Privacy Policy
Last updated September 2020
This privacy notice (“Privacy Notice”) sets out how Ataira Analytics Inc.
(“Ataira Analytics” or “We”) uses and protects any personal data that you
give Ataira Analytics when you use this website. For information on how
personal data is processed by Ataira Analytics when you use our Services,
please consult the Service Data Privacy Statement.
If your legal entity has an agreement with Ataira Analytics to provide the
Services (“Customer”), this Privacy Notice is incorporated by reference in
your Master Service Agreement (“MSA”). Your use of Services under the MSA
is subject to this Privacy Notice. Unless otherwise defined in the Privacy
Notice or the Service Data Privacy Statement, capitalized terms have the
meaning given in the MSA.
Ataira Analytics is committed to ensuring that your privacy is protected.
Should we ask you to provide certain personal data by which you can be
identified when using this website, you can be assured that it will only be
used in accordance with this Privacy Notice.
Ataira Analytics may change this Privacy Notice from time to time by
updating this page. You should check this page from time to time to ensure
that you are happy with any changes.
Scope of this Privacy Notice
Except for Account Information and other information, we collect in
connection with your registration or authentication into our Services, this
Privacy Notice does not apply to our security and privacy practices in
connection with your access to and use of Ataira Analytics Services. These
security and privacy practices are detailed in and governed by our Service
Data Privacy Statement below. and our Master Service Agreement, or such
other applicable agreement between you and Ataira Analytics relating to
your access to and use of such Services (collectively referred to as the
“MSA”).
Information That You Provide Us
Account Information
Customers are asked to provide certain personal information when they sign
up for our Services including name, address, telephone number, billing
information (such as a credit card number), and the type of personal
computer being used to access the Services. The personal information
collected from Customers during the registration process is used to manage
the Customers’ Account (such as for billing purposes). This information is
not shared with third parties, unless specifically stated otherwise or in
special circumstances. However, in instances where Ataira Analytics and a
Partner jointly promote the Services, Ataira Analytics may provide the
Partner certain personal information, such as the name, address, and
username of persons who subscribed to the Services as a result of the joint
promotion for the sole purpose of allowing us and the partner to assess the
results of the promotion. In this instance, personal data may not be used
by the Partner for any other purpose. Ataira Analytics may also generate
non-identifying and aggregate profiles from personal data Customers provide
during registration (such as the total number, but not the names, of
Customers). As explained in more detail below, we may use this aggregated
and non-identifying information to sell ads that appear on our website or
other sites.
Other Submissions
We collect personal data that you voluntarily provide us through the
website, for example when you request a free trial or demo, request
information about our products or services, register for a webinar, contact
us, subscribe to our email newsletter, download content (e.g. whitepapers).
Information That We Collect from You on our Website
Cookies and Other Tracking Technologies
We and our authorized partners may use cookies and other information
gathering technologies for a variety of purposes. These technologies may
provide us with personal data, information about devices and networks you
utilize to access our Websites, and other information regarding your
interactions with our website. For detailed information about the use of
cookies and other tracking technologies on the website, please read and
review the Cookie section below.
Logs
We gather certain information and store it in log files when you interact
with our website. This information may include internet protocol (IP)
addresses, browser type, URLs of referring/exit pages, operating system,
date/time stamp, information you search for, locale and language
preferences, identification numbers associated with your devices, and
system configuration information. Occasionally, we connect personal data to
information gathered in our log files as necessary to improve our website
and personalize your content. In such a case, we would treat the combined
information in accordance with this Privacy Notice.
Analytics
We collect analytics information when you use our website to help us
improve the website and related content. We may also share anonymous data
about your actions on our website with third-party service providers of
analytics services.
Information Collected from Third-Party Sources
We may also obtain information, including personal data, from third
parties, e.g., when you request a free trial or demo of our Services,
register for a Ataira Analytics webinar or download Ataira Analytics
content (e.g. whitepapers) or download or request information related to or
similar to our Services from a third-party website. We may combine that
with information we collect through our website.
