Originally Published on January 24, 2004
1 Modified and Effective on April 1, 2019
Idera Inc., together with its United States subsidiaries, Assembla, Inc., AquaFold, Inc., CodeGear LLC, Embarcadero Technologies, Inc., Lansa, Inc., Precise Software Solutions, Inc., Ranorex, Inc., Sencha, Inc., Travis CI Corporation, Uptime Software, Inc., Webyog, Inc. and Whole Tomato Software, LLC (collectively, the "Company"), is committed to respecting and protecting the privacy of our customers, partners, webinars attendees and website visitors. Specifically, we do not sell, rent or trade email lists with other companies for marketing purposes. In this Privacy Statement we describe the Company's privacy practices in relation to the use of the Company's Websites (as defined below) and the related applications, services, products and programs offered by the Company (collectively, "Services"), as well as individuals' choices regarding use, access and correction of personal information.
The Company's Services comply with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. You can view a description of how we comply with the Privacy Shield Principles in our Privacy Shield Notice. The Company has certified to the Department of Commerce that the Services described in our Privacy Shield Notice adhere to the Privacy Shield Principles. To learn more about the Privacy Shield principles, please visit https://www.privacyshield.gov/welcome.
1. Websites covered
This Privacy Statement covers the information practices, including how the Company collects, uses, shares and secures the personal information you provide to websites that link to this Privacy Statement, which are the following websites http://www.idera.com; https://www.assembla.com; http://www.aquafold.com; https://www.embarcadero.com; https://www.lansa.com; https://www.ranorex.com; http://www.sencha.com, https://www.travis-ci.org, https://www.webyog.com and http://www.wholetomato.com (collectively referred to as the "Websites").
2. Collection of Personal Information
Personal information means any information that may be used to identify you, such as, your name, title, phone number, email address, or mailing address.
In general, you can browse our website without giving us any personal information. We use web analytics software to analyze traffic to this web site in order to understand our customer's and visitor's needs and to continually improve our site for them. This software collects only anonymous, aggregate statistics.
If you want to subscribe to a periodic communication such as a newsletter, we ask you to simply provide your business email address ("Optional Information"). Additional activities on our site may require you to be registered, for example, to read a white paper, download trial or free software, when you express an interest in obtaining additional information about the Services or register for an event. As part of the registration process, we may ask you for additional personal information, such as name, company name, address, phone number, and email address ("Required Information"). We use that information for several general purposes: to tell you about products and services if you so request, to fulfill your request, to contact you if we need to obtain or provide additional information; to verify the accuracy of our records, to contact you regarding customer satisfaction surveys.
For our downloadable software products, as part of the Required Information, on installation and execution, some of our products may send the Company certain information for software updates, auditing and license compliance verification, including product version and edition, number of copies of the product in use by licensee, machine IDs, IP address of the device, license key, information about the operation system and/or environment where the product is installed, serial numbers and other related information, for example, applicable to products such as RAD Studio, Delphi, C++Builder and Sencha EXT JS. Solely for our software as a service products, as part of the Required Information and in order to provide the Services to you, we store all the content you provide, including but not limited to accounts created for team members, files, pictures, project information, and any other information that you provide to the Services you use.
When purchasing Services or registering for an event, the Company may also require you to provide your billing information, such as billing name and address, credit card number ("Billing Information"). Some activities require additional personal information. For example, to fulfill online orders for products, we require you to enter credit card information, and you have the option to provide a separate shipping address. When visitors of the Company Website apply for a job with the Company, the Company may also require you to submit additional personal information as well as a resume or curriculum vitae ("Applicant Information"). Required Information, Optional Information, Billing Information, Applicant Information and any other information you submit to the Company through the Services or information provided to you by the Company through your use of the Services (e.g. license key) are referred to collectively as "Data".
As you navigate the Company's website, the Company may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons. Website Navigational Information as defined in Section 7 below, includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol ("IP") address, and the actions you take on Idera's web pages viewed and the links clicked). For additional information about the collection of Website Navigational Information by Idera and others, please see Section 7 below.
