Privacy and Cookies Policy

This Privacy and Cookies Policy relates to our privacy practices in connection with cloudranger.com (the “Site”).

Effective from: May 18th, 2018

1. PRELIMINARY MATTERS

1.1. About Us. Silver Lining Cloud Consulting Limited trading as CloudRanger is a private company limited by shares incorporated in Ireland with company number 549214 and having a registered office at CoLab, Port Road, Letterkenny, Co. Donegal (“we”/ “us”/ “our”/ “CloudRanger”).
1.2. This Policy. This privacy policy (the “Policy”) (together with our terms of service (https://www.cloudranger.com/terms (the “Terms of Service”)) sets out important information about your rights in relation to the processing of your personal data, and the basis on which any personal data we collect from you, or that you provide to us, will be processed in connection with your use of this website (www.cloudranger.com) (“our Site” or “the Site”) and/or the CloudRanger platform, app or service (the “Services”).
1.3. Controller. Under this Policy, and unless the circumstances otherwise require, we will be what is known under the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) as the “controller” of the personal data you provide to us.
1.4. Contact Us. If you have any queries relating to this Policy or our privacy practices, please contact us at info@cloudranger.com.

2. YOUR PERSONAL DATA AND YOUR RIGHTS

2.1. Access to your Information. We will provide you with a copy of your personal information (as relevant) for free if we receive a request from you for your information. This is regulated by and subject to the GDPR. Any such request should be made in writing and may be sent to by email info@cloudranger.com.
2.2. Right of Restriction. You have the right to restrict us from processing personal data where one of the following applies:
2.2.1. you have contested the accuracy of the personal data we hold on record in relation to you or for a period of time to enable us to verify the accuracy of the personal data;
2.2.2. the processing of your personal data is unlawful and you request the restriction of use of the personal data instead of its erasure;
2.2.3. we no longer require your personal data for the purpose of processing but you require this data for the establishment, exercise or defence of legal claims; or
2.2.4. where you have contested the processing pursuant to Article 21(1) of the GDPR pending the verification of whether our legitimate grounds override those of yours.
2.3. Corrections or Erasure (Right to Rectification and Right to Be Forgotten): If we hold personal data concerning you which are no longer necessary for the purposes for which they were collected or if you withdraw consent for us to process personal data, you can request the deletion of personal data. This right will not apply where we are required to process personal data in order to comply with a legal obligation or where the processing of such information is carried out for reasons of public interest in the area of public health. You can also request to have your personal information corrected if it is inaccurate. Any request should be made in writing to the e-mail address set out below.
2.4. Right to Object. Where we process personal data on the basis of a legitimate interest claimed by us, you may object to our processing. Should this occur, we will no longer process the personal data unless doing so is justified by a compelling legitimate ground. You may object to the processing personal data for direct marketing purposes and in the event that you do, we will no longer process your information for this purpose. Please see Section 9 (Marketing Communications) for further information. If you wish for us to stop processing your data for direct marketing purposes please email info@cloudranger.com.
2.5. Data Portability. Where we process personal data by automated means (i.e. not on paper) you have the right to receive your personal data (as applicable) in a structured, commonly used machine-readable format and have us transfer that personal data to another controller.
2.6. Profiling. You have the right not to be exposed to a decision based only on automated processing, including profiling, which produces legal effects.
2.7. More important information. Additional information about the type of information we collect from you, the reasons we collect it and what we do with it is set out in more detail below.

3. THE INFORMATION WE COLLECT

3.1. We will collect and process the following data about you:
3.1.1. Information you give us.
This is information about you that you give us by filling in forms on our Site or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you use our Site, register for, subscribe to or use the Services, search for a product, place an order on our Site, participate in discussion boards or other social media functions on our site and/or when you report a problem with our Site. The information you give us may include your name, address, e-mail address and phone number, job title, financial and credit card information, billing contact email address, VAT number, personal description and sign up survey answers.
When using the Site and/or the Services, you may input or otherwise provide us with the personal data of your customers, clients, suppliers or other existing or prospective sales or business contacts or partners, including for example, their names, email address, company name, job title, phone number and other contact details, appointments and other meeting arrangements (“Your End Customer Data”). You are responsible for the completeness and accuracy of Your End User Customer Data. You understand that Your End User Customer Data will be subject to and processed in accordance with this Policy.
3.1.2. Information we collect about you. With regard to each of your visits to our Site we will automatically collect the following information:
a) technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, how often you use the application and other performance data which may be subject to analytics software; and
b) information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call us.
3.1.3. Information we receive from other sources.
In this case we will have informed you when we collected that data if we intend to share those data internally and combine it with data collected on this Site or on the Services. We will also have told you for what purpose we will share and combine your data.
3.1.4. No special categories of personal data.
We do not require or collect any personal data that is your sensitive personal data or any special category of personal data under the GDPR, unless you decide to provide such information to us. We may use this information to make user profiles and to personalise the Site to your particular interests.

