Last Updated: Dec 14, 2023
For the sake of convenience, the Website, the Products and Support Services are collectively referred to as “Services” in this Policy.
We request you to acquaint yourself with the terms of this Policy and redirect any queries to us at firstname.lastname@example.org
IF YOU DO NOT AGREE WITH THE TERMS OF THIS POLICY, PLEASE REFRAIN FROM USING THE SERVICES. YOU ACKNOWLEDGE AND REPRESENT THAT YOUR CONTINUED USE OF THE SERVICES SHALL AUTHORIZE US TO PROCESS YOUR INFORMATION IN ACCORDANCE WITH THIS POLICY.
For the purposes of this Policy,
Visitors, Customers, End Users and Administrators are collectively referred to as “Users” in this Policy. References to “you” or “your” across this Policy are to Users of our Services.
This Policy does not apply to any information collection activity outside of the scope of the Services outlined herein (unless otherwise stated below or at the time of collection). Our Websites may contain links to third-party websites. The information collected by such websites, including but not limited to any Personal Data is governed by the privacy notices of such third-party websites. We encourage you to review the privacy notices of such third-party websites, including the ones we may link to in this Policy, in order to understand their data privacy practices.
We acknowledge that you have the right to access, correct, amend or delete your Personal Data under certain circumstances. If you are an End User of any of our Customers, and you have queries regarding such Customer’s privacy practices, or if you seek to access, update, or remove your data, we request you to contact the Customer with whom you interact directly. If a Customer requests access to or otherwise requests us to update or remove data, we shall respond within a reasonable period of time. Please note that we will retain and use data collected on behalf of our Customers as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may also transfer Personal Data collected on behalf of our Customers to companies that help us provide our Services.
We rely on Standard Contractual Clauses (referred to as “SCC’s”) approved by the European Commission for transfer of Personal Data from the European Economic Area (referred to as “EEA”), United Kingdom (“UK”) and/or Switzerland, to us, and on other transfer mechanisms deemed ‘adequate’ under applicable laws.
Pursuant to the DPF Principles, Mitsogo Inc. acknowledges the following:
In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S Data Privacy Framework (“Swiss – U.S. DPF”), Mitsogo Inc. commits to resolve complaints about our Processing of your Personal Data transferred to the U.S pursuant to the EU-U.S. DPF, the UK extension to the EU-U.S. DPF, and the Swiss-U.S. DPF. EU, UK and Swiss individuals with inquiries or complaints should first contact us. You may find Section 13 useful in this regard.
Mitsogo Inc. has committed to refer unresolved DPF Principles-related complaints to a U.S. – based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgement of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.
If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf
We collect the following types of information:
We may collect the following types of information from you at the following instances:
We may collect the following types of information from you whenever you use or access our Services:
This may include information about your device such as the type of device (for eg. computer, mobile, tablet etc.), your device’s internet protocol address (IP Address), MAC address, browser type, browser version, the pages of our website that you visit, the time and date of your visit, the time spent on those pages, the device operating system, unique device identifiers, session data and other diagnostic data.
We also collect aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your Personal Data but is not considered Personal Data under law as it does not directly or indirectly reveal your identity. However, if we combine or connect aggregated data with your Personal Data so it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Policy.
This may include information such as the description attached to a ticket, the settings that you may choose to opt for while using our Services, the files and links you upload to the Services, the chat messages you may exchange with our Support Services, your application repositories, the policy settings you may define in our Services and any feedback you may provide us.
This may include information such as the links or pages you’ve clicked on while using our Services, the time spent on those pages, the queries you’ve raised, and other interactions you may make while using our Services.
Our Services are not intended for any individual under the age of 16. We do not knowingly collect or process any information from any individual under the age of 16. IF YOU ARE AN INDIVIDUAL UNDER THE AGE OF 16, DO NOT SUBMIT ANY INFORMATION TO US AND LOG OFF OUR SERVICES. If you are a parent or a guardian of an individual below the age of 16 and you believe that we have collected the Personal Data of your child/ward, please email us at email@example.com. We will remove such data to the extent required by applicable law.
We do not collect any data about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, genetic or biometric data, or any information about criminal convictions and offences, through our Services.
We do not retain your payment information when you avail our Services. All payment information is processed in compliance with PCI-DSS through third party billing vendors. We strongly encourage you read the privacy policies of our third party billing vendors since the use of your payment information is governed by their privacy policies: https://stripe.com/en-in/privacy
We may offer the use of certain social media features/functionalities on our Website. For eg, the Facebook “Like” button, or a share button. You may be able to share your information on a third party Social Media network through the use of such features. However, please note that these features are governed by the privacy policies of third parties providing such features.
We may provide community spaces such as blogs or chat rooms on our Websites. Please note that any information you may provide in these spaces may be read, collected, or used by third parties who may visit these spaces. We are not responsible for the information that you choose to submit in these spaces.
Any testimonial or Customer information that you see posted on our websites have been posted with the prior consent of such Customers.
We collect and retain information about your use of our Services using commonly employed information-gathering technology such as cookies, web beacons, embedded scripts, location-tracking technology, in-app tracking technology, and other tracking technology.
Cookies are files with small amount of data that are transferred to your browser by a web server, which in turn may be stored on your device. These files can only be read by the web server that transmitted it to your device. These files allow us to deliver personalized experiences to our Users and maintain and improve our Services. For example, cookies enable us to store your webpage preferences, analyze how our Products perform in your device and help in secure your browsing experience against fraudulent activities.
Cookies per se cannot personally identify you. However, you can identify yourself to us by opening an account with us or by filling out web form etc.
