April 2, 2019
This Privacy Statement (“Statement”) describes what and how StackPath, LLC, and Highwinds Network Group, Inc., (“StackPath”, “we”, “our”, and “us”) gathers and how we may use personal information. This Statement applies to: (i) users of the website www.stackpath.com (the “Site”); (ii) users of StackPath services and related offerings that reference or link to this privacy statement (the “Service(s)”); and (iii) information gathered from visitors to websites using the Services. (i), (ii) and (iii) individually and collectively are referred to as “User(s)” or “you”. It also describes your choices regarding use, access and correction of your personal information. The use of personal information we collect shall be limited to the purposes of providing the StackPath services and related offerings for which the user has engaged StackPath.
1. Personal Data
StackPath does not sell Users’ personal information.
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. We use Secure Sockets Layer (SSL), the industry standard, for encrypting all personal information, including name, address and credit card numbers. If you have any questions about the security of your personal information, you can contact us at email@example.com.
2. EU – U.S. Privacy Shield and Swiss - U.S. Privacy Shield Participation
StackPath participates in and has certified its compliance with the EU – U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. StackPath transfers personal data collected and received from EEA member countries and Switzerland to the U.S. StackPath is committed to subjecting all personal data received from EEA member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, StackPath is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
3. Inquiries and Complaints Process for Privacy Shield Data and Data Processed in the European Economic Area
If you reside in an EEA member state or Switzerland, and your personal data are transferred to the U.S. pursuant to the Privacy Shield: In compliance with the Privacy Shield Principles, StackPath commits to resolve complaints about our collection or use of Users’ personal information. Please direct questions or complaints regarding our Statement to: firstname.lastname@example.org. We will communicate with you in reply. If you have a privacy or data use concern that we have not addressed satisfactorily, you may contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. Under certain conditions, more fully described on the Privacy Shield website , you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Under the Privacy Shield Framework, we are responsible for the processing of personal data we receive and subsequently transfer to a third party acting as an agent on our behalf. StackPath complies with the Privacy Shield Principles for all onward transfers of personal data from the EEA and Switzerland, including the onward transfer liability provisions.
If you reside in an EEA member state or Switzerland, and we process your personal data in an EEA member state or Switzerland: If you have a question or complaint regarding the processing of your personal data, you may in the first instance contact the Company’s Privacy Office at email@example.com. If you are unsatisfied, then you have the right to lodge a complaint with an EEA Data Protection Authority.
Where we are processing data received from or collected on behalf of our Clients: StackPath collects information under the direction of, and receives information from, its clients and has no direct relationship with the individuals whose personal data it processes under these circumstances. If you are a customer of one of our clients and would like to make an inquiry or complaint, please contact the client that you interact with directly.
4. Information We Collect or Receive
We only collect, use, share, store, or otherwise process your personal information when we have an appropriate basis. For example, we may process your personal information as necessary to provide services that are subject to terms you have accepted, such as our end user license agreements or service terms and conditions. We may process your personal information when necessary to comply with legal obligations or for purposes of pursuing legitimate interests (such as providing products and services, preventing fraud, enforcing legal claims, and security purposes), if doing so is consistent with your rights and appropriate to the context, such as providing Services, the Site, performing internal analytics, and conducting reasonable monitoring of your use of our Site or Services to prevent misuse of our Site or Services and fraud. Additionally, we may, in certain cases, ask you for your consent for certain processing of your personal information.
We collect personal information through the Site and websites using the Services, such as name, address, email address, phone number, ip address, username, password, billing and other information a User provides. We also collect and receive information as described in the section on Tracking Technologies, below.
We may use this information to:
- operate, maintain, and improve the Site and Services.
- respond to comments and questions and provide customer service.
- send information including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages.
- link or combine user information with other personal information.
- communicate about promotions, events, and other news about services offered by us or selected partners (you may always opt out).
- protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
We also use information as described in the section on Tracking Technologies, below.
