What information do we collect?
CLOUDLINUX may collect personally identifiable information from you such as names, addresses, telephone numbers, fax numbers, physical addresses, email addresses, CVs (in the case of candidates), credit card number (in the case of direct customers) and, if applicable, company names, addresses, telephone numbers, fax numbers, physical addresses, email addresses, credit card numbers or tax ID numbers as well as similar information concerning technical contacts, marketing contacts, and executive contacts within your company or organization (collectively, “Personal Information”).
CLOUDLINUX may collect non-personally identifiable information from you such as the type of browser you use, your operating system, the screen resolution of your browser, your ISP, your IP address, which pages you view on the Site and the time and duration of your visits to the Site (collectively, “Non-Personal Information”). CLOUDLINUX associates Non-Personal Information with Personal Information if you register with the Site.
If you communicate with us, we may collect information relating to that communication whether it takes the form of email, fax, letter, forum posting, testimonials or any other form of communication between you and CLOUDLINUX or Submitted by you to the Site (collectively, “User Communications”).
If you use one of our software products such as CloudLinux OS, KernelCare, Imunify360, CloudLinux Backup or TuxCare™ products and services, we may collect certain information concerning such software, its use, and concerning the server upon which the software operates. This information includes: (a) the licensed or unlicensed status of the software; (b) the source from which the license for the software was obtained (CloudLinux or CloudLinux reseller or partner); or (c) information about the server upon which the software is installed including (i) the public IP address, (ii) the operating system and (iii) the use of any virtualization technologies on such server ((a) through (c) collectively, “Server Information”), server uptime and server hardware information including CPU, memory, disks, motherboard. Additionally, “Server Information” may also include (x) information collected by CloudLinux from time to time concerning which features of the software are most often used in order to improve and make adjustments to the software; and (y) information collected from you by CloudLinux in the event that you request technical support services including without limitation, IP addresses, usernames and passwords necessary to login to SSH, list of running processes and content of configuration files.
Information about your customers (Imunify360)
Only if you use Imunify360, Imunify360 collects information about visitors of any site hosted on a server protected by Imunify360. That information includes visitors IP addresses, URI, browser information, screen resolution as well as other location & browser metadata. We might also collect HTTP/HTTPs query parameters, encrypted using one-way encryption (irreversible encryption used for comparison & analysis). If an attack is detected, we will collect HTTP parameters without using one-way encryption. We will still encrypt it for the purpose of transferring it to our servers. For more details please read and sign our Imunify360 Data Processing Agreement.
Information about your customers (Imunify Email)
Only if you use Imunify Email, Imunify Email collects information about mail senders and recipients of any MTA agent protected by Imunify Email. That information includes sender/recipient mail addresses, IP addresses, message content and SMTP headers. Arbitrary email message content may be used for the purpose of enhancing machine learning input data. The data is never stored outside customer premises, but can be temporarily accessed by CloudLinux antispam engineers. It is never stored or transmitted in non-encrypted form and can be un-encrypted to be loaded in RAM for processing purposes. For more details please read and sign our Imunify Email Data Processing Agreement.
Information about your customers (CloudLinux OS Shared PRO / CloudLinux OS Solo)
Only if you use CloudLinux OS Share PRO and/or CloudLinux OS Solo, CloudLinux OS may indirectly collect information about visitors of any site hosted on a server that is using CloudLinux OS Shared PRO or CloudLinux OS Solo. One of the feature of both Services (the feature`s name is X-Ray) tracks the time of the SQL request execution. With the purpose to track the time and analyze the SQL request execution, the feature processes in an encrypted manner and stores the SQL requests in a de-personalized format. The SQL requests can consist of Personally Identifiable Information of the visitors of any hosted site. For more details please read and sign our CloudLinux OS Shared PRO / CloudLinux OS Solo Data Processing Agreement.
The content of your servers (CloudLinux Backup)
If you are using CloudLinux Backup, we back up your data to cloud servers, as specified by your backup settings. Such backups may include a transfer of such data to approved locations in accordance with any Data Processing Agreement you have entered with CloudLinux.
What do we use your information for?
Any of the information we collect from you may be used in one of the following ways:
- To improve customer service
In the context of customer support, your information helps us to more effectively respond to your customer service requests.
- To process transactions
Your information, whether public or private, will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, other than for the express purpose of delivering the purchased product or service requested.
- To send periodic emails
The email address you provide in the application may be used to send you information and updates pertaining to your usage, in addition to receiving occasional company news, updates, related product or service information, etc.
