- What personal data we collect
- How we use your personal data
- How we share your personal data
- How we protect your personal data
- Your choices regarding your personal data
- Information specific to non-U.S. users
- Android Endpoint Agent Permissions and Disclosure
Personal data means information that relates to you as an individually identifiable person, such as your name, e-mail address, and mobile number.
1 – WHAT PERSONAL DATA WE COLLECT
a) Information You Give Us
We collect personal data that you voluntarily share with us through the Site. For example, we collect information from you when you create an account or fill out a request form on the Site.
The personal data we collect from you may include:
- Contact information, including name, email address, and telephone number
- Messages you send to Veriato, for example, a product inquiry
- Product key, serial number, or order number, for example, in a request for technical support
You may also submit (a) order information, including name, company name, product information, and delivery address; and (b) payment information, including billing address, credit card number, expiration date, and CVV into the Site. This information is transmitted via Transport Layer Security (TLS) encryption to a third-party order and payment processor under contract with Veriato. This order and payment information is not stored on Veriato’ servers.
b) Information We Collect Through Technology On The Site
We collect information through technology to enhance our ability to serve you. When you access and use the Site, Veriato and, in some cases, our third-party service providers collect information about how you interact with the Site. We describe below methods we use to collect information through technology.
When you visit the Site, we collect your device identifier, browser information, and Internet Protocol (IP) address. An IP address is often associated with the portal you used to enter the Internet, like your Internet service provider (ISP), company, association, or university. While an IP address may reveal your ISP or geographic area, we cannot determine your identity solely based upon your IP address. We do not link your personal data to device identifier information, browser information, and IP addresses. Where, according to local law, IP addresses and the like are considered personal data, then we treat them as such.
If you prefer, you can choose to have your browser warn you each time a cookie is being sent, or you can choose to turn off cookies by adjusting your browser settings. If you turn off your cookies, some of the features on the Site may not function properly.
We include small graphic images or other web programming code, called web beacons (also known as “pixel tags”, “web bugs” or “clear GIFs”), on the Site. The web beacons are minute graphics with a unique identifier. They are used to track the online movements of Web users. In contrast to cookies, which are stored in a user’s computer hard drive, web beacons are embedded invisibly on Web pages and are about the size of the period at the end of this sentence.
Your ‘Do Not Track’ Browser Setting
We support the Do Not Track (DNT) browser setting. DNT is a preference you can set in your browser’s settings to let the websites you visit know that you do not want the websites collecting your personal data.
We may track your online activities over time and across third-party websites or online services. For example, we might use web beacons to help us determine what links or advertisers brought you to our Site. We then track your activities on our Site. We also may use web beacons to track your visits to other websites so that third-party service providers can display Veriato advertisements to you on those other websites based on your activities while on the Site (“remarketing”).
c) Information Third Parties Provide About You
We supplement the information we collect about you through the Site with records received from third parties in order to enhance our ability to serve you, to tailor our content to you, and to offer you information that we believe may be of interest to you. For example, the service provider that processes orders submitted through the Site shares your order information, but not payment information, with us.
d) Information You Provide To A Third Party
CHILDREN’S ONLINE PRIVACY PROTECTION ACT COMPLIANCE
We do not collect any information from anyone under 13 years of age. The Site, products and services are all directed to people who are at least 13 years old or older. If you are under the age of 13, you are not authorized to use the Site.
2 – PURPOSES FOR WHICH WE USE THE PERSONAL DATA WE COLLECT
We use the information we collect to serve you and improve your experience on the Site. These purposes include:
- Responding to requests for information
- Responding to requests for product quotes
- Registering users for Veriato promotions and events
- Responding to technical support questions and concerns
- Contacting users for marketing, advertising, and sales purposes
- Improving our products and services
- Responding to questions and feedback
- Conducting market research and analysis
- Continuously evaluating and improving the online user experience
- Network and information security
- Fraud prevention
- Reporting suspected criminal acts
- Compliance with the law or to protect the rights, property, or safety of Veriato, our users, or others
- Processing and responding to job applications
We retain your personal data for the duration of the customer relationship, if any. We also retain your personal data for 12 months after our last interaction with you. Job applications are purged after 3 months if no action is taken.