3. Use of Personal Information and The Legal Bases on Which We Rely
Managing user registrations. If you have registered for an account with us, we process your Data by managing your user account for the purpose of performing our contract with you according to applicable terms of service;
Promoting the security of our Websites and Services. The Company processes your Data by tracking use of its Websites and Services, creating aggregated, non-personal data, verifying accounts and activity, investigating suspicious activity and enforcing our terms and policies, to the extent this is necessary for our legitimate interest in promoting the safety and security of the services, systems and applications and in protecting our rights and the rights of others. For example, to check for license compliance validation either using the license key or your account details. Some software products can also use license information to inform you of the availability of applicable updates.
Developing and improving our Websites and Services. We process your Data to analyze trends and to track your usage of and interactions with our Websites and services to the extent it is necessary for our legitimate interest in developing and improving our Websites and services and providing our users with more relevant content and service offerings, or where we seek your valid consent.
Handling contact and user support requests. If you fill out one of our web forms or request user support, or if you contact us by other means including via a phone call, we process your Data to perform our contract with you and to the extent it is necessary for our legitimate interest in fulfilling your requests and communicating with you;
Reviewing compliance with applicable usage terms. We process your Data to review compliance with the applicable usage terms in our customer's contract to the extent that it is in our legitimate interest to ensure adherence to the relevant terms.
Assessing and improving user experience. The Company processes device and usage data as described in Section 7 below, which in some cases may be associated with your Data, in order to analyze trends, assess and improve the overall user experience to the extent it is necessary for our legitimate interest in developing and improving the service offering, or where we seek your valid consent. In addition, the Company uses Website Navigational Information to operate and improve the Company's Websites. The Company may also use Website Navigational Information alone or in combination with Data about customers and Data about webinar attendees to provide personalized information about the Company. For additional information about the use of Website Navigational Information, please see the Section 7 below.
Managing event registrations and attendance. The Company also uses Data about webinars attendees to plan and host corporate events, host online forums and social networks in which you have registered or that may participate, including sending related communications to you, to perform our contract with you. Additional information on the Company's privacy practices with respect to Data about webinars attendees may be found in additional privacy statements on the event Websites, as the case may be. The Company may also use Data about customers and webinar attendees for marketing purposes. For example, the Company may use information you provide to contact you to further discuss your interest in the Services and to send you information about the Company and its affiliates product recommendations related to our contract with you or your interest. The Company may also receive information about customers and attendees from other sources, including third parties from whom we have purchased data, and combine this information with Data we already have about you.
Managing contests or promotions. If you register for a contest or promotion, we process your Data to perform our contract with you. Some contests or promotions have additional rules containing information about how we will process your Data.
Assessing capacity requirements. The Company processes your Data to assess the capacity requirements of its services to the extent that it is in its legitimate interest to ensure that it is meeting the necessary capacity requirements of its service offerings.
Identifying customer opportunities. The Company processes your Data to assess new potential customer opportunities to the extent that it is in its legitimate interest to ensure that it is meeting the demands of its customers and their users' experiences.
Displaying personalized advertisements and content. We process your Data to conduct marketing research, advertise to you, provide personalized information about us on and off our websites and to provide other personalized content based upon your activities and interests to the extent it is necessary for our legitimate interest in advertising our websites or, where necessary, to the extent you have provided your prior consent, which can be withdraw at any time without having to provide any specific reason for such objection.
Sending marketing communications. We will process your Data to send you marketing information, product recommendations and other non-transactional communications (e.g., marketing newsletters, telemarketing calls, SMS, or push notifications) about us and our affiliates and partners, including information about our products, promotions or events as necessary for our legitimate interest in conducting direct marketing or to the extent you have provided your prior consent, which can be withdraw at any time without having to provide any specific reason for such objection.
Managing payments. If you have provided financial information to us, the Company processes your Data to verify that information and to collect payments to the extent that doing so is necessary to complete the transaction and perform our contract with you.
