(Last revised and updated: August 21, 2020)
If an organization with which you are associated (an “Organization”) signs up to use our products or services, we may receive personal information about you in connection with our provision of such products or services to your Organization. To the extent we process that personal information solely in order to provide such products or services to your Organization, under the General Data Protection Regulation (EU) 2016/679 (“GDPR”), to the extent applicable, we will act as a processor (as defined in the GDPR) on behalf of your Organization in respect of that personal information; except to the extent expressly provided in the clause of this Policy titled ” Privacy Shield”, this Policy will not apply to the processing of that personal information and your Organization will act as a controller (as defined in the GDPR) in respect of that personal information and is responsible for obtaining all necessary consents and providing you with all requisite information as required by applicable law. To the extent we process your personal information for any other lawful business purpose of ours, under the GDPR, to the extent applicable, we will act as a controller of such personal information and this Policy will apply to the processing of such personal information.
Information Collection and Use
This website (the “website”) is hosted in the United States by VoltDB, Inc. (the “Company”), a company headquartered in Bedford, Massachusetts, USA. We have created this Policy to demonstrate our commitment to your privacy and the protection of your information. The Policy also does not apply to third-party online resources to which this website may link, frame or otherwise reference. To the extent permitted by applicable law, the Company is the sole owner of the information collected on this website.
The term “personal information,” as used throughout this Policy, applies to any information or set of information that identifies or that could be used to identify an individual. We may track the technical information (see “cookies” below) provided to us by your browsing the website to improve the navigation, content and design of our website and for the other purposes described in this Policy. You may voluntarily provide additional information to enable us to provide the information or services you are requesting.
We store the information you provide in a database in order to provide you with the information, products, or services you request. We will retain your personal information for as long as reasonably necessary to fulfill the purposes for which we collected it. The information you provide will be shared with the Company’s employees and/or contractors to the extent reasonably necessary to fulfill the purposes for which we collected it, which may include accommodating your request for products or services. VoltDB may be required to disclose personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. We will only use your personal information to the extent that the law allows us to do so. Pursuant to the GDPR, legal bases for our processing your personal information may include (without limitation):
(a) where you have given consent to the processing, which consent may be withdrawn at any time without affecting the lawfulness of processing based on consent prior to withdrawal;
(b) where it is necessary to perform a contract we have entered into or are about to enter into with you (whether in relation to the provision of the website, our products, services, or otherwise); and/or
(c) where it is necessary for the purposes of our legitimate interests (or those of a third party) in providing the website, providing or marketing our products or services, or otherwise and your interests or fundamental rights and freedoms do not override those legitimate interests.
We generally use personal information as described in this Policy or as authorized by you or as otherwise disclosed at the time we request such information from you. You generally must “opt in” and give us permission to use your personal information for any other purpose.
Notification of Changes
We reserve the right to make changes to this Policy at any time. If we change the Policy, we will post those changes on our website. Please check this Policy each time you visit our website for any updates.
Voluntary Submission of Personal Information
Except with respect to information passively collected by cookies or provided by third parties (as described below), access to most material on the website is available without submitting personal information. There are a few web pages on the website that request information from users, for example, subscription to newsletters and participation in surveys or contests. Participation is completely voluntary and the user therefore has a choice whether or not to disclose this information. Information requested may include contact information (such as name, telephone number, email address, company name, role, area of interest, industry, global region, and shipping address), demographic information (such as zip code and professional credentials), type of project, and any other information you may choose to share with us. If you give us personal information about somebody else, such as a work colleague, you represent and warrant to us that you have their permission to do so. In addition to other uses described in this Policy, as otherwise permitted by you, or as otherwise permitted by applicable law: (i) in the case of raffles at tradeshows, contact information may be used to notify the winners and award prizes; and (ii) survey information may be used to monitor or improve the use and satisfaction of this website. We may also receive information (including personal information such as name, title, email address, work location, and links to social media profiles and other references on the Internet) about you from third parties providing us with analytics, lead generation, or other services. And, we may directly collect personal information about you that is publicly available from sources such as LinkedIn and other publicly available websites.
