GRAVIC, INC. - PRIVACY POLICY AND GDPR STATEMENT

May 2018

This privacy policy ("Policy") explains how your personal information is collected, used, and disclosed by Gravic, In. This Policy applies to the websites of Gravic, including www.gravic.com, www.remarksoftware.com, and www.shadowbasesoftware.com. It also applies to Gravic's suite of products and services, including its Remark and Shadowbase families of products, and technical support; our partner portal and related services; and other products and services (collectively, "Services"). However, this policy does not apply to websites, products, or services that display or link to different privacy statements, or are operated by companies other than Gravic, or to business activities or practices of thirt parties, including our channel partners. This Policy also does not apply to information processed in the operation of Services, but to which we do not have access or direct control, for example, data processed by our Shadowbase or Remark software products running in a customer's environment.

We collect and process personal information about you with your consent or as necessary to provide the Services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate business interests.

INFORMATION COLLECTED

We collect information about you in various ways when you use our Services. We collect personal information you provide to us. For example, we may collect your name, email address, postal address, phone number, fax number, demographics, and other information you provide us on our Services. Some Services, such as the ability for us to respond to a web inquiry, may not be available if you are not willing to provide personal information.

We gather certain information automatically to analyze trends and administer our websites and other Services. This information may include your Internet Protocol (IP) address (or the proxy server you use to access the Internet); device and application identification numbers; your location; browser type and language; your Internet service provider or mobile carrier; the pages, files, and videos you viewed; your searches; your operating system and system configuration information; and date and time stamps associated with your usage. When you visit our websites, we also automatically receive the URL of the website from which you came and the website to which you go when you leave our website.

Cookies.We collect information using “cookies.” Cookies are small data files stored on your computer or mobile device by a website. Among other uses, cookies help us improve our Services and your experience. We use cookies to see which areas and features are popular, and to count visits to our websites and particular webpages. We also use cookies to display targeted content, promotions, or advertisements.
    Blocking Cookies:Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to remove cookies from within your browser, or set your browser to block all cookies, all third-party cookies, or particular cookies. If you choose to remove or block cookies, this blocking can disable or otherwise adversely affect certain features or services of our websites.

Analytics. We use Google Analytics to provide us with analytics for the Services. Google Analytics may also automatically collect some of the information described above, including, for example, IP address, access times, browser type and language, device type, device identifiers, and Wi-Fi information. Please consult the Google Analytics Privacy Policy for more information on how Google Analytics uses this data.
    Opting-Out of Google Analytics: You can opt-out of Google's use of cookies by visiting Google's Ads Settings.

Advertising. Other third parties, including advertisers and ad-related services, may also automatically collect the above information about you when you use the Services and on other sites and services, including personally identifiable information about your online activities over time and across different websites, devices, online services, and applications. Some third parties help us and others associate your activities across the browsers and devices you use, for retargeting, cross-device advertising, analytics, and measurement purposes. Some third parties, such as Google AdWords, may also collect information on behalf of us and others for online advertising purposes, and to provide us and others with statistics about users of our websites and other Services.
    Opting-Out of Third Party Cookies:You can opt-out of third-party vendors' use of cookies by visiting the Network Advertising Initiative opt-out page.

Software License Data. Some of our products have a built-in software activation function to prevent illegal use of the software. The software has a default setting to send us certain information when the program is started. This information includes IP address, serial number, operating system version, time/date stamp, and computer fingerprint data. This data is collected to validate the license of the purchased software and to provide usage information about our product.

    Blocking Startup Information: You have the option of changing this setting such that this data will not be sent each time the software is started. However, if turned off you will be required to periodically reactivate your software license in consultation with our technical support department. The history of these reactivation events will be stored by Gravic. If you request to be forgotten, your ability to use our Products and Services will be adversely affected.