4. COOKIES

4.1. What are cookies and why we use them. The Site may use cookies from time to time. “Cookies” are small text files which are stored by your browser on your computer and are normally used to gather statistical information and to analyse trends of use or access to a website. Cookies cannot be used to run programs or deliver viruses to your computer.
4.1.1. Cookies may be used to save your personal preferences so you do not have to re-enter them each time you access the Site.
4.1.2. Our cookies will record the number of user sessions on this website and track the number of users who return to the Site.
4.1.3. While most browsers automatically accept cookies, you are free to accept or reject our cookies or to ask your browser to indicate when a cookie is being sent, provided your browser permits.
4.1.4. If you choose to refuse our cookies or ask for a notification each time a cookie is being sent, this may affect your ease of use of the Site.
4.1.5. The information created by using cookie technology does not, and cannot be used to, identify or contact you.
4.1.6. The Site may also include tracking pixels, which are small graphic images, in our email messages and newsletters to determine whether the messages were opened and the links were actually clicked.
4.1.7. The Site may use cookies to market the Services to you on third party websites. For example, if you visit our website, you may then see an advertisement for the Services on certain third party websites in the future. This allows us to track the performance of our advertisements but these cookies only remember which browsers have visited our websites and information provided to third parties does not include personal information. You have the right to prevent us from processing your for marketing purposes. Please see Right to Object below for further information.

5. WHAT WE DO WITH YOUR INFORMATION

5.1. We use information held about you in the following ways:
5.1.1. Information you give to us. We will use this information:
a) to provide you with the information, products and services that you request from us;
b) to set up and administer your account for the Services;
c) to perform our obligations arising from any contracts entered into between you and us;
d) to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
e) where you have given us your consent to do so, to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you;
f) to notify you about changes to the Services; and
g) to ensure that content from our Site is presented in the most effective manner for you and for your computer.
5.1.2. Information we collect about you. We will use this information:
a) to administer our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
b) to improve our Site to ensure that content is presented in the most effective manner for you and for your computer or device;
c) to allow you to participate in interactive features of the Services, when you choose to do so;
d) as part of our efforts to keep our Site safe and secure;
e) to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
f) where we have your consent to do so, to make suggestions and recommendations to you and other users of our Site about goods or services that may interest you or them.
5.1.3. Information we receive from other sources.
On occasion we may receive information form external source, as an example Google. We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
5.1.4. How long we keep your information.
The period of time we retain your personal data will depend on the continuation of your subscription to our services. Your personal data shall only be obtained for the purposes set out in this privacy policy and shall not be retained for longer than is necessary for that purpose or those purposes. If you specifically ask that all data we store about you is deleted we commit to remove all data about you within 14 days of request.

6. DISCLOSURE OF YOUR INFORMATION

6.1. You agree that we have the right to share your personal information with:
6.1.1. Any member of our group, which means any subsidiary or holding company within the meaning of sections 7 and 8 of the Companies Act 2014.
6.1.2. Selected third parties including:
a) business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you in relation to the Services;
b) where we have your consent to do so, advertisers and advertising networks that require the data to select and serve relevant adverts to you and others;
c) where we have your consent to do so, email marketing service providers, to send marketing communications to you from time to time by email about promotions, competitions, updates and new products or services that may be of interest to you;
d) analytics and search engine providers that assist us in the improvement and optimisation of our Site;
e) payment and delivery services; and
f) content management platforms.
6.1.3. We will disclose your personal information to third parties:
a) in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
b) if CloudRanger or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
c) if we are under a duty to disclose or share your personal data in order to comply with any law, legal obligation or court order, or in order to enforce rights under the GDPR or to apply our Terms of Service and other agreements.
d) to protect our rights, property or safety, our customers, or others. This includes exchanging information with other companies and organisations for the maintenance and security of the Site and Services.

7. INTERNATIONAL TRANSFERS

Local Servers: Your personal data is stored on servers based in the USA.
Transfers outside the European Economic Area (“EEA”). Personal Data may be transferred to our partners and service providers who maintain their servers outside of the EEA where the privacy laws may not be as protective as those in your jurisdiction. Any transfer of personal data will be in accordance with Chapter V of the GDPR.

