Data Protection and legal notes
Last Updated: April 24, 2020
For the purposes of the EU General Data Protection Regulation 2016/679 (the “GDPR”), SIGHUP is the data controller. This means that we are responsible for deciding how we use the information that we hold. SIGHUP s.r.l. Office is located at Via Caldera 21 20153, Milano (MI) Italy.
What information do we collect about you?
We collect or may collect certain information from and about users of the SIGHUP Services, including:
- Information by which you or an Authorized User may be personally identified, such as name, email address, profile photo, company name, company address, GitHub user ID, and financial and billing information (including credit card information and email addresses for invoices) ("personal data").
- Slack details, including URL and admin email address, to set up a shared Slack channel;
- One to many AWS/GCP/AZURE/OCI/Vmware account IDs, domain names, GitHub repo URLs and Keybase username.
- Analytics information.
- IP address and date and time of visit.
- Usage details and information, such as usage and customer deployment patterns, and information regarding module use.
- Device, internet and mobile information such as the hardware model, operating system version, unique device identifiers, browser type, language, wireless network, and mobile network information (including the mobile phone number).
- When you report a problem with any of the SIGHUP Services.
- Records and copies of your correspondence (including email addresses), if you contact us; and/or Details of transactions you carry out through the SIGHUP Services.
How do we collect information about you?
We collect this information:
- Directly from you when you provide it to us, such as when you register for the SIGHUP Services or add an Authorized User for the SIGHUP Services.
- Automatically as you or your Authorized Users navigate through or use the SIGHUP Services.
- From third parties, such as our service providers, when they are legally allowed to share your information with us.
You may also now or in the future participate in public discussion boards, public chat rooms and/or provide comments, pictures, audio and video recordings, text, data, information and other input or any other content linked, posted, and/or submitted by you or other users to be published or displayed publicly (hereinafter, “posted”) on or through the SIGHUP Services, or transmitted to third parties or other users of, the SIGHUP Services (collectively, “User Content”). Your User Content is posted on and transmitted to others at your own risk. We cannot control the actions of other users of the SIGHUP Services, with whom your User Content is shared. Therefore, we cannot and do not guarantee that your User Content will not be viewed, downloaded or shared by unauthorized persons.
We May Partner with Third-Parties
We may use or partner with other third-party service providers, agents or contractors for various purposes in connection with our business and operations, including credit card and payment processing, support, relationship building, the marketing and growth of our business and the performance of services on our behalf, such as gathering and analyzing information and the provision of services to you. In the course of performing these responsibilities and providing such services, these other companies may have access to your information. We may also share information, including your information, with these service providers in order to enable them to perform these responsibilities and to provide these services. Many service providers have adopted their own privacy policies, which are not subject to control by SIGHUP.
Service providers that have access to your personally identifiable information in connection with providing services are required to keep your information confidential and are not permitted to use this information for any purpose other than to fulfill the services they are performing for SIGHUP or the SIGHUP Services.
If you click on a link to a third-party website, such third party may also transmit cookies to you and we do not have any control over that. Please be aware that cookies placed by third parties may continue to track your activities online even after you are no longer using any of the SIGHUP Services, and those third parties may not honor “Do Not Track” requests you have set using your web browser.
How do we use your information?
- Where the use of your information is necessary for the performance of a contract we are about to enter into or have entered into with you;
- Where the use is necessary for the purposes of our legitimate interests (or those of a third party);
- Where we need to comply with a legal or regulatory obligation; or
- Where you have given your consent, which can be withdrawn at any time
We use information that we collect about you or that you provide to us for the following purposes:
- To provide you the SIGHUP Services, training materials, and other products and services that you request from us.
- To provide the Website and its content to you.
- To confirm your identity in connection with the use of the SIGHUP Services.
- To process and complete transactions.
- To provide technical and other support to you.
- To send you promotional communications, such as providing you with information about services, features, surveys, newsletters, offers and events and providing other news or information about us, provided that you have given your consent.
- To enable service providers to perform certain responsibilities and provide certain services in connection with the SIGHUP Services and our business and operations.
- To provide you with notices about your account.
- To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection.
- To notify you about changes to the SIGHUP Services.
- To enhance the safety and security of all of the SIGHUP Services.
- To verify your identity and prevent fraud or other unauthorized or illegal activity.
- To perform advertising on third party websites.
- For any other purpose with your consent.
Where do we store your data?