Accessing and Correcting Your Information
You may change your preferences and “opt out” of receiving certain marketing communications from us by following the directions provided in association with the communication or such other directions we may provide or by contacting firstname.lastname@example.org. Additionally, under certain circumstances and in compliance with the GDPR, you may have the right to:
Request access to your personal information (commonly known as ‘subject access request’). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it;
Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected;
Request erasure of your personal information. This enables you to ask us to delete or remove your personal information where there is no good reason for us to continue processing it. You also have the right to ask us to delete or remove all of your personal information in certain circumstances;
Object to processing of your personal information where we are relying on a legitimate interest (or that of a third party) and there is something about your particular situation which makes you want to object to processing on this ground;
Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of your personal information, for example, if you want us to establish its accuracy or the reason for processing it;
Request the transfer of your personal information to another party; and
Lodge a complaint with the relevant supervisory authority (as defined in the GDPR). If you have any complaints about the way we process your personal information, please do contact us. Alternatively, you may lodge a complaint with the supervisory authority which is established in your country.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal information, or request that we transfer a copy of your personal information to another party, please contact email@example.com.
Such updates, corrections, changes and deletions will have no effect on other information that we maintain, or information that we have provided to third parties in accordance with this Policy prior to such update, correction, change or deletion. To protect your privacy and security, we may take reasonable steps (such as requesting a unique password) to verify your identity before granting you profile access or making corrections. You are responsible for maintaining the secrecy of your unique password and account information at all times.
You should be aware that it may not be technologically possible to remove each and every record of the information you have provided to us from our system. The need to back up our systems to protect information from inadvertent loss means that a copy of your personal information may exist in a non-erasable form that will be difficult or impossible for us to locate. After receiving your request, we will use commercially reasonable efforts to update, correct, change, or delete, as appropriate, all personal information stored in databases we actively use and other readily searchable media as appropriate, as soon as and to the extent reasonably practicable.
Data Integrity and Security
The Company uses commercially reasonable security measures designed to protect against the loss, misuse or alteration of data located on our systems. We implement commercially reasonable measures and processes, such as using encryption when transmitting certain sensitive information, to help us to keep your information secure and to maintain its quality. We regularly review our security and related policies to adapt the technology as new threats evolve and monitor our systems to help ensure the highest level of availability. If you have any questions about the security at our website, you can send an email to firstname.lastname@example.org.
The Company takes commercially reasonable steps designed to protect personal information as it is transmitted from your computer to our online resources and servers, as well as to protect personal information in its possession from unauthorized access, disclosure, alteration or destruction.
No data transmission over the Internet can be guaranteed to be entirely secure. As a result, while we use commercially reasonable efforts designed to protect the personal information you provide to us, we cannot guarantee the security of your information, and we cannot guarantee against any loss, misuse, unauthorized disclosure, alteration or destruction of data, and the submission of data is thus at your own risk. It is your personal responsibility to secure and protect your own copies of your passwords and related access codes for any online resources and not permit any unauthorized use of any account you may have with us. Please be aware that in certain circumstances, it is possible that personal information may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders.
Information Sharing and Usage
In addition to the other uses described in this Policy, we use the information we collect to provide and market our website, products, and services, to process your transactions, to help us understand who uses our website, products, and services, to measure the effectiveness of our campaigns and initiatives, and for internal operations such as operating and improving our website, products, and services. If you identify yourself to us by sending us an e-mail with questions or comments, we may use your information (including personal information) to respond to your questions or comments, and we may file your questions or comments (with your information) for future reference.
We generally disclose information we gather from you to the following types of third parties and as otherwise set forth in this Policy or as specifically authorized by you.
The Company may share your information with contracted service providers, including if sharing your information is necessary to provide a product or service you have requested, as part of a joint sales promotion or to pass sales leads to one of our distribution partners, or to keep you up-to-date on product announcements, software updates, special offers or other information. We use reasonable efforts to ensure that these service providers are capable of protecting the security of your personal information.
We reserve the right to transfer information to a third party in connection with a sale, merger or other transfer of all or substantially all of the assets of VoltDB or any of its affiliates, or in connection with a strategic investment by a third party in VoltDB, or in the event that we discontinue our business or file a petition or have filed against us a petition in bankruptcy, reorganization or similar proceeding, provided that the third party agrees to adhere to the terms of this Policy.
We may disclose information (including personal information) about you to our Corporate Affiliates (if any). For purposes of this Policy: “Corporate Affiliate” means any person or entity which directly or indirectly controls, is controlled by or is under common control with VoltDB, whether by ownership or otherwise; and “control” means possessing, directly or indirectly, the power to direct or cause the direction of the management, policies or operations of an entity, whether through ownership of fifty percent (50%) or more of the voting securities, by contract or otherwise. Any information relating to you that we provide to our Corporate Affiliates will be treated by those Corporate Affiliates in accordance with the terms of this Policy.
