this data in connection with these communications is to provide the Services to you and/or performance of a contract.
Service User Information
Where you use our Services under the account of our client, we process the following Service User Information on behalf of our client:
- audio content from communications you initiate or receive, and any transcriptions of those communications; and
information about those communications, such as when placed, by whom, and how long they lasted.
- You should contact the company (our client) that authorized your use of the Services with any questions you may have concerning this personal information, which we process on that company’s behalf.
Cookies and Similar Technologies
With respect to any social media pages that we may use, please see the privacy policies and any cookie policies of the applicable social media providers as to their automatic data collection practices.
As indicated above, we, like many other website operators, currently use Google Analytics to collect and process certain Site usage data. To learn more about Google Analytics and how to opt out, please visit https://policies.google.com/technologies/partner-sites.
We do not rent, sell, or share “personal information” as defined by California Civil Code §1798.83 about you that we collect on the Site with other people or unaffiliated companies for their direct marketing purposes.
Cookies We Use
We use the following cookies on this Site, as indicated:
|Report on the usage analytics of this Site.||https://policies.google.com/technologies/partner-sites|
|YouTube||To provide and report on usage of videos viewed from YouTube on this Site.||https://policies.google.com/technologies/partner-sites|
|Hubspot||Help us monitor and manage traffic on this Site.||https://legal.hubspot.com/privacy-policy|
How We Share Your Personal Information
We do not sell or otherwise share personal information about you, except as described in this Privacy Notice. We may share personal information with third parties who perform services for us or on our behalf, and we may share Service User Information with third-party distributors and other business partners to enable them to provide you with Cloud9 Services. These third parties are not authorized by Cloud9 to use or disclose personal information except as necessary to perform services to or on behalf of Cloud9 or comply with legal requirements, and they are subject to confidentiality and non-disclosure obligations in our agreements with them to protect your personal information. These services may include:
- Fulfilling orders and delivering packages
- Providing customer service
- Sending marketing communications
- Fulfilling subscription services
- Conducting research and analysis
- Providing cloud computing infrastructure and other IT services
In addition, we may share your personal information as required by law, such as in response to a subpoena or other legal process, to establish or exercise our legal rights, to defend against claims, or to protect the safety or security of the public or of users of this Site or our Services, investigate fraud, or respond to a government request.
To the fullest extent permissible under applicable law, Cloud9 reserves the right to transfer any personal information (i.e., including both Site User Information and Service User Information) in the event that Cloud9 sells or transfers all or a portion of the Cloud9 business or assets (including in the event of a reorganization, dissolution or liquidation).
If you are located in the EU, the following also applies:
We have concluded data processing agreements with each relevant service provider in accordance with the EU General Data Protection Regulation. Beyond that we only share or disclose your personal information to the extent required to provide the Services or to sell or transfer the relevant Cloud9 business or assets, either on basis of our legitimate interests or with your prior express consent.
Where We Store Personal Information; How We May Transfer Personal Information; Retention
This Site is operated from and Site User Information and Registration Information is stored in the United States of America. We store Service User Information and Registration Information in our AWS cloud infrastructure located in the United States of America and in some instances in the jurisdiction or region where our clients operate. Where applicable, we may rely on our Privacy Shield self-certification or on Standard Contractual Clauses approved by the European Commission to transfer personal information from the European Economic Area (EEA). Please see information below regarding your rights under our Privacy Shield certification.
We retain Service User Information as specified by our clients and otherwise for as long as needed to provide services to our client or to meet any applicable legal requirements or resolve disputes. We maintain Site User Information and Registration Information for so long as needed for the business purposes for which such information is collected, and in keeping with our record retention policies.
How Personal Information is Protected
Cloud9 maintains administrative, technical and physical safeguards (including technical and organizational measures) designed to protect personal information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
We require that our service providers implement and maintain appropriate security practices and procedures. Nevertheless, please be aware that Internet transmissions are never completely private or secure. If you have any questions about the security of your personal information, you can contact us at firstname.lastname@example.org.
User access and choice
Certain jurisdictions impose specific legal requirements and data subject rights with respect to personal information, and we will comply with restrictions and any requests you submit as required by applicable law. For example, you may have the right to review, correct, and delete personal information we have about you, or to consent or withdraw consent to certain uses or sharing of personal information. When you make a request, we may require that you provide information follow procedures so that we can validate a request you make before responding to it. We will respond to your request within the time period required by applicable law. However, we may not always be able to fully comply with your request, and we will notify you in that event. As permitted by applicable law, we may charge a reasonable fee to help cover the cost of responding to your request, and we will inform you of the fee before completing your request. Specific provisions for some jurisdictions are set forth below.
For California Residents:
If you are a California resident, you may have certain rights in relation to our processing of Site User Information as to which we are a “business” under the California Consumer Privacy Act (“CCPA”). Note that we do not “sell” personal information as that term is defined by the CCPA. Under the CCPA, California residents have, with respect to Site User Information and Registration Information:
- The right to request more information about our data collection and sales practices in connection with your personal information.
- The right to request a copy of the specific personal information collected about you during the 12 months before your request (together with the above, a “personal information request”). You may only make a personal information request twice in a 12-month period, and we will respond within 45 days of receiving a personal information request.
- The right to request that personal information be deleted (with exceptions).
- The right to request that your personal information not be sold to third parties.
