Immuta SaaS Privacy Notice
Last updated: January 31, 2023
This Privacy Notice describes how we collect and use personal data in relation to Immuta SaaS offering.
For a description of our other processing activities see here.
For our cookie notice see here.
This Privacy Notice does not apply to licensee data processed within the licensee environment at its own initiative, as in this situation Immuta is not acting as a data controller, but as a processor.
Personal data we collect and process
We collect and process contact details related to licensee representatives such as names, emails, job titles, home address, phone numbers, signatures, and account information related to licensee authorized users such as names, emails, IP addresses, and other login details.
We may also collect usage data to optimize user experience and improve our products and services, such as which role does the user have within the instance, whether he owns data sets, whether he has created projects, whether he has tagged data.
How we collect personal data
Contact details are collected directly from licensee representatives. Account information is collected directly from licensee authorized users.
Usage data is collected by automated means from licensee authorized users through our data analytics provider.
Cookies. We also obtain certain information by automated means, such as cookies, web beacons, web server logs and other technologies. A “cookie” is a text file that websites send to a visitor’s computer or other internet-connected device to uniquely identify the visitor’s browser or to store information or settings in the browser. A “web beacon,” also known as an internet tag, pixel tag or clear GIF, links web pages to web servers and cookies and may be used to transmit information collected through cookies back to a web server.
We may use these automated technologies on the Immuta SaaS offering to collect information about your equipment, browsing actions and usage patterns. These technologies help us (1) remember your information so you do not have to re-enter it; (2) track and understand how you use and interact with our solution; (3) tailor the solution around your preferences; (4) measure the usability of our solution and the effectiveness of our communications; and (5) otherwise manage and enhance our products and services, and help ensure they are working properly.
Your browser may tell you how to be notified about certain types of automated collection technologies and how to restrict or disable them. Please note, however, that without these technologies, you may not be able to use all of the features of our solution. For mobile devices, you can manage how your device and browser share certain device data by adjusting the privacy and security settings on your mobile device.
For more information on our use of cookies and similar technologies, click here to review our cookie notice.
How we use personal data
We use personal data for the following purposes:
- Account registration, administration, billing, and communications with customers
- Perform accounting, and other internal functions such as internal reporting, generating statistics to identify trends and opportunities
- Optimize user experience and improve our products and services
- Fraud prevention
- Direct marketing
- Prepare for and engage in internal and external audits and similar assurance-providing processes and procedures
- Prepare for, engage in, complete, or follow up on (de-)mergers, acquisitions or similar corporate transactions
- Prepare for, and engage in, dispute resolution proceedings, including alternative dispute resolution, mediation or administrative or court proceedings
- Comply with and enforce applicable legal requirements, industry standards and Immuta policies and terms
We may also use personal data in other ways for which we provide specific notice at the time of collection.
To whom we may disclose personal data
We disclose personal data to service providers or authorize them to process the data to pursue one or more of the purposes described in this Privacy Notice. Our service providers include:
- Contract management tool providers,
- Communication tool providers,
- User metrics collection and management tool providers,
- Platform analytics tool providers,
- Legal service providers,
- Auditors,
- Advisors and consultants.
We may also disclose personal data to other third parties we engage within the context of mergers and acquisitions, governmental authorities, or debt collection agencies.
How we secure personal data
We maintain physical, technical, and administrative safeguards designed to protect personal data against accidental, unlawful or unauthorized access, destruction, loss, alteration, disclosure or use. Our security procedures mean that we may request proof of identity before we disclose personal data to you.
Location of personal data
Personal data is hosted in the United States. Whenever we transfer personal data subject to international transfer restrictions, we ensure that the information is transferred in accordance with this Privacy Notice and as permitted by applicable data protection laws.
Retention of personal data
We keep personal data for as long as it is required in order to fulfill the relevant purposes described in this Privacy Notice and as may be required by law (including for tax and accounting purposes), or as otherwise communicated to you.
Your rights
Subject to applicable law, you may have the right to:
- ask whether we hold personal data about you and request copies of such personal data and information about how it is processed.
- request that inaccurate, incomplete or outdated personal data is corrected or completed.
- request the deletion of personal data in certain circumstances.
- request to restrict the processing of your personal data in certain circumstances.
- object to the processing of personal data on grounds relating to your particular situation.
- request that we provide a copy of your personal data to you in a structured, commonly used and machine readable format in certain circumstances.
If you wish to exercise any of these rights, please contact us at [email protected]. You can also lodge a complaint with the data protection authority in your country.
When you consent to our processing your personal data for a specified purpose, you may withdraw your consent at any time, and we will stop any further processing of your data for that purpose.