We may also use or disclose your personal information to the extent reasonably necessary: to correct technical problems and malfunctions and to technically process your information; to protect the security and integrity of our website; to protect our rights and property and the rights and property of others; to take precautions against liability; to the extent required by law or to respond to judicial process, including to meet national security or law enforcement requirements; or to the extent permitted under other provisions of law, to provide information to law enforcement agencies or for an investigation on a matter related to public safety, as applicable.
Transfer of Your Information
Personal information collected under this Policy may be transferred from time to time to our offices or personnel, or to third parties, located throughout the world, and the website may be viewed and hosted anywhere in the world, including countries that may not have laws of general applicability regulating the use and transfer of such information. You hereby expressly grant consent to VoltDB to: (a) process and disclose such information in accordance with this Policy; (b) transfer such information throughout the world, including to the United States or other countries that do not ensure adequate protection for personal information (as determined by the European Commission, each, an “Inadequate Jurisdiction”) and/or countries that may not have laws of general applicability regulating the use and transfer of such information; and (c) disclose such information to comply with lawful requests by public authorities, including to meet national security or law enforcement requirements. To the extent required by applicable law: whenever we transfer your personal data (as defined in the GDPR) to an Inadequate Jurisdiction, we ensure a similar degree of protection is afforded to it; where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in the European Economic Area under the GDPR or, with respect to transfers of personal data to the United States, we may rely on the Privacy Shield certification of the recipient; and if we rely on another basis to transfer your personal data to an Inadequate Jurisdiction, we will keep you updated or contact you if required. Please contact us if you want further information on the specific mechanisms used by us when transferring your personal data to an Inadequate Jurisdiction. If you are a user accessing the website from a jurisdiction with laws or regulations governing personal information collection, use, and disclosure that differ from those of the United States, please be advised that all aspects of the website are governed by the internal laws of the United States and the Commonwealth of Massachusetts, USA, regardless of your location.
For specific information regarding how we handle personal information transferred from the European Economic Area, Switzerland, or the United Kingdom to the United States, please see the clause below titled “Privacy Shield”.
An IP address is a number assigned to you by your Internet service provider so you can access the Internet. We receive IP addresses in the normal course of the operation of our website. We use IP addresses to analyze trends, administer the website, track users’ movements, gather geographic information, and gather broad demographic information for aggregate use. We may connect information gathered in connection with an IP address to information that a user may provide, such as information provided in a form that a user completes. We or third parties acting on our behalf may also use your IP address to ascertain your company name and to send you personalized advertisements on the basis of that information. For further information on personalized advertisements, please see the clause below titled “Cookies”.
Here are links to the main third-party platforms we use:
For further clarification, this website has implemented Google Analytics features, specifically Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager integration, and Google Analytics Demographics and Interest Reporting to optimize your experience. Information collected by Google Analytics includes but is not limited to web metrics. For information on how Google Analytics collects and processes data, please see the site “How Google uses data when you use our partners’ sites or apps”, currently located at www.google.com/policies/privacy/partners/. For information on opting out of Google Analytics, we encourage you to visit Google’s website, including its list of currently available opt-out options presently located at https://tools.google.com/dlpage/gaoptout.
How to Manage Cookies
In addition to the options provided above, you may refuse or accept cookies from the website at any time by activating settings on your browser. Information about the procedure to follow in order to enable or disable cookies can be found on your Internet browser provider’s website via your help screen. You may wish to refer to http://www.allaboutcookies.org/manage-cookies/index.html for information on commonly used browsers. Please be aware that if cookies are disabled, not all features of the website may operate as intended.
Newsletters and Email Privacy
To the extent permitted by applicable law, unless you opt out, we and third parties acting on our behalf may send you electronic newsletters, contact you about products, services, information, and news that may be of interest to you, and provide you with targeted feedback. If you received a mailing from us, your email address is either listed with us as someone who has expressly shared your email address for the purpose of receiving information in the future; you have registered, purchased or otherwise have an existing relationship with us; or we have rented an email list from a list owner to whom you have given permission to send third-party promotional email. We respect your time and attention by controlling the frequency of our mailings.