8. SECURITY OF YOUR INFORMATION

8.1. Acknowledgement and Disclaimer. We take our security responsibilities seriously, using the most appropriate physical and technical measures and require our hosting partner to use the same standard of care. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. These are described in more detail below.
8.2. Location of Servers and Accessibility. The data that we collect from you is stored at a destination in the USA. CloudRanger employees are currently located within the EEA. Staff at CloudRanger may be engaged in, among other things, the provision of services to you, and the provision of support services. CloudRanger will take all steps reasonably necessary to ensure that your data is treated securely in accordance with this privacy policy.
All information you provide to us is stored on our secure servers. All transactions will be encrypted at rest and in transit. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone
8.3. Data Storage. The data we collect in order to provide our services is stored on secure servers hosted on AWS US East1, a service provided by Amazon Web Services (AWS). You can read more about AWS’s security policy at https://aws.amazon.com/security/. Note your own customer’s data remains within your own AWS region and therefore is always within the bounds of your own security policy.
8.4. Data Backup. CloudRanger maintains data replicas of its database to ensure durability. CloudRanger’s live database is in the US East1 region. A live replica is kept in the same region in a second availability zone and another is kept in the US West2 region. Daily backups are taken in the event of catastrophic data loss. All environments are housed within a private Virtual Private Network (VPN).
8.5. Data Encryption. All data storage & transit initiated by CloudRanger, within the customer AWS account, will be encrypted at rest and in transit using Server Side Encryption (SSE) & SSL termination respectively.
8.6. Data Analytics. We use third-party analytics services to help understand your usage of our services. In particular, we provide a limited amount of your information (such as sign-up date and some personal information like your email address) to Intercom, Inc. (“Intercom”) and utilise Intercom to collect data for analytics purposes when you visit our website or use our product. As a data processor acting on our behalf, Intercom analyses your use of our website and/or product and tracks our relationship by way of cookies and similar technologies so that we can improve our service to you. For more information on Intercom’s use of cookies, please visit https://www.intercom.com/terms-and-policies#cookie-policy. We may also use Intercom as a medium for communications, either through email, or through messages within our product(s). As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience . For more information on the privacy practices of Intercom, please visit https://www.intercom.com/terms-and-policies#privacy. Intercom’s services are governed by Intercom’s terms of use which can be found at https://www.intercom.com/terms-and-policies#terms. If you would like to opt out of having this information collected by or submitted to Intercom, please contact us at info@cloudranger.com.
8.7. Restricted Access. Our servers are run in an isolated private network. Access to the production environment where your personal data is stored is limited and is held by us. Only dedicated staff have access to our servers and this is a ‘need to access’ basis. If a customer is having issues with their account, and they require CloudRanger support to resolve the issue, special access requirements to the customer account will be requested by CloudRanger. This access will be provided by the customer by adding a CloudRanger employee to their CloudRanger organisation. That access should be removed by the customer on resolution of the issue. CloudRanger, by default, will not have access to customer data located on client AWS resources.
8.8. Development and Operations. New features and updates are developed and released on development servers prior to being pushed live to the main production environment. Extensive testing is undertaken by the CloudRanger team to ensure all new features are working correctly and the performance of the Site and Services is maintained.
8.9. Performance monitoring applications. The overall performance of the Site and Services is very important. In order to maintain an uninterrupted service, our servers are constantly monitored and a dedicated team are alerted immediately in case of any service disruptions.
8.10. Password and Authentication. Connection to the Services environment is via TLS cryptographic protocols, using global step-up certificates, ensuring that our users have a secure connection from their browsers to our service. Individual user sessions are identified verified using a unique token created at login. Email address is the unique identifier in the Services. If there are repetitive failed attempts at logging in, then the account is blocked temporarily for up to 1 day.

9. MARKETING COMMUNICATIONS

9.1. General. Where you have given us your consent to do so, we may also use your data to send marketing communications to you from time to time about promotions, competitions, updates and new products or services that may be of interest to you.
9.2. Your right to withdraw your Consent. If you change your mind at any time, you can withdraw your consent to the processing of your personal data for such marketing purposes by contacting us at info@cloudranger.com or if received by email, by unsubscribing when you receive an email marketing communication from us. The withdrawal of your consent will not impact upon the lawfulness of processing based on your consent prior to the withdrawal.
9.3. Email marketing service providers. Some of our marketing communications may be sent by email. The servers and offices of these email marketing service providers may be located outside the EEA so if you choose to receive marketing communications from us by email, this means that your personal data may be transferred to, stored, or processed outside the EEA.

10. THIRD PARTY MATERIAL

We endeavour to deal with vendors and other third parties who are GDPR compliant or, in the case of the third parties located outside of the EEA, who are certified as compliant with the EU-US Privacy Shield, as applicable, or who have adequate security measures in place to safeguard the security of personal data. That said, we, our employees, agents, holding company and subsidiaries, accept no liability howsoever arising for the content or reliability of any third party materials or websites referenced by hyperlink or other means on the Site or for the data collection and use practices or security measures used by such third parties. If you submit personal data to any of those sites, your personal data is governed by their privacy policy. We encourage you to carefully read the third party’s privacy policy.

11. CHANGES TO THIS POLICY

Any changes made to this Policy from time to time will be published at the Site and, where appropriate, notified to you by email. Should any change to this Policy result in personal data being used in a way which is different from that made known to you at the time it was collected, we will notify you to determine whether or not we may use your personal information in this new way.

12. QUESTIONS AND COMPLAINTS.

Contact Us. Should you have any questions or complaints relating to this Policy, please contact us at:
www.cloudranger.com
info@cloudranger.com
CoLab, Port Road, Letterkenny, Co. Donegal, Ireland
224 W Huron St, Suite #3E Chicago, IL 60654, USA
+1 (312) 448-8616

Supervisory Authority. We are committed to complying with the terms of the GDPR and to the processing of personal data in a fair, lawful and transparent manner. If, however, you believe that we have not complied with our obligations under the GDPR, you have the right to lodge a complaint with the Office of the Data Protection Commissioner.