How We Use Information That We Collect
We may use the information we collect about you (including personal data,
to the extent applicable) for a variety of purposes, including to:
- provide, operate, maintain, improve, and promote our Services;
- enable you to access and use the Services;
- process and complete transactions, and send you related information,
including purchase confirmations and invoices;
- send transactional messages, including responses to your comments,
questions, and requests; provide customer service and support; and send you
technical notices, updates, security alerts, and support and administrative
messages;
- send promotional communications, by email or by phone, such as providing
you with information about products and services, features, surveys,
newsletters, offers, promotions, special offers, contests, events and other
information which we think you may find interesting; and
- customize the website according to your interests
- monitor and analyze trends, usage, and activities in connection with the
websites and Services and for marketing or advertising purposes;
- investigate and prevent fraudulent transactions, unauthorized access to
the Services, and other illegal activities;
- personalize the website and Services, including by providing features or
advertisements that match your interests and preferences; and
- for other purposes for which we obtain your consent.
Legal Basis for Processing (EEA only)
If you are an individual from the European Economic Area (EEA), our legal
basis for collecting and using the personal data will depend on the
personal data concerned and the specific context in which we collect it.
However, we will normally collect personal data from you only where: (a) we
have your consent to do so, (b) where we need the personal data to perform
a contract with you (e.g. to deliver the Services you have requested), or
(c) where the processing is in our or a third party’s legitimate interests
(and not overridden by your data protection interests or fundamental rights
and freedoms). In some cases, we may also have a legal obligation to
collect personal data from you, or may otherwise need the personal data to
protect your vital interests or those of another person.
Where we rely on your consent to process the personal data, you have the
right to withdraw or decline your consent at any time. Please note that
this does not affect the lawfulness of the processing based on consent
before its withdrawal.
If we ask you to provide personal data to comply with a legal requirement
or to perform a contract with you, we will make this clear at the relevant
time and advise you whether the provision of your personal data is
mandatory or not (as well as of the possible consequences if you do not
provide your personal data). Similarly, if we collect and use your personal
data in reliance on our (or a third party’s) legitimate interests which are
not already described in this Notice, we will make clear to you at the
relevant time what those legitimate interests are.
How we Protect Personal Data
We are committed to ensuring that your personal data is secure. In order to
prevent unauthorized access or disclosure, we have put in place appropriate
technical and organizational measures to safeguard and secure the personal
data we process. We have built our website using industry-standard
encryption and authentication tools to protect the security of personal
data.
We also use technological measures such as secure routers and firewalls to
help protect personal data. Information collected through the website is
encrypted before it travels over the Internet using industry-standard
technology for conducting secure online transactions. Unfortunately,
because of its nature, we cannot guarantee against the loss or misuse of
personal data transmitted over the Internet.
If, despite all our efforts, a data breach does occur, we shall do
everything in our power to limit the damage. In case of a data breach which
is likely to result in a high risk, and depending on the circumstances, we
will inform you about remedial actions to prevent any further damage. We
always inform the relevant supervisory authority or authorities without
undue delay.
Cookies and Other Tracking Technologies
When you visit our website, we use cookies to store or retrieve information
on your browser. A cookie is a small piece of data (text file) that a
website – when visited by a user – asks your browser to store on your
device to remember information about you, such as your language preference
or login information. Those cookies are set by us and called first party
cookies. We also use third party cookies – which are cookies from a domain
different than the domain of the website you are visiting – for our
advertising and marketing efforts.
- · More specifically, we use cookies and other tracking technologies for the
following purposes:
- · Help you in navigation on our website, improve your browsing experience
and personalize content and ads;
- · Help you in opening an account, service subscription, registration to our
events, login, and your ability to provide feedback;
- Analyzing your use of our website and improve our content;
- · Assisting with our promotional and marketing efforts (including
behavioral advertising)
We use traffic log cookies to identify which pages are being used. This
helps us analyze data about web page traffic and improve our website in
order to tailor it to customer needs. We only use this information for
statistical analysis purposes.
Overall, cookies help us provide you with a better website, by enabling us
to monitor which pages you find useful and which you do not. A cookie in no
way gives us access to your computer or any personal data about you, other
than the data you choose to share with us.
Below is a detailed list of the cookies we use on our website. Our website
is scanned with our cookie scanning tool regularly to maintain a list as
accurate as possible. We classify cookies in four (4) categories:
- Strictly Necessary Cookies
- Performance Cookies
- Functional Cookies
- Targeting Cookies
Strictly Necessary Cookie
These cookies are necessary for the website to function and cannot be
switched off in our systems. They are usually only set in response to
actions made by you which amount to a request for services, such as setting
your privacy preferences, logging in or filling in forms. You can set your
browser to block or alert you about these cookies, but some parts of the
site may not work then.