Complying with legal obligations. We process your Data when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of Data to protect our rights or is necessary for our legitimate interest in protecting against misuse or abuse of our websites, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes or to respond to lawful requests.
Where the Company needs to collect and process Data by law, or under a contract that it has entered into with you, and you fail to provide the required Data when requested, the Company may not be able to perform its contract with you.
4. Disclosure of Personal Information
From time to time, the Company may partner with other companies to jointly offer products, services or programs (such as webinars or downloadable content) such as our channel partners to fulfill product trials and information requests, and provide customers and prospective customers with information about the Company and its products. To do this, we may pass your information to them for that purpose only, and they are prohibited from using that information for any other purpose. The Company does not share Data about the Company attendees with business partners unless: (1) you specifically opt in to such sharing via an event registration form; or (2) you attend a Company event and allow the Company or any of its business partners to scan your attendee badge. If you do not wish for your information to be shared in this manner, you may choose not to opt in via event registration forms and elect not to have your badge scanned at Company events. If you choose to share your information with business partners in the manners described above, your information will be subject to the business partners' respective privacy statements. The Company sometimes hires vendor companies to provide limited services on our behalf, including packaging, mailing and delivering items, sending postal mail, providing technical support, and processing event registrations. We provide those companies only the information they need to deliver the service, and they are prohibited from using that information for any other purpose.
Section 7 of this Privacy Statement, Website Navigational Information, specifically addresses the information we or third parties collect through cookies and web beacons, and how you can control cookies through your Web browser. We may also disclose your personal information to any third party with your prior consent.
The Company may share Data about the Company website visitors, customers and webinar attendees with the Company's contracted service providers so that these service providers can provide services on our behalf. These service providers are authorized to use your personal information only as necessary to provide the requested services to us. Without limiting the foregoing, the Company may also share Data about the Company website visitors, customers and webinar attendees with the Company's service providers to ensure the quality of information provided, and with third–party social networking and media websites, such as Facebook, for marketing and advertising on those websites. Unless described in this Privacy Statement, the Company does not share, sell, rent, or trade any information with third parties for their promotional purposes.
The Company uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on the Company's behalf.
The Company may share Data about the Company's customers with Idera corporate group and companies that we acquire in the future when they are made part of the Idera corporate group, to the extent such sharing of data is necessary to fulfill a request you have submitted via our Websites or for customer support, marketing, technical operations and account management purposes. A list of companies currently within the Idera corporate group is available at https://www.ideracorp.com/brands. The data protection laws in certain countries may be more or less extensive than laws in the country in which you are located. However, Idera and its offices and subsidiaries are governed by this Privacy Statement and will use your personal information only as set forth in this Privacy Statement.
The Company may also disclose your personal information if required to do so by law or in the good faith belief that such action is necessary in connection with a sale, merger, transfer, exchange or other disposition (whether of assets, stock or otherwise) of all or a portion of a business of the Company and/or its subsidiaries or to (1) conform to legal requirements or comply with legal process served on the Company or this website; (2) protect and defend the rights or property of the Company and this website; (3) enforce its agreements with you, or (4) act in urgent circumstances to protect personal safety or the public. In individual instances, the Company may also share with professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in countries in which we operate who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Data.
Any Data or other information you choose to submit in communities, forums, blogs or chat rooms on our Websites may be read, collected and used by others who visit these forums, depending on your account settings.
5. Children and Privacy
The Company Websites do not offer information intended to attract children. The Company does not knowingly solicit personal information from children under the age of 16.
6. Security of Personal Information
The Company take precautions including organizational, technical and physical measures to help safeguard against the accidental or unlawful destruction, loss, alteration and unauthorized disclosure of, or access to, the Data we process or use. For example, when you submit any form requiring registration, we use a secure server. The secure server software (SSL) helps protect your information as it travels over the Internet by encrypting that information before it is sent to us. Please note that while we have implemented industry-standard security mechanisms and procedures to protect data from loss, misuse and unauthorized access, disclosure, alteration and destruction, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions.
Cookies, Web Beacons and IP Addresses.