USE OF INFORMATION WE COLLECT

We use personal information collected through our Services for purposes described in this Policy or disclosed to you in our Services or in connection with our Services. For example, we may use your information to:
  • respond to your comments, questions, and support queries, and provide customer service;
  • operate and improve our internal operations, systems, and Services;
  • understand you and your preferences to improve your experience using our Services;
  • provide the Services you request, whether you request them directly from us or from one of our channel partners;
  • provide our channel partners with information to facilitate their provision of Services to you as resellers;
  • send you and channel partners information related to Services such as confirmations, invoices, expiration and renewal notices, technical notices, Service updates and security feeds, security alerts, and support and administrative messages;
  • communicate with you about new products and services, upcoming events, promotions, rewards, and other news about products and services offered by Gravic and our selected partners;
  • process and deliver contest entries and rewards;
  • process and deliver contest entries and rewards;
  • link or combine information about you with other personal information we get from third parties, to help understand your needs and provide you with better and more personalized service; and
  • protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.

SHARING OF PERSONAL INFORMATION

We do not share your personal information with third parties other than as follows:
  • with our channel partners, such as resellers, so they can respond to inquiries from you and can provide Services to you;
  • with your consent, for example, when you agree to our sharing your information with other parties for their own marketing purposes subject to their separate privacy policies;
  • with third party vendors, consultants, and other service providers who work for us and need access to your information to do that work;
  • to (i) comply with laws or to respond to lawful requests and legal process, (ii) to protect the rights and property of Gravic and our agents, customers, and other including to enforce our agreements, policies, and terms of use or (iii) in an emergency to protect the personal safety of Gravic, its customers or any person;
  • in connection with or during negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction, or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets to another company.

We may also share aggregated or de-identified information.

SECURITY OF YOUR PERSONAL INFORMATION

Gravic takes reasonable steps to help protect your personal information in an effort to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction.

TRANSFERS OF YOUR PERSONAL INFORMATION

Personal information we collect will be stored and processed in the United States of America or in any other country where we or our affiliates and resellers, or service providers, maintain facilities. We take steps designed to ensure that the data we collect under this Policy is processed according to the provisions of this Policy and applicable law wherever the data is located.

When we transfer personal information from the European Economic Area and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection, we use a variety of legal mechanisms, including contracts, in an effort to help ensure your rights and protections.

STORAGE AND RETENTION OF YOUR PERSONAL INFORMATION

We retain your personal information for as long as necessary to provide services requested by you, or for other essential purposes, such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly. The criteria used to determine retention include:
  • How long is the personal information needed to provide applicable services? The length of time can include maintaining and improving the performance of the Services, enabling system security measures, and maintaining appropriate business and financial records.
  • Do users provide, create, or maintain the data with the expectation we will retain it until they affirmatively remove it? In such cases, we may maintain the data until actively deleted by the user.
  • Is the personal information of a sensitive type? If so, a shortened retention time may be appropriate.
  • Are we subject to legal, contractual, or similar obligation to retain the data? Examples include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data, or data must be retained for the purposes of litigation.

YOUR INFORMATION CHOICES AND CHANGES

If you wish to ask for access, correction, or deletion of any of your personal information held by us, or a change in the way we use your information (for which we reserve the right to charge you a fee, where permitted by applicable law), please email our Data Protection Officer at the email below. However, we may decline requests that are unreasonable, prohibited by law, or are not required to be honored by applicable law.
You can opt-out of receiving promotional emails from Gravic by following the instructions in those emails. If you opt-out and are a user of our products, we may still send you non-promotional emails, such as emails about your accounts or our ongoing business relations. You can also send requests about changes to your information or your contact preferences, including requests to opt-out of sharing your personal information with third parties, by emailing our Data Protection Officer at the email below.

YOUR GDPR (GENERAL DATA PROTECTION REGULATION) PRIVACY RIGHTS

For customers in the European Union, we adhere to the GDPR laws, which, if applicable to you, includes the following rights:

  • If we are processing personal information based on your consent, you have the right to withdraw consent at any time for future processing;
  • You have the right to request access to, rectification, or erasure of your personal information, or to transfer or receive a copy of your personal information in a usable format;
  • You have a right to restrict or object to the processing of your personal information under certain circumstances; and
  • You have a right to lodge a complaint with a data protection authority.

CHANGES TO THIS POLICY

Gravic may periodically change this Policy. If we make any changes to this Policy, we will change the above date, provide such notice, and/or obtain consent to changes as may be required by applicable law.

QUESTIONS/CONTACT

If you have any questions about this Policy, or if you wish to contact our Data Protection Officer, please contact us as GDPR@gravic.com or by mailing us at the address listed on our website.