- When you use Our proprietary solution known as “Control Monkey” and the content, features and services therein (collectively, the “Services“), including:
- setting up an account,
- logging-in to the Services,
- make any use of the Services such as review, mapping or changes to any of your resources using Control Monkey and any other information or data which is provided to Us or which we learn from Your use of the Services
- any data and information we acquire from third-party sources through your permissions or shared credentials
(collectively “Control Monkey Data”)
- When you make use of, or interact with, our services such as request a demo, subscribe to an email list, newsletters or blog or when you other contact or connect with Us.
- When we acquire any information from third-party sources.
In addition to the Control Monkey Data, some of the information we obtain or collect may be PII. We define “PII” to mean any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, phone number or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
CONTROL MONKEY DATA
- What Control Monkey Data we collect, why we collect it, and how We use it
- When you make use of Control Monkey we will need to obtain the credential to third party services which you use, we will obtain data on the cloud resources used by You, the architecture of the cloud resources and their interaction, the cloud management profile and the manner in which resources are deployed, “Infrastructure as code” code repositories provided by you for your Version Control System provider (e.g Github, Gitlab) We will not collect or obtain any Control Monkey Data which you do not expressly grant Us access to or provide to Us directly. We will use any and all Control Monkey solely in order to provide the Services to you and improve the technical and functional abilities of our Services.
- When you create an account and when you log in to Control Monkey we will obtain Full name, Email address, phone number, Password and any other information you decide to provide Us with. Use of such information is necessary for the ability to provide the Services and in order to take steps at Your request (e.g., to allow you create an account and log in)
- How we protect and store Control Monkey Data.
- We have implemented appropriate technical, organizational and security measures designed to reduce the risk of accidental destruction or loss, or the unauthorized disclosure or access to Control Monkey Data appropriate to the nature of the data concerned. However, please note that We cannot guarantee that the Control Monkey Data will not be exposed as a result of unauthorized penetration to our servers. As the security of information depends in part on the security of the computer, device or network you use to communicate with Us and the security you use to protect your cloud services as well ad your Git resources storing your code, please make sure to take appropriate measures to protect this data.
- Retention of your Control Monkey Data. Your Control Monkey Data will be stored so long as we provide the Services. We do not retain and will delete the Your Control Monkey Data upon your request or upon the termination of your use of the Services. Please note that in some circumstances we may store your Control Monkey Data for longer periods of time, for example (i) where we are required to do so in accordance with legal, regulatory, tax or accounting requirements, (ii) per your request in order to be able to roll back any action conducted through the Services; or (iii) for us to have an accurate record of your dealings with us in the event of any complaints or challenges, or (iv) if we reasonably believe there is a prospect of litigation relating to Control Monkey Data or dealings.
- Your Code. We will need the ability to access your Code based on your permission for the purpose of initial set up and configuration as well as continuous performance of our services. You will have full control on the code We will be provided with or have access to based on your Version Control System’s permission policy and set-up. Following completion of any process which requires access to your Code, within not more than 48 hours thereafter, your code will be permanently and completely deleted from our server or resources. For the avoidance of any doubt we will not obtain, ask or receive any of your application source code – the only source code we will have access to if you grant us permission is to your Infrastructure as Code.
- How we share Control Monkey Data. We Do not share your Control Monkey Data with anyone without Your express permission.
PERSONAL IDENTIFIABLE INFORMATION
- PII We Obtain and How We Use It. In order to provide and improve our Services, we may collect PII, including the following types of information:
- Information You Provide. In some of the features of the Services we ask you for PII, including: first and last name, company name and email address.
- Third Parties. We might receive information and/or security settings from third parties who have access to your cloud resources for various purposes (such as Google, Microsoft, Github or Bitbucket), such as names, email addresses, metadata or security settings.
- User Communications.When you send email or other communication to the Company, we may retain those communications in order to process your inquiries, respond to your requests and improve our Services. We may send you push notifications to send you news, reminders and updates in respect of the Services. We may also send you newsletters and promotional communications. You may opt-out of this service at any time by sending an email to the following address: email@example.com.
