This Statement describes how Code 42 collects, uses, and discloses certain personally identifiable information that it receives in the United States from European Union users and United States users ("Personal Data"). In particular, Code 42 recognizes that the European Union has established strict protections regarding the handling of EU Personal Data, and Code 42 therefore has elected to adhere to the US-EU Safe Harbor Privacy Principles (the "Safe Harbor") with respect to such EU Personal Data that it receives in the United States. For further background and information about the Safe Harbor, and to see Code 42’s representation on the Safe Harbor List, please refer to the U.S. Department of Commerce's website at https://safeharbor.export.gov/list.aspx.
In general, Code 42 may obtain personal information about several different types of individuals, including (i) Web site visitors, (ii) clients. Code 42’s practices with respect to each of these types of individual data subjects are described below.
Code 42 may obtain various types of Personal Data about our clients and Web Site visitors. Such data may include contact information names, address, phone number, and email address; information about products and services ordered or provided; payment information(such as credit card number, cardholder name, credit card verification number and expiration date), passwords, and information collected through Internet-based and e-commerce activities, and other transaction-related data.
The personal information we collect through our downloadable software is: name, email address, and password.
Code 42 may use these types of Personal Data for business purposes, including to deliver or provide products or services; to establish or maintain client and business relationships; to provide access to Internet-based and e-commerce activities; to perform accounting functions; and to conduct other activities as necessary or appropriate in connection with the servicing and development of the business relationship.
Our clients may update, access, delete inaccuracies, or correct their Personal Data by making the change within their account once logged into the site or by contacting us at firstname.lastname@example.org to do so. We will respond to your request to access within 30 days. Also, to the extent that any of these individuals receive marketing communications from Code 42, and wish to unsubscribe or otherwise stop receiving such communications, they can contact us at email@example.com.
If you are not a client but have submitted your personal data through the contact us link and wish to have your information updated or wish to have us delete inaccuracies please contact us at firstname.lastname@example.org.
If you wish to save your payment method to your account we allow you to do so. You may at any time delete your payment information by logging into your account. We do not have access to this information. This is stored on an SSL encrypted page.
Code 42 provides a wide variety of services and solutions to its business clients ("Clients") that facilitate services including backing up and restoring files and copying backup archives to external hard drives for the purposes of allowing Clients to restore archives for individuals ("Data Subjects"). In some instances, Code 42 may obtain access (when the Client purchases a service in which the backup archive is external hard drives for the purposes of allowing Clients to restore archives for individuals. Personal Data about such Data Subjects in the course of providing the services and solutions. In other specific instances, Code 42 may also obtain access to data about our Clients' end users in the course of providing support services to the Clients ("End Users"). Such data may include email address, CrashPlan system configuration, log files and other information, depending on the particular Client and application at issue.
Wherever we obtain access to Personal Data about Data Subjects or End Users, we are acting as a mere data processor on behalf of our Clients, and we therefore conduct such activities strictly in accordance with their instructions and pursuant to our contractual arrangements with them. If you are an End User with an existing relationship with one of our Clients, you should refer to the Client's website to understand the privacy practices that apply to Personal Data that we may maintain about you. Moreover, if you would like to access and review your Personal Data, you should contact our Client with any such requests. We will cooperate as appropriate with requests from our Clients to assist with such responses.
We will occasionally send you information on products, services, or promotions. Out of respect for your privacy, we present the option not to receive these types of communications. You may opt-out from receiving these types of communications by following the instructions included in each communication, within your account settings, or by emailing us at email@example.com.
We will send you service-related announcements on rare occasions when it is necessary to do so. For instance, if our service is temporarily suspended for maintenance, we might send you an email.
Generally, you may not opt-out of these communications, which are not promotional in nature. If you do not wish to receive them, you have the option to deactivate your account.
Code 42 may disclose Personal Data to business partners and subcontractors as necessary in connection with the performance of requested services or solutions, or as otherwise appropriate in connection with a legitimate business need. Service providers include Zendesk (for Support ticket management), Basecamp (for project management) and Twitter (for receiving backup related notifications). We use PayPal Manager and Google Checkout. Code 42 is its own email provider and does not use any 3rd party provider for email services. Code 42 may also disclose Personal Data as necessary in connection with the sale or transfer of all or part of the business. In these situations, Code 42 will require the recipient of the data to protect the data in accordance with the relevant principles in the Safe Harbors, or otherwise take steps to ensure that the EU Personal Data is appropriately protected. Code 42 may also disclose Personal Data where required or permitted by law, or where Code 42 believes that such disclosures are appropriate in connection with a law enforcement request.