Each email sent contains an easy way for you to cease receiving email from us. If you wish to do this, simply follow the instructions at the end of any email. If you have received unwanted, unsolicited email sent via this system or purporting to be sent via this system, please forward a copy of that email with your comments to email@example.com.
Do Not Track
The term “Do Not Track” refers to a HTTP header offered by certain web browsers to request that websites refrain from tracking the user. We take no action in response to automated Do Not Track requests . However, if you wish to stop such tracking, please contact us with your request, using our contact details provided below.
Links to Other Websites
This website contains links to other sites that are not operated by the Company. Please be aware that the Company is not responsible for, and in no way endorses, the privacy practices or content of such other sites. The owners of such other sites are responsible for them. We encourage our users to be aware when they leave our website and to read the privacy statements of each and every website that collects personal information. This Policy applies solely to information collected by this website and our products or services.
Protecting the privacy of children is especially important. This website is not designed for or directed to children under the age of 13. We do not collect personal information from any person we actually know is under the age of 13. Further, our website, products and services are not designed or structured to attract or target anyone under the age of 18. By providing information to VoltDB, you represent that you are 18 years of age or older.
VoltDB complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Economic Area, Switzerland, or the United Kingdom to the United States (“Transfer Data”). VoltDB has certified that it adheres to the Privacy Shield principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. The Privacy Shield List is available at https://www.privacyshield.gov/list.
Notwithstanding any other provision of this Policy, and for the avoidance of doubt, with respect to Transfer Data processed by VoltDB solely on behalf of a third-party controller (“Processed Transfer Data”), the provisions of this Policy specific to Transfer Data continue to apply in accordance with the EU-U.S. Privacy Shield Framework, but may be limited to working with the respective controller, given our role as a processor. As used in this Policy, “processor” and “controller” have the meanings ascribed to such terms in the GDPR.
Further, with respect to Transfer Data, if there is any conflict between this clause titled ” Privacy Shield” and the provisions in the other clauses of this Policy, this Privacy Shield clause shall govern.
The Federal Trade Commission has jurisdiction over VoltDB’s compliance with the Privacy Shield.
In compliance with the EU-US Privacy Shield Principles and the Swiss-US Privacy Shield Principles, VoltDB commits to resolve complaints about your privacy and our collection or use of your Transfer Data. Individuals in the European Economic Area, the United Kingdom, or Switzerland with inquiries or complaints regarding this Policy should first contact VoltDB at:
Attn: Privacy Officer
209 Burlington Road
Bedford, MA 01730
VoltDB has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, a non-profit dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit https://bbbprograms.org/privacy-shield-complaints/ for more information and to file a complaint. This service is provided free of charge to you.
As further described in the Privacy Shield Principles, a binding arbitration option will be made available to you in order to address residual complaints regarding Transfer Data that have not been resolved by other means. See Section C of Annex I to the Privacy Shield Principles at https://www.privacyshield.gov/article?id=C-Pre-Arbitration-Requirements.
In particular, as further specified in this Policy, we will maintain compliance with the Privacy Shield principles by adhering to the following practices:
Notice, Types of Transfer Data, and Purposes for which Transfer Data is Collected and Used
When we collect your Transfer Data, we’ll give you timely and appropriate notice describing what Transfer Data we’re collecting, how we’ll use it, and the types of third parties with whom we may share it. The types of Transfer Data that may be collected by VoltDB are the types of personal information described under the clauses above titled “Information Collection and Use”, “Voluntary Submission of Personal Information”, “Log Files”, “Cookies”, and “How to Manage Cookies”. Additionally, Processed Transfer Data includes information contained on the servers of enterprise customers, to which VoltDB may have access for support purposes. The purposes for which Transfer Data is collected and used by VoltDB are those purposes described under the clauses titled “Information Collection and Use”, “Information Sharing and Usage”, “Log Files”, “Cookies”, and “How to Manage Cookies” above with respect to personal information. VoltDB collects and uses Processed Transfer Data only on the instructions of the applicable third-party controller.