We use both session and persistent cookies on our Website. Session Cookies expire at the end of every browsing session. Persistent cookies survive the end of a browsing session and remain on your device even after you close your browser or you switch off your device. You can choose to disable all or some cookies by turning them off in your browser or by making use of third party opt-out tools. You can also choose to manage your browser to alert you when cookies are placed on your device. However, please note that if you choose to disable cookies, parts of the Website may not function smoothly or may stop responding completely.
Web Beacons, otherwise known as tracker pixels, is a clear graphic image that is used to gather usage and performance information pertaining to a website. We use web beacons, sometimes in combination with cookies, to monitor behavioural data, to improve our Website and email communications.
Embedded Scripts are small pieces of code programmed to collect user behavioural data. It is temporarily placed onto your device when you use our Website. However, it is deleted after your connection to our Website ends.
Our Services also make use of GPS software, geo-filtering and other location-aware technologies to obtain information regarding your location and provide personalized content based on your content. However, if you are an End User of our Product, please note that only Administrators can enable these functionalities in your device and we only process your data in this regard as Data Processors.
We do not support DNT. DNT is a preference you can set in your web browser to inform websites that you do not want to be tracked. You can enable or disable DNT by visiting the preference or settings page of your web browser.
For more information, please refer to Data sharing settings - Analytics Help (google.com)
We will only use your Personal Data in accordance with applicable laws. We use your personal data for the following purposes:
If you are a resident of the EEA, UK or Switzerland, we process information about you only when we have legal basis or bases to do so under applicable laws. These legal bases may depend upon your usage of our Services or on the Services you have availed from us or how you choose to interact and communicate with us. We rely on the following bases to process your Personal Data:
You may choose to withdraw your consent to our use and the disclosure of your Personal Data. However, this shall not affect any Processing that has already taken place. Where we reasonably consider that we need to use your Personal Data for another reason and that reason is compatible with the original purpose of collection, then we may also use and process your Personal Data. In such cases, you have the right to object to such use. However, this may mean no longer using our Services.
If we require to process your Personal Data for an unrelated purpose, we shall notify you and explain the legal basis/bases which allows us to do so.
To provide you with our Services, we may transfer your Personal Data to countries other than where you are a resident. Any data transfer made to these countries is made in accordance with applicable data protection and privacy laws. If you are a resident of the EEA, we rely on SCC’s [updated on June 4th, 2021] for transfer of Personal Data to third countries, or for transfer of Personal Data to third parties in the United States. We have also self-certified to the EU-U.S. DPF, the UK Extension to the EU-US Data Privacy Framework and the Swiss-US DPF.
Where consent is necessary to make such transfer, we transfer your Personal Data only after receiving such consent from you. Please refer to our list of global offices at our websites, where your Personal Data may be sent for Processing.
We will retain your Personal Data only for as long as is necessary for the purposes set out in this Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your Personal Data to comply with applicable laws), resolve disputes and enforce our legal agreements and policies.
In some circumstances, we may anonymise your Personal data (so that it can no longer be associated with you) for research and developmental purposes, in which case we may use this information indefinitely without further notice to you.
We may share your Personal Data with the following parties:
Mitsogo Inc is an ISO 270001 certified company. ISO 27001 is the leading internationally recognized standard for information security. It has been awarded to us in recognition of the robust security measures that we have put in place to protect all information flowing through our systems from both internal and external threats.
Further, we limit access to your Personal Data to those employees, agents, contractors and other third parties and we disclose your Personal Data only on a need-to-know basis.
Nevertheless, we shall remain liable under the Principle of Accountability for Onward Transfer if sub-processors process your Personal Data in a manner inconsistent with the DPF Principles, unless we prove that we were not responsible for the event giving rise to the damage.
Additionally, we have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulators of a breach where we are legally required to do so. While we strive to use commercially acceptable means to protect your Personal Data, please note that all methods of transmission over the internet or electronic storage are subject to inherent risks.
The GDPR grants all individuals in the EEA certain rights regarding the Processing of their Personal Information. If you are such an individual, you have the following rights, subject to conditions:
Please note that we may ask you to verify your identity before responding to such requests.
If you wish to exercise any of these rights, please contact us by email at firstname.lastname@example.org. If requested to remove data, we will respond within a reasonable timeframe.
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
If you are based in the EEA, you have the right to complain to a Data Protection Authority about our Processing of your Personal Data. For more information, please visit https://edpb.europa.eu/about-edpb/about-edpb/members_en to contact your local data protection authority in the EEA.
We value your privacy and your rights as a Data Subject and have therefore appointed Prighter as our privacy representative and your point of contact. Prighter gives you an easy way to exercise your rights. If you want to contact us via our representative Prighter or make use of your Data Subject rights, please visit: https://prighter.com/q/11236276819.
The California Privacy Rights Act (CPRA) [ formerly the California Consumer Protection Act (CCPA)] reserves the right for consumers to request the disclosure of collection and usage of their Personal Data . It also reserves the right to opt-out from any kind of sale of Personal Data by the business.
To request disclosure of any information as described by CCPA, you can mail to us at email@example.com
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Our use and transfer to Services of information received from Google APIs will adhere to Google API Services User Data Policy, including the limited use requirements as defined therein.
We reserve the right to modify and update this Policy at any time. When we make only minor modifications, we may do so without notifying you. If we make changes to this Policy that we believe materially impact the privacy of your Personal Data, we may notify you. We encourage you to periodically review this page for the latest information on our privacy practices. The “Last Modified” date at the top of this Policy will allow you to quickly know when the last changes were made.
If you have any questions about this Policy, please contact us by email at firstname.lastname@example.org.
Hexnode year-end sale* ends in...