- To carry out the hiring process
We use identification and contact details, job performance data, and data on your suitability for the purpose of carrying out the selection process, including screening of candidates. After that personal data is processed under the legal title of performance of the contract, implementation of pre-contract arrangements, i.e. preparation of an employment contract or agreement. We keep your personal information for the duration of the recruitment process, unless you consent to its further retention in the Candidate Database. Based on your consent, we store your information in the Candidate Database and thus process your identification, contact details, and performance data to contact you with another relevant job offer if any. We can also use your data from the Candidate Database to better understand what kinds of job candidates are interested in the careers we have to offer. With your consent, we process the data for up to 3 years after the end of the recruitment process. You may withdraw your consent at any time by contacting [email protected]. Data processing before revocation of your consent remains valid.
- To distribute marketing and advertising materials
We may contact you with the relevant information about CLOUDLINUX products and services from time to time. Most messages we will send by email. For some messages, we may use Personal Information we collect about you to help us determine the most relevant information to share with you. If you do not want to receive such messages from us, you will be able to tell us by selecting certain boxes on forms we use when we first collect your contact details. Or you can change your marketing preferences by clicking on the unsubscribe link at the bottom of our emails.
- The data collected by Imunify360 about visitors is used to provide better Cybersecurity for Imunify360
- The data collected by Imunify Email about sender/recipients is used to enhance anti-spam filtering efficacy for Imunify Email
- The data backed up by CloudLinux Backup is used to analyze, improve, and provide our backup services
How do we protect your information?
We implement a variety of Cybersecurity measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information. We offer the use of a secure server. All supplied sensitive information is transmitted via Transport Layer Cybersecurity (TLS) technology to and then stored into our database to be only accessed by those authorized with special access rights to our systems, and are required to keep the information confidential. Credit card information is transmitted directly to the payment processor and is not stored on our servers. If you have any questions about the Cybersecurity of your personal information, you can contact us at [email protected]
Cookies or other tracking technologies?
Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.
As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
Do we share any information to outside parties?
- Service Providers
We may provide your personal information to companies that provide services to help us with our business activities such as offering customer service, carrying out the recruiting process or processing your payment. These companies are authorized to use your personal information only as necessary to provide these services to us.
- With your consent
We share information about you with third parties when you give us consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your consent, we may post your name alongside the testimonial.
- Third-Party Widgets
- Legal Disclaimer
We may also disclose your personal information as required by law, such as to comply with a subpoena or similar legal process when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
In the event CLOUDLINUX is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your personal information, and choices you may have regarding your personal information.
We may also disclose your personal information to any other third party with your prior consent.
Just as we have our rights and obligations to process your personal information, you also have certain rights to process your personal data. These rights include:
- Right of access: In accordance with Art. 15 GDPR, you may have the right to obtain confirmation from us as to whether or not your personal data is processed by us, and, where that is the case, to request access to your personal data. The information about personal data processing includes the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom your personal data have been or may be disclosed. However, this is not an absolute right and the interests of other individuals may restrict your right of access. Also, you may have the right to obtain a copy of your personal data undergoing processing. For additional copies requested, we may charge a reasonable fee based on administrative costs.
- Right to rectification: In accordance with Art. 16 GDPR, you may have the right to obtain from us the rectification of inaccurate personal data. Depending on the purposes of the processing, you may have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- Right to erasure (right to be forgotten): In accordance with Art. 17 GDPR, you have the right to request that we delete your personal data. Please keep in mind that we may keep your personal data if it is still necessary for:
- fulfilling our legal obligation;
- archival, historical, or scientific research or statistical purposes; or
- determination, exercise, or defense of our legal claims.
- Right to restriction of processing: In accordance with Art. 18 GDPR, you have the right to request that we restrict the processing of your personal data. In this case, the respective personal data will be marked accordingly and may only be processed by us for certain purposes.
- Right to personal data portability: In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and/or to request the transfer of this personal data to another entity.
- Right to object: If you have given your consent to the processing of your data in accordance with Art. 7 III GDPR, you may revoke your consent at any time in the future. The declaration of revocation must be addressed to us and must be presented in writing or delivered by email or fax.
California Privacy Rights
For purposes of this section “Personal Information” has the meaning given in the California Consumer Privacy Act (“CCPA”).
- How We Collect, Use, and Share your Personal Information
We might collect the following statutory categories of Personal Information:
- Identifiers, such as names, addresses, telephone numbers, fax numbers, physical addresses, email addresses. We collect this information directly from you or from third party sources.
- Internet or network information, such as browsing and search history. We collect this information directly from your device.
- Geolocation data, such as IP address. We collect this information from your device.
- Other personal information, in instances when you interact with us online, by phone or mail in the context of receiving help through our help desks or other support channels; participation in customer surveys or contests; or in providing the Service.
- Your California Rights
You have certain rights regarding the Personal Information we collect or maintain about you. Please note these rights are not absolute, and there may be cases when we decline your request as permitted by law.
The right of access means that you have the right to request that we disclose what Personal Information we have collected used and disclosed about you in the past 12 months.
The right of deletion means that you have the right to request that we delete Personal Information collected or maintained by us, subject to certain exceptions.