- The right not to be discriminated against because you exercise any of these rights.
For European Economic Area (EEA) Data Subjects:
If you are located in the EEA you have certain rights in relation to our processing of Site User Information and Registration Information as to which we are a “controller” under the EU General Data Protection Regulation (“GDPR”), as follows:
- Right to information. We will provide you with information about how we process your personal information. This Privacy Notice is designed in part to fulfill this obligation.
- Right to access. You may request that we confirm whether we process personal information concerning you, and if we do process such information, to give you access to such information and more detailed information about the associated processing activity.
- Right to data portability. If personal information processing is carried out by automated means and the legal basis for the processing activity is consent or performance of a contract, you may be entitled to request that we provide you with a subset of your personal information in a structured, commonly used, and machine-readable format. In certain circumstances, you may also ask us to send the subset of your personal information directly to another data controller (e.g., another company).
- Right to rectification. We seek to ensure that the personal information we are processing is accurate and up-to-date. If you discover that the personal information, we process about you is inaccurate or incomplete, you may ask us to rectify or complete the personal information.
- Right to erasure. You may request that we delete your personal information in the following situations:
- the processing is based on your consent and this consent is withdrawn (and there is no other legal basis for the processing);
- you object to the processing and there are no overriding legitimate interests for continuing the processing;
- the personal information was unlawfully processed; or
- the personal information has to be erased in order to comply with a legal obligation.
- The right of erasure does not apply if further retention of the personal information in question is necessary for compliance with a legal obligation (e.g., bookkeeping obligations), or for the establishment, exercise, or defense of legal claims.
- Right to restriction. You may request that we (temporarily) restrict the processing of your personal information in certain situations – e.g., if you contest the accuracy of your personal information which we process, or you are of the opinion that we do not have a sufficient legitimate interest for a processing activity.
- Right to objection. In certain circumstances (e.g., where the legal basis for processing is a legitimate interest or if we are performing direct marketing), you may object to continued processing for those purposes. If you do so, we will re-evaluate our legitimate business interests and your data protection interests. We will only continue the processing activity if (i) there are compelling legitimate grounds for the processing that override your interests, rights and freedoms, or (ii) the processing is necessary to establish, enforce or defend legal claims.
- Right to lodge a complaint. We prefer to resolve any data protection concerns directly with you. However, if you are of the opinion that we do not comply with the data protection obligations set forth in the GDPR, you have the right to submit a complaint with a supervisory authority in the EEA country where you reside, work, or suspect an infringement has occurred.
For additional information from the European Commission concerning data protection and your rights, see: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en.
It is our policy and intention to comply with all applicable legal requirements in a given jurisdiction with respect to privacy and data protection. If you would like to assert any legal rights as a data subject or have questions concerning our processing activities, please contact us at email@example.com or by calling 1-866-753-4239. Note that, to process certain requests, we will need to collect information from you so that we can verify your identity.
This Site and all Services are intended for adults. Accordingly, we do not knowingly collect information from any person under the age of eighteen.
If you have questions about this Privacy Notice, or if you would like to request that we update or correct any information that you have provided to us or submit a complaint, please send an email to firstname.lastname@example.org or you may contact us by mail at:
Attn. Legal Department
565 5th Avenue, 17th floor
New York, NY, 10029
Privacy Notice Updates
We may make changes to this Privacy Notice from time to time, and the revised version will be effective when it is posted and will apply to personal information received after that date. If we make any material changes, we will provide notice of such changes on the Site for a reasonable period of time (which we estimate will be approximately two weeks). We encourage you to review this Privacy Notice periodically, especially if you don’t visit the Site regularly.
Links to Other Websites
This Site may provide links to other websites for users’ convenience and information. Please remember that linked websites may have their own privacy notices or policies, which you should review. We are not responsible for the content or privacy practice of any website that is not operated by us.
PROVISIONS REGARDING EU – U.S. AND SWISS – U.S. PRIVACY SHIELD FRAMEWORK
Cloud9 participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to handling all personal information received from EU member countries and Switzerland, respectively, in accordance with the Principles of these Privacy Shield Frameworks. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List.
Cloud9 complies with the Privacy Shield Principles for all onward transfers of personal information from the EU and Switzerland, including the onward transfer liability provisions. Cloud9 is responsible for the processing of personal information it receives under each Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf.
With respect to personal information received or transferred pursuant to the Privacy Shield Frameworks, Cloud9 is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
Note that, in certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern related to the Privacy Shield Framework and our certification that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Please take note of the following rights that we extend to individuals with respect to personal information that is covered by our Privacy Shield self-certification (in addition to any other rights that you may have under applicable law):
- Marketing. You have the right to ask us to refrain from processing your personal information for marketing purposes, using functionality that we make available or by contacting us as indicated below. Note that we do not process any Service User Information for marketing purposes.
- Data rights. To the extent required under the Privacy Shield Framework and permitted under applicable law (and, as to Service User Information, as may be further addressed under our agreements with our clients), you have the right to access information we hold about you, to rectify information held about you that is inaccurate, to receive a copy of the data we hold about you in a structured, commonly used and machine-readable format, and to request the deletion of certain personal information held about you.
- Questions and Complaints. If you have a question or wish to make a complaint about how we process your personal information, please contact us in the first instance at email@example.com and we will endeavor to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with your data protection authority.