Modified and Effective on April 29, 2021
apilayer Data Products GmbH (the “Company”), is committed to respecting and protecting the privacy of our customers, partners, webinars attendees and website visitors. Specifically, we do not sell, rent or trade email lists with other companies for marketing purposes. In this Privacy Statement we describe the Company’s privacy practices in relation to the use of the Company’s Website (as defined below) and the related applications, services, products and programs offered by the Company (collectively, “Services”), as well as individuals’ choices regarding use, access and correction of personal information.
If you have questions or complaints regarding the Company’s Privacy Statement or associated practices, please contact us at [email protected].
1. Websites covered
This Privacy Statement covers the information practices, including how the Company collects, uses, shares and secures the personal information you provide to its website and any other website the Company manages and controls (the “Apilayer Website”).
2. Collection of Personal Information
Personal information means any information that may be used to identify you, such as, your name, title, phone number, email address, or mailing address.
In general, you can browse our website without giving us any personal information. We use web analytics software to analyze traffic to this web site in order to understand our customer’s and visitor’s needs and to continually improve our site for them. This software collects only anonymous, aggregate statistics.
If you want to subscribe to a periodic communication such as a newsletter, we ask you to simply provide your business email address (“Optional Information”). Additional activities on our site may require you to be registered, for example, to read a white paper, download trial or free software, when you express an interest in obtaining additional information about the Services or register for an event. As part of the registration process, we may ask you for additional personal information, such as name, company name, address, phone number, and email address (“Required Information”). We use that information for several general purposes: to tell you about products and services if you so request, to fulfill your request, to contact you if we need to obtain or provide additional information; to verify the accuracy of our records, to contact you regarding customer satisfaction surveys.
For our downloadable software products, as part of the Required Information, on installation and execution, some of our products may send the Company certain information for software updates, auditing and license compliance verification, including product version and edition, number of copies of the product in use by licensee, machine information, IP address, license key, information about the operation system and/or user environment where the product is installed, serial numbers and other related information. Solely for our software as a service products, as part of the Required Information and in order to provide the Services to you, we store all the content you provide, including but not limited to accounts created for team members, files, analyses you have executed, project information, such as, action plans you have created, and any other information that you provide to the Services you use.
When purchasing Services or registering for an event, the Company may also require you to provide your billing information, such as billing name and address, credit card number (“Billing Information”). Some activities require additional personal information. For example, to fulfill online orders for products, we require you to enter credit card information. When visitors of Apilayer’s Website apply for a job with the Company, the Company may also require you to submit additional personal information as well as a resume or curriculum vitae (“Applicant Information”). Required Information, Optional Information, Billing Information, Applicant Information and any other information you submit to the Company through the Services or information provided to you by the Company through your use of the Services (e.g. license key) are referred to collectively as “Data.”
As you navigate Apilayer’s Website, the Company may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons. Website Navigational Information as defined in Section 7 below, includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on Apilayer’s web pages viewed and the links clicked). For additional information about the collection of Website Navigational Information by Apilayer and others, please see Section 7 below.
3. Use of Personal Information and The Legal Bases on Which We Rely
Managing user registrations. If you have registered for an account with us, we process your Data by managing your user account for the purpose of performing our contract with you according to applicable terms of service.
Promoting the security of our Websites and Services. The Company processes your Data by tracking use of its Website and Services, creating aggregated, non-personal data, verifying accounts and activity, investigating suspicious activity and enforcing our terms and policies, to the extent this is necessary for our legitimate interest in promoting the safety and security of the services, systems and applications and in protecting our rights and the rights of others. For example, to check for license compliance validation either using the license key or your account details. Some software products can also use license information to inform you of the availability of applicable updates.
Developing and improving our Websites and Services. We process your Data to analyze trends and to track your usage of and interactions with our Website and Services to the extent it is necessary for our legitimate interest in developing and improving our Website and Services and providing our users with more relevant content and service offerings, or where we seek your valid consent.
Handling contact and user support requests. If you fill out one of our web forms or request user support, or if you contact us by other means including via a phone call, we process your Data to perform our obligations under the contract we have with you and to the extent it is necessary for our legitimate interest in fulfilling your requests and communicating with you via emails and in-app messages, including to notify you when analyses have been finished, to remind you of subscription expirations and to send you technical notes, updates and new versions, security alerts and administrative messages.
Reviewing compliance with applicable usage terms. We process your Data to review compliance with the applicable usage terms in our customer’s contract to the extent that it is in our legitimate interest to ensure adherence to the relevant terms.