- Google Tag Manager
- Microsoft.NET
- AtairaAnalytics.com
Performance Cookie
These cookies allow us to count visits and traffic sources, so we can
measure and improve the performance of our site. They help us know which
pages are the most and least popular and see how visitors move around the
site. All information these cookies collect is aggregated and therefore
anonymous. If you do not allow these cookies, we will not know when you
have visited our site.
- Application Insights
- Google Analytics
- Ataira Analytics.com
Functional Cookies
These cookies allow the provision of enhance functionality and
personalization, such as videos and live chats. They may be set by us or by
third-party providers whose services we have added to our pages. If you do
not allow these cookies, then some or all of these functionalities may not
function properly.
- Digitrust
- Google
- LiveChat
- AddThis
Targeting Cookies
These cookies are set through our site by our advertising partners. They
are used to gather information about your activities on our website and
other sites in order to build a profile of your interests and suggest
advertisements based upon your browsing activities and interests on our
website or other sites. They work by uniquely identifying your browser and
device. If you do not allow these cookies, you will not experience our
targeted advertising across different websites.
- Google
- Facebook
- Linkedin
- Outbrain
- Twitter
- Yahoo
- Youtube
Other Tracking Technologies
We also may use clear gifs in HTML-based emails sent to our users to track
which emails are opened by recipients. This information is used to enable
more accurate reporting, improve the effectiveness of our marketing, and
make our Services and Websites better for our users.
We also use Google Analytics, a web analysis service provided by Google, to
better understand your use of our website. Google Analytics collects
information such as how often users visit the website, what pages they
visit and what other sites they used prior to visiting. Google uses the
data collected to track and examine the use of the website, to prepare
reports on its activities and share them with other Google services. Google
may use the data collected on the website to contextualize and personalize
the ads of its own advertising network. Google’s ability to use and share
information collected by Google Analytics about your visits to the website
is restricted by the Google Analytics Terms of Use and the Google Privacy
Policy. Google offers an opt-out mechanism for the web available here.
Sharing Your Personal Data
We will not sell, distribute or lease your personal data to third parties
unless we have your permission or are required by law to do so. We may
share and disclose your personal data in the following limited
circumstances:
Vendors, consultants and other suppliers
We may disclose your personal data to our vendors, consultants or suppliers
whom we engage to perform services on our behalf in connection with the
purposes identified above. In such cases, our vendors, consultants or
suppliers will be obligated to use that personal data only in accordance
with our specific instructions and in accordance with the terms of this
Privacy Notice. These companies include, for example, our payment
processing providers, marketing automation provider, website analytics
companies, product feedback or help desk software providers, Chat platform
providers, CRM service providers, email service providers and others.
Legal Requests
We may disclose your personal data without your permission to the extent
that it is required to do so by law, in connection with any legal
proceedings or prospective legal proceedings, and in order to establish,
exercise or defend its legal rights.
International Transfers
We may transfer the information we collect about you to countries other
than the country where we originally collected it for the purposes of
storage and processing of data and operating our services. Those countries
may not have the same data protection laws as your country. However, when
we transfer your information to other countries, we will protect that
information as described in this Privacy Notice and take steps, where
necessary, to ensure that international transfers comply with applicable
laws.
Your Privacy Rights
You may request details of personal data which we hold about you. If you
would like a copy of the information held on you please write to
support@ataira.com.
If you believe that any personal data we are holding on you is incorrect or
incomplete, please write to or email us as soon as possible, at the above
address. We will promptly correct any personal data found to be incorrect
or remove your data from our systems completely.
Opt-Out
Marketing Communications
You can opt out of receiving marketing communications from us by following
the unsubscribe instructions included in our marketing communications.
Cookies
For information on how to opt out of each cookie category (except strictly
necessary cookies), for individuals from the European Economic Area (EEA),
please refer to the Cookie Section of this Privacy Notice.
How Long We Retain Your Personal Data
We will not retain your personal data longer than necessary to fulfil the
purposes outlined in this Privacy Notice, unless a longer retention period
is required or permitted by law (such as tax, accounting or other legal
requirements). How long we retain your personal data depends on the type of
data and the purpose for which we process your data. If we have no ongoing
legitimate business need to process your personal data, we will either
delete or anonymize it, or, if this is not possible (for example, because
your personal data has been stored in backup archives), then we will
securely store your personal data and isolate it from any further
processing until deletion is possible.