We will only use this information for the purposes for which we collected or received it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
5. Sharing of Personal Information
We will only share personal information:
- for legal, protection, and safety purposes. This includes: (i) as required by law, such as to comply with a subpoena or similar legal process, investigate fraud, or respond to a government request (ii) protecting the rights and property of StackPath, our clients, Users, and others, including enforcing our agreements, policies, and AUP; (iii) in an emergency, including for the safety of our employees, Users, or any person. If StackPath is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your personal information, and choices you may have regarding your personal information.
- with those who need it to do work for us. For example, third party companies to process payments. We do not store full credit card numbers or personal account numbers. These companies are authorized to use your personal information only as necessary to provide these services to us.
- with consent.
6. Anonymous Aggregated Data
StackPath may aggregate and anonymize data from individual StackPath Services and utilize it to further secure other StackPath services and clients. We may utilize this anonymous data to build further security into each Service we deploy for our users. None of the data identifies any individual. For example, we monitor DDoS attacks at the network edge and utilize that data to protect other StackPath clients or Users from DDoS attacks. We may assemble this data and provide it to an external party in an anonymized format, maintaining that our Users’ and their visitors’ personal information will never be attached to or included in such data. We utilize this log data to detect and block new threats on the Internet.
7. Tracking Technologies
“Cookies” do not tell us name, email address or passwords of a User. When a User visits the Site, we may use the computer’s cookies to provide a more personal and interactive experience. To improve and secure the Services we provide to Users, we may place cookies on websites of a User using the Services. One example is continually improving the identification of potential security threats to a User’s website. We do not store unobscured personal or private information in a cookie.
8. Log Files
As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, computer operating system type, browser type, browser language, the website a User visited before browsing to our Site, pages viewed, how long a User spent on a page, access times and information about use of and actions on our Site to analyze trends in the aggregate and administer the Site.
9. Behavioral Targeting
10. Information Choices and Access
If we send any marketing emails, we will tell you how to “opt-out.” If you would like to discontinue receiving this information, you may update your email preferences by using the “Unsubscribe” link found in emails we send to you or by contacting us at firstname.lastname@example.org. If you opt out, we may still send non-marketing emails including account-related or business communications.
If you reside in an EEA member state or Switzerland, and your personal data are transferred to the U.S. pursuant to the Privacy Shield: upon request StackPath will provide you with information about whether we hold any of your personal information. You may, under certain circumstances, access, correct, or request deletion of your personal information by logging into your account or by contacting us at email@example.com. We will respond to your request within a reasonable timeframe.
If you reside in an EEA member state or Switzerland, and we process your personal data in an EEA member state or Switzerland: Under certain circumstances you may have the right to request access to, correction of, erasure of, or the transfer of your personal information, as well as the right to object to or restrict the processing of your personal data by contacting us at firstname.lastname@example.org. Where we are processing your personal data pursuant to your consent, you may revoke your consent by contacting us at email@example.com.
Where we are processing data received from or collected on behalf of our Clients: StackPath collects and receives information under the direction of its clients, and has no direct relationship with the individuals whose personal data it processes under these circumstances. If you are a customer of one of our clients and would no longer like to be contacted by one of our clients that use our service, please contact the client that you interact with directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our clients. We acknowledge that individuals may have the right to access their own personal information. StackPath has no direct relationship with the individuals whose personal information it processes on behalf of its clients. An individual who seeks to exercise the rights described above for data that have been transferred to the U.S. pursuant to the Privacy Shield or that are being processed in an EEA member state or Switzerland, should submit their query to the StackPath client (the data controller). If requested to remove data, we will attempt to respond within 30 days. We retain personal information we process on behalf of our clients for as long as needed to provide services to our client, as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
12. Links to Third-Party Websites
Our website includes links to other websites whose privacy practices may differ from those of StackPath. If you submit personal information to any of those websites, your information is governed by their privacy statements. We encourage you to carefully read the privacy statement of any website you visit.
13. Contact Information
For comments or questions about this Statement please use our live chat system or submit a ticket to our support team through the StackPath portal. Users may also contact us at: firstname.lastname@example.org.
2021 McKinney Ave.
Dallas TX 75201
14. Changes to the Privacy Statement
We may change or update this Statement at any time. If we do, we will change the Last Updated date and promptly post it on the Site. If we make any material changes, we will notify you or our Client by email (sent to the e-mail address specified in your account) or by means of a notice on this Website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.