Code 42 has global hosting centers that store and process EU Personal Data in various locations in the United States. US hosting centers include facilities in Minneapolis and Atlanta. Code 42 takes reasonable precautions to protect EU Personal Data in these centers and in other locations in the United States from loss, misuse and unauthorized access, disclosure, alteration, and destruction. Code 42 also makes reasonable efforts to keep EU Personal Data reliable for its intended use, accurate, current, and complete.
The security of your personal information is important to us. When you enter sensitive information (such as credit card number) on our order forms, we encrypt that information using secure socket layer technology (SSL).
We follow generally accepted industry standards to protect the personally identifiable information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.
If you have any questions about security on our Web site, you can email us at firstname.lastname@example.org.
Older portions of our web application use a Session Id that is stored in a cookie and expires when the browser is closed. The JSessionId is used to connect the client with the client's server-side state. When the client changes the page, the same server-side state can be used for the next page. Passwords or demographic data are not stored as part of this process. Only the data about the page is stored in the server memory, such data telling the system which user is logged in so the user doesn’t have to log in again in each time they hit a new page.
In the case of the orgId that the user currently has open, the cookies are retained so when the user clicks the "Edit" button we can use that orgId to build the Org Edit page with the correct data. Our upcoming application will store virtually no server-side state, but will use a rotating token for authentication purposes.
If you reject cookies, you may still use our site, but your ability to use some areas of our site, such as contests or surveys, will be limited. We currently do not store the shopping cart in a cookie.
If you use a forum on this Web site, you should be aware that any personal data you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. We are not responsible for the personal data you choose to submit in these forums. You may remove your post along with your personal information you submit within these forums by contacting us at email@example.com.
If you choose to use our referral service to tell a friend about our site, we will ask you for your friend’s email address. We will automatically send your friend a one-time email inviting him or her to visit the site and download CrashPlan. Code 42 stores this information for the sole purpose of sending this one-time email, and inviting this friend to use you as backup destination and / or asking the friend's permission to back up to him or her.
We utilize an import contacts feature to allow you to invite friends to join the site. We make it easy for you to invite people from your address book to help you import your contacts to our site. At your request we will populate the email box will all the addresses in your email address book. You can select and delete any addresses to whom you do not want to send an invitation. Code 42 stores this information for the sole purpose of sending this one-time email, and inviting this friend to use you as backup destination and / or asking the friend's permission to back up to him or her. The From: field will contain the sender's first name and email address. The message includes the sender's backup code that the receiver can supply in his or her own downloaded CrashPlan. This code allows the recipient to use the sender's computer as a backup destination.
If you wish to upload a photo of yourself in the support section of the site, please be aware that this will be viewed by other users of the support section. If you wish to remove your photo you may do so at any time by logging into your support account and editing your profile.
If you have any questions about this safe Harbor Privacy Statement, or if you would like to request access to the Personal Data that we may maintain about you, please contact us as follows:
Code 42 Software, Inc participates in the EU Safe Harbor Privacy Framework as set forth by the United States Department of Commerce regarding the collection, use, and retention of data from the European Union. Information regarding the E.U. Safe Harbor Framework can be found at: http://export.gov/safeharbor. As part of our participation in the safe harbor, we have agreed to TRUSTe dispute resolution for disputes relating to our compliance with the Safe Harbor Privacy Framework. If you have any complaints regarding our compliance with the Safe Harbor you should first contact us (as provided above). If contacting us does not resolve your complaint, you may raise your complaint with TRUSTe by Internet at http://watchdog.truste.com/pvr.php?page=complaint&url= fax at 415-520-3420, or mail at Watchdog Complaints, TRUSTe, 55 2nd Street, 2nd Floor, San Francisco, CA, USA 94105. If you are faxing or mailing TRUSTe to lodge a complaint, you must include the following information: the name of company, the alleged privacy violation, your contact information, and whether you would like the particulars of your complaint shared with the company. For information about TRUSTe or the operation of TRUSTe's dispute resolution process, see http://watchdog.truste.com/pvr.php?page=complaint&url= or request this information from TRUSTe at any of the addresses listed above. The TRUSTe dispute resolution process shall be conducted in English.