How to Contact Ataira Analytics
Please feel free to contact us if you have any questions about Ataira
Analytics’ Privacy commitments or practices. You may contact us at
support@ataira.com or at our mailing address below:
Ataira Analytics Incorporated
Attn: Compliance Manager
16625 Redmond Way
Suite M-162
Redmond, WA 98052
United States
Email:
support@ataira.com
Service Data Privacy Statement
Last updated in May 2018.
This Privacy Statement is intended to supplement and clarify the Ataira
Analytics Privacy Policy regarding Personal Data processed on behalf of our
Customers during provision of the Services. This Service Data Privacy
Statement (“Privacy Statement”) is incorporated by reference in your Master
Service Agreement (“MSA”). Your use of Services under the MSA is subject to
the Privacy Statement. Unless otherwise defined in the Privacy Statement,
capitalized terms have the meaning given in the MSA.
Definitions
“Customer” means a legal entity with whom Ataira Analytics has an agreement
to provide the Services. For clarity, a Customer may be a Controller or a
Processor of Personal Data. Where a Customer is a Processor of Personal
Data, Ataira Analytics shall process Personal Data as sub-processor on
behalf of the Controller. Instructions from the Controller regarding the
processing Personal Data shall be given through the Processor.
“Controller” means the natural or legal person, public authority, agency or
other body which, alone or jointly with others, determines the purposes and
means of the processing of personal data. “Personal Data” means any
information relating to an identified or identifiable natural person (“Data
Subject”).
“Processing/To Process/Processed” means any operation or set of operations
which is performed upon Personal Data, whether by automatic means, such as
collection, recording, organization, storage, adaptation or alteration,
retrieval, consultation, use, disclosure by transmission, dissemination or
otherwise making available, alignment or combination, blocking, erasure or
destruction.
“Processor” means a natural or legal person, public authority, agency or
other body which Processes Personal Data on behalf of the Controller.
“Service Data” means all data provided to Ataira Analytics, placed on
Ataira Analytics’ servers, or used, posted, stored or otherwise transferred
or transmitted in connection with the Services, including text, sound,
video or image file, material, product, content, IP address and similar
address, recording, message, software, Account Information, account-related
setting, and which may include, without limitation, Personal Data.
“Third Party” means a natural or legal person, public authority, agency or
body other than the data subject, controller, processor and persons who,
under the direct authority of the Controller or Processor, are authorized
to process Personal Data.
Scope of this Privacy Statement
This Privacy Statement governs our security and privacy practices in
connection with your access to and use of Ataira Analytics Services. This
Privacy Statement does not apply to our security and privacy practices in
connection with your access to and use of Ataira Analytics’ website
(www.ataira.com). These security and privacy practices are
detailed in and governed by Ataira Analytics Privacy Policy.
Customers of our Services are solely responsible for establishing policies
for and ensuring compliance with all applicable laws and regulations, as
well as any and all privacy policies, agreements or other obligations,
relating to the collection of personal data in connection with the use of
our Services by Data Subjects with whom our Customers interact. If you are
an individual who interacts with a Customer using our Services, then you
will be directed to contact our Customer for assistance with any requests
or questions relating to your personal data.
We collect information under the direction of our Customers and have no
direct relationship with individuals whose personal data we process in
connection with our Customers’ use of our Services. If you are an
individual who interacts with a Customer using our Services (such as an
employee of one of our Customers) and would either like to amend your
contact information or no longer wish to be contacted by Ataira Analytics,
please contact the Customer that you interact with directly.
Data we Process
Ataira Analytics may Process Personal Data about Data Subject for the
purposes of account creation, billing, usage tracking, and on behalf
Customer to provide the Services. Data that is not related to an identified
or identifiable natural person, including aggregated or de-identified data,
is not Personal Data and is not addressed by this document.
Types of Personal Data
Account Information
We may collect first and last name, email address, postal address, phone
number and other similar contact data about Customer’s authorized
employees, consultant or independent contractors.
Payment Data
We collect data necessary to process your payment if you make purchases,
such as your payment instrument number (such as a credit card number), and
the security code associated with your payment instrument.
Credentials
We collect passwords, password hints and similar security information used
for authentication and account access.
Meta Data
Ataira Analytics servers automatically record some information when
Services are used, including information sent by browsers or mobile apps.