3 – HOW WE SHARE THE PERSONAL DATA WE COLLECT
We do not sell or rent your personal data to third parties. The following are some of the ways we share your personal data:
- Third-Party Service Providers: We will share your personal data with third-party service providers under contract with Veriato to help us provide services to you. The following are some examples of the types of third-party service providers with which we share your personal data and our purpose for doing so:
- Data Analytics: We retain third-party service providers to help us perform data analytics regarding your interactions with the Site. For example, Google Analytics may track what pages users visit on the Site and how long they stay there to determine how users use the Site.
- Legal Advice: We may disclose your personal data to an attorney in the process of obtaining legal advice.
- Third-party Processors: Through the Site, you transmit your order and payment information to a third-party order and payment processor.
- Advertising Platforms: We may disclose the fact that you visited the Site to advertising networks so that they can show you Veriato advertisements on other websites and platforms. These services can help us tailor advertising that we think may be of interest to you based on your use of the Site and to otherwise collect and use data about your use of the Site.
- Channel Partners: We may disclose your personal data related to your requests for information and Veriato products and services to our channel partners so that they can respond to your requests and offer local purchasing options and services.
- Required Disclosures: We may be required to share personal data in a court proceeding, in response to a court order, subpoena, civil discovery request, other legal process, or as otherwise required by law.
- Legal Compliance and Protections: We may disclose account and other personal data when we believe disclosure is necessary to comply with the law or to protect the rights, property, or safety of Veriato, our users, or others. This includes exchanging personal data with other companies and organizations for fraud protection and credit risk reduction.
- Corporate Transactions: We reserve the right to disclose and transfer your data, including your personal data:
- To a subsequent owner, co-owner, or operator of the Site or successor database.
- In connection with a corporate merger, consolidation, the sale of substantially all of our membership interests and/or assets or other corporate change, including to any prospective purchasers.
4 – HOW WE PROTECT THE PERSONAL DATA WE COLLECT
The security and confidentiality of your personal data is important to us. We have technical, administrative, and physical security measures in place to protect your personal data from unauthorized access or disclosure and improper use.
For example, we use Transport Layer Security (TLS) encryption to protect the data collection forms on our Site. In addition, we restrict access to your personal data. Only employees who need the personal data to perform a specific job (for example, a customer service representative) are granted access to personal data. Employees with access to personal data are kept up-to-date on our security and privacy practices.
It is important for you to protect against unauthorized access to your password and to your computer. Be sure to close your browser after you have completed your visit to the Site.
Please note that despite our reasonable efforts, no security measure is ever perfect or impenetrable, so we cannot guarantee the security of your personal data.
5 – YOUR CHOICES REGARDING YOUR PERSONAL DATA
You may contact [email protected] to access, update, correct, and delete your personal data.
CALIFORNIA ONLINE PRIVACY PROTECTION ACT COMPLIANCE/YOUR CALIFORNIA PRIVACY RIGHTS
California residents who use the Site may request that we provide certain information regarding our disclosure of your personal data to third parties for their direct marketing purposes. You can make such a request by e-mail to [email protected].
6 – INFORMATION SPECIFIC TO NON-U.S. USERS
a) All locations outside of the United States
The personal data collected through the Site is downloaded to a server maintained by Veriato. Veriato is located at 700 South Rosemary Ave, Suite 201-144 West Palm Beach, FL 33401 in the United States. Veriato will comply with requests to exercise individual data rights in accordance with applicable law. You can contact [email protected] to request to exercise your data rights.
b) European Economic Area and Switzerland
The information in this section, as well as the information in the section above titled “All locations outside of the United States”, applies to users in the European Economic Area and Switzerland (collectively, the “EEA”).
Individuals in the EEA (“EEA Individuals”) are not required by statute or by contract to provide any personal data to the Site. Veriato sometimes uses EEA Individuals’ personal data submitted through the Site for automated decision-making. For example, Veriato may display advertisements and send emails to you containing content automatically chosen based on the products you have ordered from us in the past. However, Veriato will not use EEA Individuals’ personal data submitted through the Site for automated decision-making, including profiling, which produces legal effects or similarly significantly affects the EEA Individual.
Cross-Border Data Transfers:
The personal data collected through the Site will be transferred to the United States. The recipients of personal data collected through the Site (listed in Section 3 above) are located in the United States or in the country where the data was collected. The European Commission has not issued a determination that the United States ensures an adequate level of protection for personal data.