If you no longer wish to have your Transfer Data disclosed to third parties, you may choose to opt out by notifying us that you want your Transfer Data removed. To do so, send an email to firstname.lastname@example.org. Please be aware that your Transfer Data may have been disclosed to third parties prior to removal. Also, VoltDB will provide you with notice before using your Transfer Data for a purpose other than that for which it was originally collected or subsequently authorized by you, and you may choose to opt out of such use by following the directions provided in the notice. However, even after any opt-out or removal of your Transfer Data, we reserve the right to disclose your Transfer Data to a third party when we believe in good faith that we are required to do so in order to comply with an applicable statute, regulation, rule or law, a subpoena, a search warrant, a court or regulatory order, lawful requests by public authorities, including to meet national security or law enforcement requirements, or other valid legal process. Without limitation of any other provision contained herein, following your “opt-out”, your Transfer Data that already has been gathered may continue to be used and to be disclosed to third parties, provided that such Transfer Data will be anonymized in order to ensure that you cannot be identified anymore. With respect to Processed Transfer Data, VoltDB will work with the applicable third-party controller to facilitate such choice.
Accountability for Onward Transfer and Types of Third Parties to which Transfer Data is Disclosed
Before we disclose any of your Transfer Data to a third party we will require that such third party provide the same level of privacy protection as is required by the Privacy Shield Principles. VoltDB accountability for Transfer Data that it receives under the Privacy Shield and transfers to a third party is outlined in the Privacy Shield Principles. In particular, VoltDB remains liable under the Privacy Shield Principles if third-party agents that it retains to process Transfer Data on VoltDB’s behalf process such Transfer Data in a manner inconsistent with the Privacy Shield Principles, unless VoltDB can prove that it is not responsible for the event giving rise to the damage. Transfer data is disclosed with the same types of third parties and for the same purposes as are described under the clause titled “Information Sharing and Usage” above with respect to personal information.
We’ll take appropriate physical, technical, and organizational measures to protect your Transfer Data from loss, misuse, unauthorized access or disclosure, alteration, and destruction.
Data Integrity and Purpose Limitation
Except as may be authorized by you, we use your Transfer Data in a way that is compatible with and relevant for the purpose for which it was collected. To the extent necessary for these purposes, we take reasonable steps to ensure that Transfer Data is accurate, complete, current, and reliable for its intended use.
You have the right to access your Transfer Data held by us and you may correct, amend, or delete such Transfer Data, to the extent that it is inaccurate or, has been processed in violation of the Privacy Shield Principles, except where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question or where the rights of persons other than the individual would be violated or as otherwise described in the GDPR or, as otherwise described in the Privacy Shield Principles. You may exercise this right of access to your Transfer Data by contacting us at the email address, telephone number or postal address provided in the “How to Contact Us” clause of this Policy. With respect to Processed Transfer Data, VoltDB will work with the applicable third-party controller to facilitate any right of access as described herein.
Recourse, Enforcement and Liability
VoltDB uses the self-assessment method to verify the attestations and assertions made herein and to ensure that its privacy practices have been implemented as presented herein. We’ll regularly review our continued adherence to these privacy obligations, and we’ll provide and maintain the independent mechanism specified in this Policy as a way to resolve complaints about our privacy practices. Further, VoltDB acknowledges its potential liability for misuse of your Transfer Data by VoltDB or its business partners, as further set forth in this Policy. Adherence by VoltDB to the Privacy Shield Principles and the above-set forth provisions regarding Transfer Data may be limited (a) to the extent necessary to meet national security, public interest or law enforcement requirements; (b) by statute, government regulation, or case law that creates conflicting obligations or explicit authorizations; or (c) if the effect of the GDPR or Member State law is to allow exceptions or derogations, provided that such exceptions or derogations are applied in comparable contexts.
Changes to the Policy
This Policy may be amended from time to time, including in order to ensure consistency and compliance with changes in statutory requirements or as otherwise required by the Company, so please review it frequently. Changes to the policy will be posted on our website and we recommend that you review the Policy to ensure you are aware of any changes made to it.
How to Contact Us
For further information, questions, concerns or complaints about our privacy practices, please contact the VoltDB Privacy Officer using the contact information below. We will attempt to resolve any dispute or complaint relating to the misuse or improper disclosure of personal information by investigating it in accordance with the principles contained in this Policy. Appropriate corrective and preventive action will be implemented and follow-up on such action will be conducted to verify that the expressed concern or complaint has been resolved.
Attn: Privacy Officer
209 Burlington Road
Bedford, MA 01730
Please note the name of the website or other online resource to which you provided the information, as well as the nature of the information that you provided. We will use reasonable efforts to respond promptly to requests, questions or concerns you may have regarding our use of your personal information. Except where required by law, we cannot ensure a response to questions or comments regarding topics unrelated to this Policy or our privacy practices.