Ataira Analytics may collect information about the devices Services are
being used on, including what type of device it is, operating systems,
device settings, application IDs, unique device identifiers, and crash
data.
Cookies and other Tracking Technologies
Whenever a Customer or any Account Users interact with the Portal, Ataira
Analytics automatically receives and records information from the browser,
which may include IP address, “cookie” information, the type of browser and
device being used to access the Portal, screen resolution and browser
language. “Cookies” are identifiers Ataira Analytics transfers to the
browser or device of the Account User that allow Ataira Analytics to
recognize the Account User and their browser or device along with how our
Portal is being utilized. When Ataira Analytics collects this information,
Ataira Analytics only uses this data in aggregate form, and not in a manner
that would identify the Account User personally. For example, this
aggregate data can tell Ataira Analytics how often users use a particular
feature of the Portal, and Ataira Analytics can use that knowledge to
improve the Services. We also use an application session recording solution
to record the Account Users’ use of the Portal and we may link such
recordings to the Account User and the Customer Account to optimize our
support services and better resolve technical problems. Such recordings are
only used to provide technical support services under the Agreement.
Call Recording
Ataira Analytics monitors and records calls to or from Ataira Analytics
regarding the Services, including Technical Support and account managers,
for training, support, and quality control purposes.
Content
We process content of Customer’s files and communications when necessary to
provide the Services. For example, if you receive an email using Hosted
Exchange, we need to collect the content of that email to deliver it to
your inbox, display it to you, enable you to reply to it and store it for
you until you choose to delete it. Other data we collect to provide
Services to Customer include the following:
- subject line and body of an email,
- text or other content of an instant message,
- audio and video recording of a video or audio message,
- audio recording and transcript of a voice message you receive or a text
message you dictate, and
- text or other content of a file or data Customer places on Ataira
Analytics’ servers, or uses, posts, stores or otherwise transfers or
transmits in connection with the Services.
Voluntary Customer Surveys
We may periodically conduct both business and individual customer surveys.
We encourage our Customers to participate in these surveys because they
provide us with important information that helps us to improve the types of
services we offer and how we provide them to you. Personal Data and
responses submitted through these surveys will remain strictly
confidential, even if the survey is conducted by a third party.
Participation in our customer surveys is voluntary. We take the information
we receive from individuals responding to our customer surveys and combine
(or aggregate) it with the responses of other customers to create broader,
generic responses to the survey questions (such as gender, age, residence,
hobbies, education, employment, industry sector, or other demographic
information). We then use the aggregated information to improve the quality
of our Services to you, and to develop new services and products. This data
can be share on an aggregate and anonymous basis with third parties.
Purposes for Processing
Ataira Analytics processes the Personal Data outlined above for the
following purposes:
- To operate our business;
- To provide and enhance our Services;
- To respond to Customer requests for support or assistance; and
- To send communications, including promotional communications.
This policy is not intended to place any limits on what we do with data
that is aggregated and/or de-identified. It is no longer associated with an
identifiable user or Customer of the Services and is therefore not Personal
Data.
How we Protect Data
Regarding the Services and Service Data, Ataira Analytics acts as a
Processor on behalf of Customers. Customers have primary responsibility for
interacting with Data Subjects, and the role of Ataira Analytics is
generally limited to assisting Customers as needed. Ataira Analytics
processes Service Data only upon a Customer’s instruction and shall have a
duty to respect the security and confidentiality of Personal Data, pursuant
to the measures outlined in agreements with Customers and as required by
applicable law.
Information Security
Ataira Analytics takes security seriously. We take various steps to protect
Customer’s Service Data from loss, misuse, and unauthorized access or
disclosure. These steps take into account the sensitivity of the Service
Data, and the current state of technology. Ataira Analytics has a dedicated
information security team consisting of an infrastructure team leader,
infrastructure system administrators, and a senior security specialist, who
are responsible for the management of information security throughout the
organization. The specialist maintains security credentials and is required
to annually sign and acknowledge the review of the information security
policies. The specialist is responsible for developing, maintaining, and
enforcing Ataira Analytics’ information security policies. The information
security policies are also reviewed annually by senior management.