The Company uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company's Websites ("Website Navigational Information"). As described more fully below, we and our partners use these cookies or similar technologies to analyze trends, administer Websites and Services, track users' movements around our Websites and Services, serve targeted advertisements and gather demographic information about our user base as a whole. This section describes the types of Website Navigational Information used on the Company's Websites and Services, and how this information may be used.
Log Files, IP Addresses, URLs and Other Data.
As is true of most Company Websites, we gather certain information automatically to analyze trends in the aggregate and administer the Company's Websites and Services. This information may include your Internet Protocol (IP) address (or the proxy server you use to access the World Wide Web), device and application identification numbers, your location, your browser type, your Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. Due to Internet communications standards, when you visit or use the Company's Websites and Services, we automatically receive the URL of the website from which you came and the website to which you go when you leave our Website. This information is used to analyze overall trends, to help us improve our Websites and Services, to track and aggregate non-personal information, and to provide the Websites and Services. For example, the Company uses IP addresses to monitor the regions from which customers and website visitors navigate the Company's Websites. The Company also collects IP addresses from customers when they log into the Services as part of the Company's "Identity Confirmation" and "IP Range Restrictions" security features.
The following sets out how the Company uses different categories of cookies.
Required cookies enable you to navigate the Company's Websites and use its features, such as accessing secure areas of the Websites and using the Company Services. If you have chosen to identify yourself to the Company, the Company may place on your browser cookies containing an encrypted, unique identifier. These cookies allow the Company to uniquely identify you when you are logged into the Company's Websites and Services and to process your online transactions and requests. Therefore, there is no option to opt out of these cookies because they are essential to operate the Websites.
Targeting or Advertising Cookies:
Do Not Track.
Currently, various browsers — including Internet Explorer, Firefox, and Safari — offer a "do not track" or "DNT" option that relies on a technology known as a DNT header, which sends a signal to Websites' visited by the user about the user's browser DNT preference setting. The Company does not currently commit to responding to browsers' DNT signals with respect to the Company's Websites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. The Company takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.
As it is true of most websites, we gather certain information automatically in connection with the use of the Website by individual users. This information may include IP address, device and application identification numbers, browser type, location, the pages and files viewed, operating system and system configuration information and date/time stamps associated with your usage. This information is used to analyze overall trends, to help us provide and improve our Websites and to guarantee their security and continued proper functioning. In addition, we gather certain information automatically as part of your use of the Company cloud products and services, specifically for Assembla and Travis CI entities. This information may include IP address (or proxy server), device and application identification numbers, location, browser type, internet service provider, the pages and files viewed, searches and other actions you take, operating system and system configuration information and date/time stamps associated with your usage. This information is used to maintain the security of the Services, to provide necessary functionality, as well as to improve performance of the Services, to assess and improve customer and user experience of the Services, to review compliance with applicable usage terms, to identify future opportunities for development of the Services, to assess capacity requirements, to identify customer opportunities and for the security of the Company generally (in addition to the security of our products and Services). Some of the device and usage data collected within the Services, whether alone or in conjunction with other data, could be personally identifying to you. Please note that this usage data is primarily used for the purposes of identifying the uniqueness of each user logging on (as opposed to specific individuals), apart from where it is strictly required to identify an individual for security purposes or as required as part of our provision of the Services to our customers (where we act as a processor).
8. Links to Other Websites and Public Forums
9. For EU Individuals: Your Rights Under GDPR
Transparency and the right to information. Through this policy we explain how we use and share your information. However, if you have questions or concerns you can contact us any time.
Right of access, objection, restriction of processing, erasure, and portability. You also have the right to withdraw your consent at any time when we process your personal data based on your consent. To exercise these rights, please contact us. Requests to access, change, or delete your information will be addresses within a reasonable timeframe. Please note that if you have registered for an account with the Company, you may generally update your user settings, profile, organization's settings or event registration by logging into the applicable website or Services with your username and password and editing your settings or profile.