Unsubscribing. You can tell us at any time not to send you marketing communications by e-mail by clicking on the unsubscribe link within the marketing emails you receive from us, or by sending an “opt out” request to the address indicated on such email. You may request not to be contacted in connection with any new services, updates, news, or events by contacting us as described below. You may also unsubscribe via our preference center at this link: https://go.immuta.com/manage-email-preferences.
Verifying Requests. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your personal information or complying with your deletion or correction request. We may require you to verify your email address or phone number in our records and/or provide any of the following information:
- Contact information (such as name, email, phone number, and address); and
- An indication of your prior contact with Immuta (such as prior contact with customer service, or other contact).
In addition, if you ask us to provide you with specific pieces of personal information, we may require you to sign a declaration under penalty of perjury that you are the individual whose personal information is the subject of the request.
Updates to our Privacy Notice
We may update this Privacy Notice from time to time and without prior notice to you to reflect changes in our personal data practices. We will indicate at the top of the policy when it was most recently updated.
How to Contact Us
You can update your preferences, submit a request or ask us questions about this Privacy Notice or our practices by emailing us at [email protected] or writing to us at:
Immuta, Inc.,
Attn: Mike Scott
886 N. High Street, 3rd Floor
Columbus, OH
43215, USA7878 Di
Additional information for certain jurisdictions
Pick the jurisdiction in which you habitually reside to know more about the justifications for processing your data and your rights.
European Economic Area (EEA) and the United Kingdom (UK)
Identity of the controller
Immuta, Inc., with offices at 25 Thomson Place, 4th Floor, Boston, MA 02210, USA is responsible for the processing of your personal data as described in this Privacy Notice.
Legal bases
We process your personal data on one or more of the following legal bases:
Purpose |
Legal Basis |
Account registration, administration, billing, and communications with customers |
As necessary to enter into a contract or to perform our contractual obligations |
Perform accounting, and other internal functions such as internal reporting, generating statistics to identify trends and opportunities |
To understand our business context and environment as well as the markets in which we operate. (Legitimate interests) |
Optimizing user experience and improving our products and services |
Being able to improve our products and services. (Legitimate interests) |
Fraud prevention |
To keep our customers, suppliers and products and services safe and secure. (Legitimate interests) |
Direct marketing |
To offer new products and services to existing customers. (Legitimate interests) |
Prepare for and engage in internal and external audits and similar assurance-providing processes and procedures |
To be able to verify the compliance of our internal processes and procedures and obtain an adequate level of assurance. (Legitimate interests) |
Prepare for, engage in, complete, or follow up on (de-)mergers, acquisitions or similar corporate transactions |
To be able to engage in corporate transactions. (Legitimate interests) |
Prepare for, and engage in, dispute resolution proceedings, including alternative dispute resolution, mediation or administrative or court proceedings |
To be able to defend ourselves and our interests. (Legitimate interests) |
Comply with and enforce applicable legal requirements, industry standards and Immuta policies and terms |
- As necessary to comply with relevant law and legal obligations, including to respond to lawful requests and orders. (Legal obligation)
- To be able to implement industry standards. (legitimate interests)
|
In accordance with applicable law, we take reasonable measures to ensure that the interests we pursue are balanced with your interests, rights and freedoms, which we are happy to explain upon request.
Your Rights
Subject to applicable law, you have the right to:
- ask whether we hold personal data about you and request copies of such personal data and information about how it is processed.
- request that inaccurate, incomplete or outdated personal data is corrected or updated.
- request the deletion of personal data in certain circumstances.
- request to restrict the processing of your personal data in certain circumstances.
- object to the processing of personal data on grounds relating to your particular situation.
- request that we provide a copy of your personal data to you in a structured, commonly used and machine readable format in certain circumstances.
If you wish to exercise any of these rights, please contact us at [email protected]. You can also lodge a complaint with the data protection authority in your country.
When you consent to our processing your personal data for a specified purpose, you may withdraw your consent at any time, and we will stop any further processing of your data for that purpose.
International transfers
We transfer personal data from the EEA and the UK to the United States by entering into the European Commission’s EU Standard Contractual Clauses and the UK Transfer Addendum (if appropriate) or on the basis of either a derogation when the transfer is necessary for the conclusion or performance of a contract, for the implementation of pre-contractual measures taken at your request, or upon your explicit consent, depending upon the categories of personal data and the purpose of the processing at stake. To obtain a copy of the safeguards we have put in place, please contact us as indicated below.
Alternatively, we ensure that the data recipient is located in a country that has been the subject of an adequacy decision.
How to Contact Us
You can update your preferences, ask us to remove your information from our marketing lists, submit a request or ask us questions about this Privacy Notice or our practices by emailing us at [email protected] or writing to us at:
Immuta Inc.
Attn: Mike Scott
Address: 886 N. High Street, 3rd Floor
Columbus, OH
43215, USA