In addition to maintaining security, the information security team also
monitors known incidents and patches as well as results from vulnerability
assessments; it makes changes to policies and procedures as needed
following an approval process. Such changes can include the reassessment of
risk, changes to incident response plans, and the verification of
responsibilities for authorizing and monitoring accesses. Changes are
reviewed and communicated during weekly change maintenance meetings or
through system alerts. Ataira Analytics implements and maintains a variety
of technical and organizational security measures to protect Customer’s
Service Data from loss, misuse, and unauthorized access or disclosure,
including the following:
- Logical access controls to manage electronic access to data and system
functionality based on authority levels and job functions (e.g., granting
access on a need-to-know and least privilege basis, use of unique IDs and
passwords for all users, periodic review and revoking/changing access
promptly when employment terminates or changes in job functions occur).
- Password controls to manage and control password strength, expiration and
usage including prohibiting users from sharing passwords and requiring that
Ataira Analytics’ passwords assigned to its employees: (i) be at least
fourteen (14) characters in length, (ii) not be stored in readable format
on Ataira Analytics’ computer systems; (iii) must be changed every sixty
(60) days; must have defined complexity; (v) may not be reused (password
history); and (vi) newly issued passwords must be changed after first use.
- Housing systems in data center or server room facilities that are secured
via physical and environmental controls that are designed to protect
information assets from unauthorized access, to manage, monitor and log
movement of persons into and out of Ataira Analytics facilities, and to
guard against environmental hazards such as fire and water damage.
- Operational procedures and controls to ensure technology and information
systems are configured, monitored, and maintained according to prescribed
internal and adopted industry standards. • System logging procedures to
proactively record user and system activity for routine review.
- Network security controls that provide for the use of enterprise
firewalls and layered DMZ architectures, and Intrusion Detection Systems
and other traffic and event correlation procedures to protect systems from
intrusion and limit the scope of any successful attack. • Vulnerability
management and scheduled scanning procedures and technologies to identify,
assess, mitigate and protect against security threats, viruses and other
malicious code.
- Change management procedures to ensure all changes to Ataira Analytics’
technology and information assets are properly tested, approved and
monitored. • Incident / problem management procedures to allow for the
proper investigation, response, mitigation and notification of events
related to Ataira Analytics’ technology and information assets.
- Organizational management to ensure the proper development and
maintenance of information security and technology policies, procedures and
standards.
- Audit and assessment procedures for the purposes of monitoring and
maintaining compliance with the organization’s policies and procedures and
for reporting the condition of information security to senior management.
Personal Data Breach Notification
In the event that Ataira Analytics becomes aware of any of Security
Incidents involving Personal Data, Ataira Analytics will promptly notify
affected Customers to the extent such notification is permitted by
applicable law. “Security Incidents” are defined as (1) the actual
unauthorized access to or use of unencrypted Personal Data by an
unaffiliated third party, or (2) loss, theft, or unauthorized disclosure or
manipulation of unencrypted Personal Data that has the potential to cause
harm to Customer’s systems, employees, information or the Customer’s brand
name (i.e., potential breach).
Notification shall take the form of an email to the designated Customer
Account Contact(s) and shall include at a minimum, (a) problem statement or
description, (2) expected resolution time (if known), and (c) the name and
phone number of the Ataira Analytics representative that Customer may
contact to obtain updates.
Ataira Analytics agrees to keep Customer informed of progress and actions
taken to resolve the Security Incident. Unless such disclosure or
notification is mandated by law, Customer, in its sole discretion, will
determine whether to provide explicit notification to Customer’s customers
or employees concerning Security Incidents involving Personal Data. Ataira
Analytics reserves the right, in its sole discretion, to notify pertinent
government authorities of such incidents, such as those involving criminal
acts.
Transparency and Cooperation with Customers
Ataira Analytics undertakes to be transparent regarding its Personal Data
processing activities and to provide Customers with reasonable cooperation
to help facilitate their respective data protection obligations regarding
Personal Data.
Upon a Customer’s request, and subject to appropriate confidentiality
obligations, Ataira Analytics shall make available to the Customer (or such
Customer’s independent, third-party auditor) information regarding Ataira
Analytics processing activities affecting Customer.
Sharing and Disclosure
This section discusses how Ataira Analytics may share Personal Data with
third-parties in the context of the Services. Ataira Analytics reserves the
right to disclose or use aggregate or de-identified information for any
purpose. For example, we may share aggregated or de-identified information
with our partners or others for business or research purposes.
Sub-processing by Third Parties
Ataira Analytics may retain third party sub-processors, and depending on
the location of the third-party sub-processor, processing of Personal Data
by such sub-processors may involve transfers of Personal Data. Such
third-party sub-processors shall process Personal Data only in accordance
with the Customer’s instructions set forth in the Customer’s contract with
Ataira Analytics.
