Skip to content

Latest commit

 

History

History
98 lines (69 loc) · 13.8 KB

PRIVACY.md

File metadata and controls

98 lines (69 loc) · 13.8 KB

Privacy Policy

We, Privado Inc (“Privado” or “we” or “us”) are the owners of the , Command Line Interface Tool ("CLI”) for Android developers. The CLI enables developers to scan the software code for gaps related to privacy implementation and suggests strategies to ensure privacy (the “Software”). Our website www.privado.ai (the “Website”) showcases our services and product offerings (“Offerings”).

We take your privacy seriously and are committed to safeguarding your personal information collected via this Software. This privacy policy (“Privacy Policy”) sets forth how we collect, use and protect the personal information collected via this Software.

PLEASE READ THIS PRIVACY POLICY CAREFULLY. BY BY CONTINUING TO USE THE SOFTWARE, YOU AGREE TO THIS PRIVACY POLICY. IF YOU DO NOT AGREE TO THIS PRIVACY POLICY, YOU MAY NOT PROVIDE YOUR PERSONAL INFORMATION VIA THIS SOFTWARE.

IF YOU ARE USING THE SOFTWARE ON BEHALF OF A THIRD PARTY, YOU REPRESENT THAT YOU HAVE THE AUTHORITY TO BIND SUCH THIRD-PARTY TO THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY AND, IN SUCH AN EVENT YOUR USE OF THE SOFTWARE SHALL REFER TO USE BY SUCH THIRD PARTY. IF YOU DO NOT HAVE SUCH AN AUTHORITY (TO PROVIDE ANY PERSONAL INFORMATION OF A THIRD PARTY) OR DO NOT AGREE TO THE TERMS OF THIS PRIVACY POLICY, THEN YOU SHOULD REFRAIN FROM USING THE SOFTWARE.

This Privacy Policy is an electronic record in the form of an electronic contract being compliant and construed in accordance with the data protection laws of various jurisdiction such as Indian Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 under Information Technology Act, 2000 (“Privacy Rules”) that require publishing of privacy policy for collection, use, storage and transfer of sensitive personal data or information, The European Union (“EU”) General Data Protection Regulation(“the GDPR”), and applicable data protection laws of the United States of America.

If you have any questions or concerns about this Privacy Policy or your personal information, please contact us at [email protected].

1. INTRODUCTION

The Software has been developed by Privado to help developers identify privacy gaps. The Software also generates a report and suggests the various strategies to increase privacy features of the software/application.

2. INFORMATION WE COLLECT ABOUT YOU

To get in touch with us through our Website or Software, for registration and account creation for using the Software, you are required to provide us with your e-mail address. For the sake of brevity, the aforementioned information shall be referred to as “Personal Information”. We also collect details related to your use of the Software such as product usage data and error logs. Additionally, we may also collect telemetric data which is anonymized and non-personal, to help improve our Software and other Offerings.

Accuracy of information Please make sure that any Personal Information you share with us is accurate and up to date information.

3. HOW WE USE YOUR PERSONAL INFORMATION

We use the Personal Information for the following purposes:

  • to provide you with information about our Software/Offerings and/or our periodic newsletters;
  • for marketing purposes and provide you with information related to our other Offerings;
  • to respond to your requests;
  • to manage our relationship with you;
  • for internal record keeping;
  • to provide you with authentication to login and use your user account;
  • to verify your identity;
  • to maintain correct and up-to-date information about you;
  • to improve our Software, Website and other Offerings;
  • to otherwise be able to provide the services to you and
  • to comply with our legal or statutory obligations.

4. WHO DO WE DISCLOSE YOUR DATA TO?

We do not trade or otherwise transfer to outside parties any Personal Information. This does not include trusted third parties or subcontractors hired to provide services on our behalf. This includes those who act as data processors on our behalf, acting strictly under contract . With your confidentiality and protection in mind, we will always strive to protect your data when dealing with third-party vendors and other data processors. As permitted by law, we may share your Personal Information with third parties as follows:

  • Service Providers: Your Personal Information may be shared with or collected by third party service providers who provide us with services, including but not limited to data hosting or processing, credit card processing or processing and fulfilling purchases. We may also avail services from Twilio for sending emails and Amazon Webservices for cloud infrastructure services. We require these providers to exercise reasonable care to protect your Personal Information and restrict the use of your Personal Information to the purposes for which it was provided to them.
  • Merger or Acquisition: We may transfer your Personal Information if we are acquired by another entity, or if we merge with another company or transfer a part of our business, including the Software, to a third party. Any such third party or resultant entity that receives your Personal Information shall have the right to continue to use your Personal Information in line with the purposes set out herein. In the event of such a sale or transfer, we may notify you.
  • Legal and Regulatory Authorities: We may disclose your Personal Information in order to comply with our legal obligations/ court orders/ requests by Govt. authorities.

5. HOW LONG DO WE STORE YOUR PERSONAL INFORMATION?

We will retain your Personal Information as long as it is required to be retained for the purpose of provision of the Software and to comply with our legal obligations. Subject to this section, we will delete your Personal Information upon reasonable written request for the same. Please note, however, that there might be latency in deleting Personal Information from our servers. For more information on where and how long your Personal Information is stored, please contact [email protected] . Where your Personal Information is processed by us on the basis of your consent we will delete or anonymise your data if you withdraw your consent.

6. OUR SECURITY MEASURES

Privado CLI tool was engineered with security in mind. Our tool runs the scan locally on your machine and your code never leaves your system. Your Personal Information is stored on servers located in the EU. We have implemented encryption mechanism and provide appropriate firewalls and protections.