Assessing and improving user experience. The Company processes device and usage data as described in Section 7 below, which in some cases may be associated with your Data, in order to analyze trends, assess and improve the overall user experience to the extent it is necessary for our legitimate interest in developing and improving the service offering, or where we seek your valid consent. In addition, the Company uses Website Navigational Information to operate and improve the Company’s Websites. The Company may also use Website Navigational Information alone or in combination with Data about customers and Data about webinar attendees to provide personalized information about the Company. For additional information about the use of Website Navigational Information, please see the Section 7 below.
Managing event registrations and attendance. The Company also uses Data about webinars attendees to plan and host corporate events, host online forums and social networks in which you have registered or that may participate, including sending related communications to you, to perform our contract with you. Additional information on the Company’s privacy practices with respect to Data about webinars attendees may be found in additional privacy statements on the event Websites, as the case may be. The Company may also use Data about customers and webinar attendees for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information about the Company and its affiliates product recommendations related to our contract with you or your interest. The Company may also receive information about customers and attendees from other sources, including third parties from whom we have purchased data, and combine this information with Data we already have about you.
Managing contests or promotions. If you register for a contest or promotion, we process your Data to perform our contract with you. Some contests or promotions have additional rules containing information about how we will process your Data.
Assessing capacity requirements. The Company processes your Data to assess the capacity requirements of its services to the extent that it is in its legitimate interest to ensure that it is meeting the necessary capacity requirements of its service offerings.
Identifying customer opportunities. The Company processes your Data to assess new potential customer opportunities to the extent that it is in its legitimate interest to ensure that it is meeting the demands of its customers and their users’ experiences.
Displaying personalized advertisements and content. We process your Data to conduct marketing research, advertise to you, provide personalized information about us on and off our websites and to provide other personalized content based upon your activities and interests to the extent it is necessary for our legitimate interest in advertising our websites or, where necessary, to the extent you have provided your prior consent, which can be withdraw at any time without having to provide any specific reason for such objection.
Sending marketing communications. We will process your Data to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, telemarketing calls, SMS, or push notifications) about us and our affiliates and partners, including information about our products, promotions or events as necessary for our legitimate interest in conducting direct marketing or to the extent you have provided your prior consent, which can be withdraw at any time without having to provide any specific reason for such objection.
Managing payments. If you have provided financial information to us, the Company processes your Data to verify that information and to collect payments to the extent that doing so is necessary to complete the transaction and perform our contract with you.
Complying with legal obligations. We process your Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Data to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of our websites, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes or to respond to lawful requests.
Where the Company needs to collect and process Data by law, or under a contract that it has entered into with you, and you fail to provide the required Data when requested, the Company may not be able to perform its contract with you.
4. Disclosure of Personal Information
From time to time, the Company may partner with other companies to jointly offer products, services or programs (such as webinars or downloadable content) such as our channel partners to fulfill product trials and information requests, and provide customers and prospective customers with information about the Company and its products. To do this, we may pass your information to them for that purpose only, and they are prohibited from using that information for any other purpose. The Company does not share Data about the Company attendees with business partners unless: (1) you specifically opt in to such sharing via an event registration form; or (2) you attend a Company event and allow the Company or any of its business partners to scan your attendee badge. If you do not wish for your information to be shared in this manner, you may choose not to opt in via event registration forms and elect not to have your badge scanned at Company events. If you choose to share your information with business partners in the manners described above, your information will be subject to the business partners’ respective privacy statements. The Company sometimes hires vendor companies to provide limited services on our behalf, including packaging, mailing and delivering items, sending postal mail, providing technical support, and processing event registrations. We provide those companies only the information they need to deliver the service, and they are prohibited from using that information for any other purpose.
Section 7 of this Privacy Statement, Website Navigational Information, specifically addresses the information we or third parties collect through cookies and web beacons, and how you can control cookies through your Web browser. We may also disclose your personal information to any third party with your prior consent. You, your administrator or other Service users may choose to add new functionality to integrate the behavior of the Services by connecting third party apps with the Services. Doing so may give third-party apps access to your account and information about you such as your name and email address, and any content you choose to use in connection with those apps. Third party app policies and procedures are not controlled by us, and this Privacy Statement does not cover how third-party apps use your information. We encourage you to review the privacy policies of third parties before connecting to or using their applications or services to learn more about their privacy and information handling practices. If you object to information about you being shared with these third parties, please uninstall the app.
The Company may share Data about the Company website visitors, customers and webinar attendees with the Company’s contracted service providers so that these service providers can provide services on our behalf. These service providers are authorized to use your personal information only as necessary to provide the requested services to us. Without limiting the foregoing, the Company may also share Data about the Company website visitors, customers and webinar attendees with the Company’s service providers to ensure the quality of information provided, and with third–party social networking and media websites, such as Facebook, for marketing and advertising on those websites. Unless described in this Privacy Statement, the Company does not share, sell, rent, or trade any information with third parties for their promotional purposes.