- User Information.When you use the Services, we automatically receive and record information from your browser, including without limitation information and statistics about your online/offline status, your IP address, geolocation data (including country and city), browser identifiers, internet service provider, connection speed, search history, type of browser, your regional and language settings and software and hardware attributes. Our systems automatically record and store technical information regarding the method and nature of your use of the Services. An IP address is a numeric code that identifies your browser on a network, or in this case, the Internet. Your IP address is also used to gather broad demographic information. The Company uses all of the PII identified in this Section in order to understand the usage trends and preferences of our users, including recent visits to our Services and how you move around different sections of our Services for analytics purposes and in order to make our Services more intuitive.
- Aggregate and Analytical Data. In an ongoing effort to better understand and serve the customers of the Services, we may conduct research customer demographics, interests and behavior based on the PII and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and we may share this aggregate data with our affiliates, agents, suppliers and business partners. This aggregate information does not identify you personally. We may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.
- Cookies.In order to collect the data described herein we use temporary cookies that remain on your browser for a limited period of time. We may also use persistent cookies that remain on your browser until the Company’s Services are removed, in order to manage and maintain the Services and record your use of the Services. Cookies by themselves cannot be used to discover the identity of the user. A cookie is a small piece of information which is sent to and stored on your browser. Cookies do not damage your browser. Most browsers allow you to block cookies but you may not be able to use some features on the Services if you block them. You may set most browsers to notify you if you receive a cookie (this enables you to decide if you want to accept it or not). We also use web beacons via the Services to collect information. Web beacons or “gifs”, are electronic images that are used in our Services or in our emails. We use Web beacons to deliver cookies, count visits and to tell if an email has been opened and acted upon.
- Links.Links to other services, sites and applications may be provided by the Company as a convenience to its users. The Company is not responsible for the privacy practices or the content of other sites and applications and you visit them at your own risk. This privacy statement applies solely to PII collected by us.
- PII Sharing. We will not share your PII with third parties without your explicit permission, except when required by law, regulation, subpoena or court order or as otherwise expressly set forth herein. The Company will share PII in the following circumstances: (a) as required for providing the Services; (b) for maintenance and improvement of the Services; (c) if we become involved in a reorganization, merger, consolidation, acquisition, or any form of sale of some or all of our assets, with any type of entity, whether public, private, foreign or local; and/or (d) to satisfy applicable law or prevention of fraud or harm or to enforce applicable agreements and/or their terms, including investigation of potential violations thereof.
- Data Security and Data Retention. We follow generally accepted industry standards to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of PII. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your PII, we cannot guarantee its absolute security. We keep your PII only for as long as we are in an engagement with you and will use the PII solely for the purposes for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements. We will delete any information provided to us by you upon the receipt of a written request and when our engagement is terminated or expired. We cannot restore information once it has been deleted.
- Your Rights.
- Right of Access and Rectification. You have the right to know what PII we collect about you and to ensure that such data is accurate and relevant for the purposes for which we collected it. We allow our users the option to access and obtain a copy of their PII and to rectify such PII if it is not accurate, complete or updated. However, we may first ask you to provide us certain credentials to permit us to identify your PII.
- Right to Delete PII or Restrict Processing. You have the right to delete your PII or restrict its processing. We may postpone or deny your request if your PII is in current use for the purposes for which it was collected or for other legitimate purposes such as compliance with legal obligations.
- Right to Withdraw Consent. You have the right to withdraw your consent to the processing of your PII. Exercising this right will not affect the lawfulness of processing your PII based on your consent prior to its withdrawal.
You may exercise the above rights by sending a request to: firstname.lastname@example.org.
- Right to Lodge Complaint. You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your PII.
- California Privacy Rights. California Civil Code Section 1798.83 permits our customers who are California residents to request certain information regarding our disclosure of PII to third parties for their direct marketing purposes. To make such a request, please send an email to email@example.com. Please note that we are only required to respond to one request per customer each year.
Last Date Updated: September 14th, 2022