7. INFORMATION FOR EU and UK VISITORS

Residents of the European Union (“EU”) and United Kingdom (“UK”) should note that this Privacy Policy has been updated in accordance with the requirements of the EU General Data Protection Regulation (the “GDPR”) and the UK GDPR, the United Kingdom Data Protection Act 2018, the Privacy and Electronic Communications Regulations, and any regulation superseding any of the foregoing (“UK Privacy Laws”). As per the provisions of the GDPR and UK Privacy Laws we shall be considered the Controllers of the Personal information collected as a result of your use / access of the Software.

Legal Basis (for EU residents and UK residents): We will not process your Personal Information without a lawful basis to do so. We will process your Personal Information only on the legal bases of consent, contract, or on the basis of our legitimate interests, provided that such interests are not overridden by your privacy rights and interests.

Transfer of Your Personal Information Across Borders: There may be instances when the processing of your Personal Information will involve a transfer of Personal Information outside the EU and UK. Whenever we transfer your Personal Information across borders, we ensure a similar degree of protection is afforded to it by ensuring that any such international transfers are made subject to appropriate or suitable safeguards as required by GDPR and UK Privacy Laws. If you have questions, please contact us as at [email protected].

Your Rights (For EU and UK Residents):

  • You have the right to request us to let you know what Personal Information belonging to you, we hold in our possession;
  • Right to withdraw consent at any time where we are relying on consent to process your Personal Information;
  • right to have us rectify or modify any such Personal Information;
  • right to have us erase/delete your Personal Information;
  • right to restrict us from processing such Personal Information;
  • right to object to our use of your Personal Information;
  • you have the right to lodge a complaint with a data protection authority.

UK residents have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk ). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. We may need to request specific information from you to help us confirm your identity or also contact you for further information in relation to your request. If you would like to exercise ANY of these rights, please contact [email protected] . Governing Laws: For any EU and UK residents, this Privacy Policy shall be governed respectively by the provisions of the GDPR and UK Privacy Laws.

8. CALIFORNIA RESIDENT RIGHTS

If you are a California resident, you have the rights as mentioned below;

  • Access: You have the right to request certain information about our collection and use of your Personal Data over the past 12 months. If we have disclosed your Personal Information for a business purpose over the past 12 months, we will identify the categories of Personal Data shared with each category of third-party recipient. If we have sold your Personal Information over the past 12 months, we will identify the categories of Personal Information purchased by each category of third-party recipient.
  • Deletion: You have the right to request that we delete the Personal Information that we have collected from you.
  • Exercising Your Rights: To exercise the rights described above, you must send us a request that (1) provides sufficient information to allow us to verify that you are the person about whom we have collected Personal Information and (2) describes your request in sufficient detail to allow us to understand, evaluate, and respond to it. Each request that meets both of these criteria will be considered a “Valid Request.” We may not respond to requests that do not meet these criteria. We will only use Personal Information provided in a Valid Request to verify you and complete your request. You do not need an account to submit a Valid Request. We will respond to your Valid Request within 45 days of receipt. We will not charge you with any fees for making a Valid Request unless your Valid Request(s) is excessive, repetitive, or manifestly unfounded. If we determine that your Valid Request warrants any fees, we will notify you of the fees and explain that decision before completing your request. You may submit your Valid Request at [insert email address]
  • No Discrimination: We will not discriminate against you for exercising your rights under the California Consumer Privacy Act (the “CCPA”). We will not deny you use of our Software, charge you different prices or rates, or provide you a lower quality of our Software if you exercise your rights under the CCPA.

9. LINKS TO OTHER WEBSITES/APPLICATIONS

Our Software may contain links to other websites/applications of your interest. Please note that we do not have any control over such other websites/applications, and you will be accessing these websites/applications at your own risk. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such websites/applications and those are not governed by this Privacy Policy. You should exercise caution and look at the privacy policy applicable to such websites/applications.

10. CHOICE AND OPT-OUT

We may send you communications including but not limited to (a) notices about your use of our Software, Website and Offerings, including those concerning violations of use, (b) updates, (c) promotional information regarding our Offerings, and (d) newsletters. You may opt out of receiving promotional emails and newsletters from us by following the unsubscribe instructions provided in those emails. Alternatively, you can opt out, at any time, by emailing [email protected] with your specific request.

11. LIMITATION OF LIABILITY

To the extent permissible under the law, we shall not be liable for any direct, indirect, incidental, special, consequential or exemplary damages, including but not limited to, damages for loss of profits, goodwill, data, information, or other intangible losses (even if we have been advised of the possibility of such damages), arising out of this Privacy Policy.

12. GOVERNING LAWS

This Privacy Policy shall be construed and governed by the laws of State of Delaware, USA and the courts of State of Delaware, USA shall have an exclusive jurisdiction to adjudicate any subject matter under this Privacy Policy.

13. CHANGES TO THIS PRIVACY POLICY

Please revisit this page periodically to stay aware of any changes to this Privacy Policy, which we may update from time to time. If we modify this Privacy Policy, we will make it available through the Software and indicate the date of the latest revision. In the event that the modifications materially alter your rights or obligations hereunder, we will make reasonable efforts to notify you of the change through our Website. This Privacy Policy was last modified on 16 Feb 2022

14. CONTACT US

If you have any questions or concerns or grievances regarding this Privacy Policy you can contact us at [email protected] .