The Company uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the Company’s behalf.
The Company may share Data about the Company’s customers with Idera corporate group and companies that we acquire in the future when they are made part of the Idera corporate group, to the extent such sharing of data is necessary to fulfill a request you have submitted via our Website or for customer support, marketing, technical operations and account management purposes. A list of companies currently within the Idera corporate group is available at https://www.ideracorp.com/brands. The data protection laws in certain countries may be more or less extensive than laws in the country in which you are located. However, Idera and its offices and subsidiaries are governed by this Privacy Statement and will use your personal information only as set forth in this Privacy Statement.
The Company may also disclose your personal information if required to do so by law or in the good faith belief that such action is necessary in connection with a sale, merger, transfer, exchange or other disposition (whether of assets, stock or otherwise) of all or a portion of a business of the Company and/or its subsidiaries or to (1) conform to legal requirements or comply with legal process served on the Company or this website; (2) protect and defend the rights or property of the Company and this website; (3) enforce its agreements with you, or (4) act in urgent circumstances to protect personal safety or the public. In individual instances, the Company may also share with professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in countries in which we operate who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Data.
Any Data or other information you choose to submit in communities, forums, blogs or chat rooms on our Websites may be read, collected and used by others who visit these forums, depending on your account settings.
5. Children and Privacy
The Company Website does not offer information intended to attract children. The Company does not knowingly solicit personal information from children under the age of 16.
6. Security of Personal Information
The Company takes precautions including organizational, technical and physical measures to help safeguard against the accidental or unlawful destruction, loss, alteration and unauthorized disclosure of, or access to, the Data we process or use. For example, when you submit any form requiring registration, we use a secure server. The secure server software (SSL) helps protect your information as it travels over the Internet by encrypting that information before it is sent to us. Please note that while we have implemented industry-standard security mechanisms and procedures to protect data from loss, misuse and unauthorized access, disclosure, alteration and destruction, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions. For further info on Security measures please visit Security Policy at https://www.ideracorp.com/legal/apilayer.
Cookies, Web Beacons and IP Addresses.
The Company uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Website (“Website Navigational Information”). As described more fully below, we and our partners use these cookies or similar technologies to analyze trends, administer Website and Services, track users’ movements around our Website and Services, serve targeted advertisements and gather demographic information about our user base as a whole. This section describes the types of Website Navigational Information used on the Company’s Websites and Services, and how this information may be used.
Log Files, IP Addresses, URLs and Other Data.
As is true of most Idera Websites, we gather certain information automatically to analyze trends in the aggregate and administer the Company’s Website and Services. This information may include your Internet Protocol (IP) address (or the proxy server you use to access the World Wide Web), device and application identification numbers, your location, your browser type, your Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. Due to Internet communications standards, when you visit or use the Company’s Website and Services, we automatically receive the URL of the website from which you came and the website to which you go when you leave our Website. This information is used to analyze overall trends, to help us improve our Websites and Services, to track and aggregate non-personal information, and to provide the Websites and Services. For example, the Company uses IP addresses to monitor the regions from which customers and website visitors navigate the Company’s Websites. The Company also collects IP addresses from customers when they log into the Services as part of the Company’s “Identity Confirmation” and “IP Range Restrictions” security features.
Required cookies enable you to navigate the Company’s Website and use its features, such as accessing secure areas of the Websites and using the Company Services. If you have chosen to identify yourself to the Company, the Company may place on your browser cookies containing an encrypted, unique identifier. These cookies allow the Company to uniquely identify you when you are logged into the Company’s Website and Services and to process your online transactions and requests. Therefore, there is no option to opt out of these cookies because they are essential to operate the Websites.
Targeting or Advertising Cookies:
Do Not Track.
Currently, various browsers — including Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Websites’ visited by the user about the user’s browser DNT preference setting. The Company does not currently commit to responding to browsers’ DNT signals with respect to the Company’s Website, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. The Company takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.
As it is true of most websites, we gather certain information automatically in connection with the use of the Website by individual users. This information may include IP address, device and application identification numbers, browser type, location, the pages and files viewed, operating system and system configuration information and date/time stamps associated with your usage. This information is used to analyze overall trends, to help us provide and improve our Website and to guarantee their security and continued proper functioning. In addition, we gather certain information automatically as part of your use of certain Company products and services. This information may include IP address (or proxy server), device and application identification numbers, location, browser type, internet service provider, the pages and files viewed, searches and other actions you take, operating system and system configuration information and date/time stamps associated with your usage. This information is used to maintain the security of the Services, to provide necessary functionality, as well as to improve performance of the Services, to assess and improve customer and user experience of the Services, to review compliance with applicable usage terms, to identify future opportunities for development of the Services, to assess capacity requirements, to identify customer opportunities and for the security of the Company generally (in addition to the security of our products and Services). Some of the device and usage data collected within the Services, whether alone or in conjunction with other data, could be personally identifying to you. Please note that this usage data is primarily used for the purposes of identifying the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the Services to our customers (where we act as a processor).