Legal Bases For Processing:
Veriato processes your personal data with your consent and as required by law. In addition, Veriato processes your personal data as necessary for the performance of the sales contract, for example, when processing your orders and payments, and to take steps, at your request, before entering into a contract with you. For example, if you ask us for quotes for products and services you are interested in buying, we may send them to you. Veriato also processes personal data as necessary for its legitimate interests as follows:
- Marketing and advertising: Unless you opt out as described below, we use your personal data regarding products and services you have ordered, or in which you have otherwise demonstrated an interest, as necessary to provide you information about the products and services that we think might interest you in accordance with applicable law.
- Network and information security, fraud prevention, and reporting suspected criminal acts: In the event of fraud, a security incident, or a suspected criminal act, we would examine personal data that appeared to be linked to the incident as necessary to determine what happened, remediate, report to the authorities, and prevent a recurrence.
Right to Object to Processing for Direct Marketing or Legitimate Interests:
EEA Individuals have the right to object to the processing of their personal data for purposes of Veriato’s direct marketing or legitimate interests by contacting Veriato at [email protected].
EEA Individuals have the right to access their personal data collected by the Site and to request that Veriato update, correct, or delete their personal data as provided by applicable law. EEA Individuals also have the right to object to, or restrict, Veriato’s processing of their personal data.
In addition, EEA Individuals have the right to data portability concerning their personal data. Subject to certain limitations, the right to data portability allows EEA Individuals to obtain from Veriato, or to ask Veriato to send to a third party, a digital copy of the personal data that they provided to the Site. EEA Individuals’ right to access their personal data includes their right to receive a copy of all, or a portion, of their personal data in Veriato’s possession as long as Veriato’s providing the personal data would not adversely affect the rights and freedoms of others.
EEA Individuals can exercise these rights by contacting [email protected]. Veriato will respond to such requests in accordance with applicable data protection law. If EEA Individuals believe that their personal data has been processed in violation of applicable data protection law, they have the right to lodge a complaint with the relevant data protection authority in the country where they reside, where they work, or where the alleged violation occurred.
EEA Individuals may use the contact information above, at any time, to withdraw their consent for the processing of their personal data where Veriato requires their consent as a legal basis for processing their personal data. Any withdrawal will apply only prospectively, and Veriato will continue to retain the personal data that EEA Individuals provided before they withdrew their consent for as long as allowed or required by applicable law.
In addition, you may cancel or modify the email communications you have chosen to receive from Veriato by following the instructions contained in emails from us. Alternatively, you may email Veriato at [email protected] with your request, stating ’Unsubscribe‘ in the header and what email addresses you wish not to receive Veriato emails. Within a reasonable period, we shall ensure that such email addresses are unsubscribed.
7 – ANDROID ENDPOINT AGENT PERMISSIONS AND DISCLOSURES
In compliance with Google Play Console Policy, this section discloses permissions accessed by the Veriato Android Agent app and reasons for access.
Veriato Cerebral Endpoint Agents are intended to be installed only on company owned devices for employee monitoring and work-related or security investigations. Agent collected data is returned directly to the customer owned Veriato Cerebral Server and cannot be accessed by Veriato. During installation, the Veriato Android Agent app requests activation of the following permissions:
- AccessibilityService API
Location Permissions: Access to “location in the background” is required to provide geofencing data to the Veriato Cerebral Server for monitoring acceptable device use. When the device crosses a geofence, notification can be sent to the appropriate company administrator. To accomplish geofencing and geofencing alerts, the app enables SysLog background capture “All the time,” even when the Veriato client app is not in use. The location data is transmitted through a certified SSL connection directly to the company’s (the owner) Veriato Cerebral server, is accessible only through the company’s Veriato Cerebral Database, and is used only for company defined geofencing alerts.
Phone State and Storage Permissions: External storage “all files access” permission is required to allow a Veriato Cerebral administrator to monitor media, document, and file activity on a company owned device. Without this access, the Veriato Agent app cannot operate as intended. Data is transmitted through a certified SSL connection directly to the company’s (the owner) Veriato Cerebral server, is accessible only through the company’s Veriato Cerebral Database, and is used only for company defined purposes.
Accessibility Permissions: Although not an accessibility tool, the Veriato Agent requires access to the Accessibility Service API to read browser history, which allows a Veriato Cerebral administrator to monitor browser activity and searches. Without this access, the Veriato Agent app cannot operate as intended.
700 South Rosemary Ave, Suite 201-144
West Palm Beach, FL 33401
Email: [email protected]