The right to non-discrimination means that you will not receive any discriminatory treatment when you exercise one of your privacy rights.
CLOUDLINUX does not sell Personal Information to third parties (pursuant to California Civil Code §§ 1798.100–1798.199, also known as the California Consumer Privacy Act of 2018).
- How to Exercise your California Rights
You can exercise your rights yourself or you can alternatively designate an authorized agent to exercise these rights on your behalf. Please note that to protect your Personal Information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent’s identity to protect your Personal Information.
Please use the contact details below, if you would like to:
- Access this policy in an alternative format;
- Exercise your rights;
- Learn more about your rights or our privacy practices; or
- Designate an authorized agent to make a request on your behalf.
User Access and Choice
Upon request, CLOUDLINUX will provide you with information about whether we hold any of your personal information. You may access, correct or request deletion of your personal information by logging in to your account or by contacting us at [email protected]. We will respond to your request according to the GDPR timeframe requirements.
- Data Retention
We will retain your information as needed to provide you services. Even if you close your account with CLOUDLINUX, we will still retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. However, we will identify your account in our database as “deleted” or “closed”.
- Opt-out Preferences
When you register for an account, we will use your name and email address to send periodic emails to you of both promotional and transactional in nature. Out of respect for your privacy, you may choose to stop receiving promotional emails by following the unsubscribe instructions included in these emails or you can contact us at [email protected].
We will also send you service-related email announcements on rare occasions when it is necessary to do so. You do not have an option to opt out of these emails, which are not promotional in nature.
Our Policy towards Children
The CLOUDLINUX products and/or services are not directed at persons under 16 and we do not knowingly collect Personal Information from children under 16. If you become aware that your child has provided us with Personal Information, without your consent, then please contact us using the details below so that we can take steps to remove such information and terminate any account your child has created with us.
Third party links
Occasionally, at our discretion, we may include links to our merchant partners (third party products or services) on our Sites. These third party’s websites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to protect the integrity of our Sites and welcome any feedback about these third party websites.
We display personal testimonials of satisfied customers on our Sites in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at [email protected]
- Social Media Widgets
CloudLinux Sites may include links that direct you to other websites or services whose privacy practices may differ from ours. Your use of and any information you submit to any of those third-party sites is governed by their privacy policies, not this one.
Consent to Our Terms and Conditions
Please also visit our Terms and Conditions section establishing your consent to the use, disclaimers, and limitations of liability governing the use of this Site Information Related to Data Collected through our Products and Services
- Information Related to Data Processor or Collected for our Customers:
CloudLinux is considered a processor or sub-processor under the direction of our customers who are considered controllers or processors. CloudLinux has entered appropriate Data Processing Agreements with our customers controlling protection of your personal data.
- Transfer of Personal Data to Third Parties:
We may transfer personal data to third-party processor companies (i.e. cloud data and server services) that help us provide our service. Such third party processors are located in, and the transfers are limited to, the United States or countries in the European Union and these processors are controlled by data processing agreements providing the same protections of your personal data.
- Access and Retention of Data Controlled by our Customers:
CloudLinux acknowledges that you have the right to access your personal information or ask for its removal. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his/her query to the CloudLinux’s customer (the data controller). If requested to remove data we will respond within a reasonable timeframe.
CloudLinux will retain personal data we process on behalf of our customers for as long as needed to provide Services to our customer. CloudLinux will also retain personal data as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
INTERNATIONAL DATA TRANSFERS:
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Cloud Linux is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.
Pursuant to the Privacy Shield Frameworks, EU and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also may correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under Privacy Shield, should direct their query to [email protected]. If requested to remove data, we will respond within a reasonable timeframe.
We will provide an individual opt-out or opt-in choice before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to [email protected].
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including meeting national Cybersecurity or law enforcement requirements.
Cloud Linux’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, Cloud Linux remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless Cloud Linux proves that it is not responsible for the event giving rise to the damage.
In compliance with the Privacy Shield Principles, Cloud Linux commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact BILT by email at [email protected].
ACCESSING OR USING OUR SITES OR SERVICES, OR OTHERWISE PROVIDING INFORMATION TO US OR OUR CUSTOMERS, CONSTITUTES CONSENTING TO OUR POTENTIAL TRANSFER, PROCESSING AND STORAGE OF SUCH INFORMATION IN THE UNITED STATES.
Within the scope of this privacy notice, if a privacy complaint or dispute cannot be resolved through Cloud Linux Inc.’s internal processes, Cloud Linux Inc. has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe under the Privacy Shield Dispute Resolution Procedure, please submit the required information to VeraSafe here: https://www.verasafe.com/privacy-services/dispute-resolution/submit-dispute/
If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction
Cloud Linux Inc.
2318 Louis Rd, Suite B
Palo Alto, CA 94303, USA