8. Links to Other Websites and Public Forums
9. For EU Individuals: Your Rights Under GDPR
If you reside or otherwise find yourself in the territory of Europe, we are committed to facilitate the exercise of your rights granted by the EU General Data Protection Regulation. Otherwise, you can contact us at [email protected] at any time to discuss your privacy concerns. Privacy rights under the EU General Data Protection Regulation include:
Transparency and the right to information. Through this policy we explain how we use and share your information. However, if you have questions or concerns you can contact us any time.
Right of access, objection, restriction of processing, erasure, and portability. You also have the right to withdraw your consent at any time when we process your personal data based on your consent. To exercise these rights, please contact us. Requests to access, change, or delete your information will be addressed within a reasonable timeframe. Please note that if you have registered for an account with the Company, you may generally update your user settings, profile, organization’s settings or event registration by logging into the applicable website or Services with your username and password and editing your settings or profile.
Right to opt-out to direct marketing. You have the right to opt-out at any time to receiving marketing materials from us by following the opt-out instructions in our commercial emails, by contacting us, or by adjusting your preferences under your profile details on the Company Website. Please note that we reserve the right to send you other communications, including service announcements and administrative messages relating to your account, without offering you the opportunity to opt out of receiving them.
Right to lodge a complaint with a supervisory authority. If you consider that the processing of your personal data infringes your privacy rights according to the General Data Protection Regulation, you have the right to lodge a complaint with a supervisory authority, in the member state of your habitual residence, place of work, or place of the alleged infringement. Contact details for the EU data protection authorities can be found at https://ec.europa.eu/justice/article-29/structure/data-protection- authorities/index_en.htm.
10. How to Exercise Your Rights
To exercise your rights, please contact us by using the information in the “Contacting us” section 15 below. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you in order to honor your request. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive. If you are an employee of the Company customer, we recommend you contact your company’s system administrator for assistance in correcting or updating your information. Some registered users may update their user settings, profiles, organization settings and event registrations by logging into their accounts and editing their settings or profiles.
11. Retention Periods and Deletion
The Company retains your personal information to the extent necessary to reasonably serve customer relations, to meet our compliance and legal obligations, to enhance security and fraud prevention, and for audit purposes. For example, we may retain your information during the time in which you have an account to use our Website or Services and for a reasonable period of time afterward. We may also retain your information during the period of time needed for the Company to pursue our business interest, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements. We determine the appropriate retention period for the Data on the basis of the amount, nature and sensitivity of your Data processed, the potential risk of harm from unauthorized use or disclosure of your Data and whether we can achieve the purposes of the processing through other means, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).
When you decide to delete certain information in your account, we will fulfill your request and update this information on our platform. We will also notify third parties that we authorized the use and share that content of your request.
You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of the Company’s marketing emails. Additionally, you may unsubscribe here or by contacting us at any time at [email protected]. Please note that opting out of marketing communications does not opt you out of receiving important business communications related to your current relationship with us, such as communications about your subscriptions or event registrations, service announcements or security information.
13. Information about International Transfers
To facilitate the Company’s global operations, the Company may transfer and access your information outside the European Economic Area and make it accessible to our affiliates, partners and third party service providers internationally. We do so in order to provide you with our services and for the other purposes outlined above. A list of the Company’s global offices is available at http://www.ideracorp.com/contactus. This Privacy Statement shall apply even if the Company transfers Data about the Company customers or Data about attendees to other countries.
14. Changes to this Privacy Statement
The Company reserves the right to change this Privacy Statement from time to time to reflect changes in our practices, technologies, legal requirements and other factors. If we do, we will update the “effective date” at the top of this Privacy Statement. If we make a material update, we may provide you with notice prior to the update taking effect, such as by posting a conspicuous notice on our website or by contacting you using the email address you provided.
We encourage you to periodically review this Privacy Statement to stay informed about our collection, processing and sharing of your personal information.
15. Contacting us.
Questions about this Privacy Statement or the information practices of the Company’s Websites and Services should be directed to our privacy team by filling out this form or by emailing us at [email protected] or by mailing us at:
Apilayer Data Products GmbH
Attn: Legal Department
13-15 / 6. Floor.