Right to opt-out to direct marketing. You have the right to opt-out at any time to receiving marketing materials from us by following the opt-out instructions in our commercial emails, by contacting us, or by adjusting your preferences under your profile details on the Company Websites. Please note that we reserve the right to send you other communications, including service announcements and administrative messages relating to your account, without offering you the opportunity to opt out of receiving them.
Right to lodge a complaint with a supervisory authority. If you consider that the processing of your personal data infringes your privacy rights according to the General Data Protection Regulation, you have the right to lodge a complaint with a supervisory authority, in the member state of your habitual residence, place of work, or place of the alleged infringement. Contact details for the EU data protection authorities can be found at https://ec.europa.eu/justice/article-29/structure/data-protectionauthorities/index_en.htm.
10. For EU and Swiss Individuals: Privacy Shield Notice for Personal Data Transfers to the United States
To view Idera's full Privacy Shield Notice, along with instructions for lodging a complaint, please Click here.
The Company's accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, the Company remains responsible and liable under the Privacy Shield Principles if thirdparty agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Privacy Shield Principles, unless the Company proves that it is not responsible for the event giving rise to the damage.
11. Your California Privacy Rights
12. How to Exercise Your Rights
To exercise your rights, please contact us by using the information in the "Contacting us" section 17 below. We try to respond to all legitimate requests within one month and will contact you if we need additional information from you in order to honor your request. Occasionally it may take us longer than a month, taking into account the complexity and number of requests we receive. If you are an employee of the Company customer, we recommend you contact your company's system administrator for assistance in correcting or updating your information. Some registered users may update their user settings, profiles, organization settings and event registrations by logging into their accounts and editing their settings or profiles.
As described above, we may also process Data submitted by or for a customer to our cloud products and services. To this end, if not stated otherwise in this Privacy Statement or in a separate disclosure, we process such Data in the role of a mere processor on behalf of a customer (and/or its affiliates) who is the responsible controller of the Data concerned. We are not responsible for and have no control over the privacy and data security practices of our customers, which may differ from those set forth in this Privacy Statement. If your data has been submitted to us by or on behalf a Company customer and you wish to exercise any rights you may have under applicable data protection laws, please inquiry with the applicable customer directly. Because we may only access a customer's data upon instruction from that customer, if you wish to make your request directly to us, please provide to us the name of the Company customer who submitted your data to us. We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.
13. Retention Periods and Deletion
The Company retains your personal information to the extent necessary to reasonably serve customer relations, to meet our compliance and legal obligations, to enhance security and fraud prevention, and for audit purposes. For example, we may retain your information during the time in which you have an account to use our Website or Services and for a reasonable period of time afterward. We may also retain your information during the period of time needed for the Company to pursue our legitim business interest, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements. We determine the appropriate retention period for the Data on the basis of the amount, nature and sensitivity of your Data processed, the potential risk of harm from unauthorized use or disclosure of your Data and whether we can achieve the purposes of the processing through other means, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).
When you decide to delete certain information in your account, we will fulfill your request and update this information on our platform. We will also notify third parties that we authorized the use and share that content of your request.
15. Information about International Transfers
The Company primarily stores Data about the Company's customers and Data about attendees in the United States. To facilitate the Company's global operations, the Company may transfer and access such information from around the world, including from other countries in which the Company has operations. A list of the Company's global offices is available at http://www.ideracorp.com/contactus. This Privacy Statement shall apply even if the Company transfers Data about the Company customers or Data about attendees to other countries.
16. Changes to this Privacy Statement
The Company reserves the right to change this Privacy Statement from time to time to reflect changes in our practices, technologies, legal requirements and other factors. If we do, we will update the "effective date" at the top of this Privacy Statement. If we make a material update, we may provide you with notice prior to the update taking effect, such as by posting a conspicuous notice on our website or by contacting you using the email address you provided.
We encourage you to periodically review this Privacy Statement to stay informed about our collection, processing and sharing of your personal information.
17. Contacting us.
Attn: Legal Department
2950 North Loop Freeway West
Houston, Texas 77092