We may store any information that we collect (personal or otherwise) ourselves or in databases and servers owned and maintained by us, our affiliates, agents or service providers, including without limitation in a SIGHUP-owned GCP account. If you access or use the SIGHUP Services outside of the European Economic Area, information that we collect about you may be transferred to servers inside the United States and maintained indefinitely, which may involve the transfer of information out of countries located in the United States and other parts of the world unless otherwise prohibited by applicable law or agreed by SIGHUP and you. By allowing SIGHUP to collect information about you, you consent to such transfer and processing of such information without restriction. We may also store some information locally on your computer or other devices. For example, we may store information as local cache so that you can open the Website and view content faster.
Although users from all over the world may access the SIGHUP Services, keep in mind that no matter where you live or where you happen to use our services, you consent to us processing and transferring information in and to the European Economic Area and other countries whose data-protection and privacy laws may offer fewer protections than those in your home country.
We retain your data only as long as necessary
We will only retain your personal data, in a form which permits us to identify you, for as long as necessary to fulfill the purposes we collected it for. We will retain and use your personal data as necessary to satisfy any legal, accounting or reporting requirements, to resolve disputes or to enforce our agreements and rights. After this, we will either securely delete or anonymize your personal data so that it cannot be linked back to you.
How we secure your data
We understand that the security of your personal data is important. We provide reasonable administrative, technical, and physical security controls to protect your personal data. However, despite our efforts, no security controls are 100% effective. SIGHUP cannot ensure or warrant the security of your personal data. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the SIGHUP Services unless we have failed to provide the reasonable administrative, technical, and physical security controls.
How do we share your information?
- To our subsidiaries and affiliates.
- To other users in your organization in connection with the SIGHUP Services.
- To service providers, contractors and other third parties we use to support the SIGHUP Services and our business, including credit card and payment processors and marketing support. Our service providers promise to safeguard your personal information and are not permitted to use it for their own purposes.
- To a potential or actual buyer. assignee or other successor (including its related advisors and agents) in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of SIGHUP’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal data held by SIGHUP about users of the SIGHUP Services is among the assets that may be or are actually transferred.
- To fulfill the purpose for which you provide it.
- With your consent.
We may share your information when legally required to do so
We may also disclose your personal information:
- To comply with any court order, law or legal process, including to respond to any government or regulatory request.
- To enforce or apply the Terms and other agreements, including for billing and collection purposes.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of SIGHUP, our customers or others.
We will try to limit sharing when possible
We respect your right to the privacy of your personal data and will use commercially reasonable efforts both to de-identify your personal data and to limit sharing when possible.
How can you impact our collection and use of your data?
We strive to provide you with choices regarding the personal data you provide to us. We have created mechanisms to provide you with the following control over your personal data:
- Promotional Offers from SIGHUP. If you do not wish to have your email address/contact information used by SIGHUP to market or otherwise promote our own or third parties’ products or services, you can opt-out through the unsubscribe mechanism at the bottom of the applicable email. If you are a registered user of the SIGHUP Services or if you have engaged in transactions with us, we may continue to send transactional or relationship messages (e.g., signing notifications or account notifications) after you opt out of marketing messages.
You may contact us to correct or delete your data
You may contact us at any time to change, correct or delete any personal data that you have provided to us. Note that if you delete your personal data, you may not be able to use certain Services.
Your California privacy rights
California Civil Code Section §1798.83 permits users of the Website that are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please contact us.
Your European privacy rights
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your personal data) if we intend to use your personal data for such purposes or if we intend to disclose your personal data to any third party for such purposes. You can exercise your right to prevent such processing by opting-out of such use by us. You can also exercise the right by contacting us directly.
In certain circumstances, you have the right to: (a) request access to any personal data we hold about you and related data, (b) obtain without undue delay the rectification of any inaccurate personal data, (c) request that your personal data be deleted provided that the personal data is not required by us for (i) compliance with a legal obligation under European or Member State law or other applicable law or (ii) the establishment, exercise or defense of a legal claim, and provided further that our deletion of your personal data may prevent you from being able to use certain Services, (d) prevent or restrict processing of your personal data, except to the extent processing is required (i) to comply with a legal obligation under European Member State law or applicable law or (ii) for the establishment, exercise or defense of legal claims; and (e) request transfer of your personal data directly to a third party where this is technically feasible.
You also have the right to set guidelines for the retention and communication of your personal data after your death.
If you reside in a jurisdiction other than the European Economic Area, you may also have similar rights to the above. Please contact us if you would like to exercise one of these rights, and we will comply with any request to the extent required under applicable law.
You can exercise any of these rights by contacting us.
Policy for children
The SIGHUP Services are not intended for minors under 13 years of age. We do not knowingly collect personal data from children under 13. If you are under 13, do not use any of the SIGHUP Services or provide any information about yourself to us. If we learn we have collected or received personal data from a child under 13 without verification of parental consent, we will delete that information. If you believe that we might have any information from or about a child under 13, please contact us.