Such third-party sub-processors have entered into written agreements with
Ataira Analytics in accordance with the applicable requirements. Ataira
Analytics maintains an up-to-date list of the names and locations of all
third-party sub-processors engaged in processing Personal Data, including a
description of their processing activities, which is available upon request
by contacting support@ataira.com.
Compliance with Laws
Ataira Analytics may share or disclose data to comply with legal or
regulatory requirements and to respond to lawful requests, court orders and
legal processes.
Enforcing Our Rights, Preventing Fraud, and Safety
Ataira Analytics may share or disclose data to protect and defend the
rights, property, or safety of us or third parties, including enforcing
contracts or policies, or in connection with investigation and preventing
fraud.
Changes to our Business Structure
Ataira Analytics may share or disclosed data if we engage in a merger,
acquisition, bankruptcy, dissolution, reorganization, sale of some or all
of Ataira Analytics’ assets, financing, acquisition of all or a portion of
our business, a similar transaction or proceeding, or steps in
contemplation of such activities (e.g. due diligence).
Location of Data
The Service Data is hosted on Ataira Analytics’ servers located in data
centers in the United States and Canada. Default location is based on
Customer location and can be modified by Customer once the Services are
provisioned, subject to applicable fees.
Personal Data Retention
We will retain Personal Data for as long as Customer maintains an Account
for our Services, or as needed to provide Customer with our Services,
comply with our legal obligations, resolve disputes and enforce our
agreements. If we have no ongoing legitimate business need to process or
retain Personal Data, we will either delete or anonymize it, or, if this is
not possible (for example, because your personal data has been stored in
backup archives), then we will securely store and isolate it from any
further processing until deletion is possible.
Data Subject Rights
Ataira Analytics acts as a data Processor on behalf of Customers. Customers
have primary responsibility for interacting with Data Subjects, and the
role of Ataira Analytics is generally limited to assisting Customers as
needed.
Access, Correction, Amendment or Deletion Requests
Ataira Analytics shall promptly notify a Customer if Ataira Analytics
receives a request from a Data Subject for access to, correction, amendment
or deletion of that person’s Personal Data. Ataira Analytics shall not
respond to any such Data Subject request without the Customer’s prior
written consent except to confirm that the request relates to that
Customer.
Ataira Analytics shall provide Customers with cooperation and assistance in
a reasonable period of time and to the extent reasonably possible in
relation to any request regarding Personal Data to the extent Customers do
not have access to such Personal Data through their respective uses of the
Services.
If you are a Customer or otherwise provide us with personal data in
connection with your use of our Services, we will delete this information
upon your request, provided that, notwithstanding such request, this
information may be retained for as long as you maintain an Account for our
Services, or as needed to provide you with our Services, comply with our
legal obligations, resolve disputes and enforce our agreements.
Regulatory Enquiries and Complaints
Ataira Analytics shall, to the extent legally permitted, promptly notify a
Customer if it receives an enquiry or complaint from a data protection
authority in which that Customer is specifically named. Upon a Customer’s
request, Ataira Analytics shall provide the Customer with cooperation and
assistance in relation to any regulatory inquiry or complaint involving
Ataira Analytics’ processing of Personal Data.
Legal Requests
In certain situations, Ataira Analytics may be required to disclose Service
Data in response to lawful requests by public authorities, to respond to
subpoenas, court orders, or legal process, or to establish or exercise our
legal rights or defend against legal claims. Ataira Analytics may also
share such information with relevant law enforcement agencies or public
authorities if we believe same to be necessary in order to investigate,
prevent, or take action regarding illegal activities, suspected fraud,
situations involving potential threats to the physical safety of any
person, violations of our Master Subscription Agreement, or as otherwise
required by law.
Changes to this Statement
We may change this statement from time to time, and if we do we will post
any changes on this page. If you continue to use the Services after those
changes are in effect, you agree to the revised policy.
How to Contact Ataira Analytics
Please feel free to contact us if you have any questions about Ataira
Analytics’ Privacy commitments or practices. You may contact us at
support@ataira.com or at our mailing address below:
Ataira Analytics Incorporated
Attn: Compliance Manager
16625 Redmond Way
Suite M-162
Redmond, WA 98052
United States
Email:
support@ataira.com