Privacy Policy

First Implemented: April 2015

Last Updated: May 07, 2018

Table of Contents

IT-Conductor Privacy Policy

1. Collection and Use of Information
2. Information that We Share with Third Parties
3. Where We Send Your PII
4. Your Choices – EU Users
5. Questions; Complaints; Other
6. Revisions to this Privacy Policy

Legal Basis Table

IT-Conductor Privacy Policy

Protecting your privacy is really important to IT-Conductor Inc. (collectively, “IT-Conductor”, “us”, “our” or “we”).

With this in mind, we’re providing this Privacy Policy to explain our practices regarding the collection, use and disclosure of information that we receive through our website at www.itconductor.com (the “Site”) and our cloud-based monitoring and automation services which provide a secure, remote IT operation orchestration platform (the “IT-Conductor Services” and collectively with the Site, the “Services”). This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services. Additionally, this Privacy Policy should be read in conjunction with the Subscription Services Agreement applicable to your particular use of the Services (each, a “SSA”). Please make sure that you have read and understand the SSA. For visitors to the Site, the applicable SSA is our Terms of Service, and for Direct Users (as defined below), the applicable SSA is available after logon to https://service.itconductor.com/TOS.

Certain sections of this Privacy Policy will be read differently depending on whether you are a user of the free version of the IT-Conductor Services (meaning you have signed up directly for the IT-Conductor Services through the Site) (“Direct User”), if you are a user of the enterprise or business version of the IT-Conductor Services (meaning you are an authorized user of a company or other organization that uses the IT-Conductor Services in the workplace) (“Authorized User”), or if you are a visitor to the Site (“Visitors” and, together with Direct Users and Authorized Users, “Users”).

1. Collection and Use of Information

Our primary goals in collecting and using information are to provide and improve our Services, to administer your use of the Services (including your Account (as defined below)), to respond to your comments and questions, to use your email address or other contact information to send you information related to the Services and to enable you to enjoy and easily navigate our Services. IT-Conductor has implemented and will maintain reasonable security controls to protect the confidentiality, integrity and availability of the PII that IT-Conductor processes. “PII”, “Personally Identifiable Information” and “personal data” are all used in this Privacy Policy interchangeably to refer to any data, information, or combination of data and information that is provided by you to IT-Conductor Inc. or through your use of the IT-Conductor Services, and which relates to an identifiable individual.

If you are a Visitor or Direct User, then IT-Conductor Inc. is the data controller for the purposes of data protection law. This means that we are responsible for the protection of PII and determining how it is used. You can contact us at legal@itonductor.com.

If you are an Authorized User, then IT-Conductor acts on behalf of your company as a data processor. This means that your company acts as a data controller, is primarily responsible for how your PII is handled, and should be contacted in the first instance with any questions about how they handle your PII.

IT-Conductor will collect the following information about you:

• Account Information. To use the IT-Conductor Services, you will need to create an account (if you are a Direct User) or your company will create an account for you (if you are an Authorized User) (each, an “Account”). When an Account is created we’ll collect certain PII that can be used to identify you, such as your name, title, job description, location, email alias, email address and, in certain cases, profile photo. We will only use such PII for the purposes of providing the Services to you (if you are a Direct User) and your company (if you are an Authorized User). We could also collect other information about you that is not PII, such as Usage Data (as defined below), and this will only be used as described herein.
  • Direct Users: If you create an Account through the Services, we could also collect your gender, date of birth, zip code and other information. We will only use this information for purposes relating to the provision of the Services to you and for improvement of the Services.
  • Authorized Users: If your company opted in for a single sign-on feature, your Account will be accessible through your work login credentials. If your Account is created on behalf of your organization, we will also collect certain information about your organization, such as your organization’s corporate name, email address, postal address, phone number and billing information.
• Support Information You Give Us: If you provide user feedback or contact us for user support, we will collect your name and email address as well as any other content included in the support request or feedback, in order to send you a reply or in order to improve the Services.
• Information Collected Using Cookies and Other Web Technologies. Like many website operators, we use automated data collection tools such as Cookies and Web Beacons to collect certain information.
  • “Cookies” are small text files that are placed on your device by a Web server when you access our Services. We use both session Cookies and persistent Cookies to identify that you’ve accessed the Site, logged in to the Services and to tell us how and when you interact with our Services. We also use Cookies to monitor aggregate usage and web traffic routing on our Services and to customize and improve our Services. Please note, however, that if you don’t accept Cookies, you will not be able to access all portions or features of the Services. When you access our Site, certain third-party services providers that we engage could also place their own Cookies on your device. However, third-party service providers cannot place their own Cookies on your device when you access the IT-Conductor Services. Note that this Privacy Policy covers only our use of Cookies and does not include use of Cookies by such third parties.
  • “Web Beacons” (also known as Web bugs, pixel tags or clear GIFs) are tiny graphics with a unique identifier that could be included on our Services for several purposes, including to deliver or communicate with Cookies, to track and measure the performance of our Services and to monitor how many visitors view our Services.
  • For more details as to how we use these technologies in connection with the Services, please refer to our Cookie Policy
• Information Related to Use of the Services. Our servers automatically record certain information about how our Services are used (we refer to this information as “Usage Data”). Usage Data could include information such as a User’s Internet Protocol (IP) address, browser type, operating system, the pages or features of our Services to which a User browsed and the time spent on those pages or features, frequency with which our Services are used by a User, search terms, and other statistics. We use Usage Data to administer the Services and we analyze (and could engage third parties, who are under an obligation of confidentiality, to analyze) Usage Data to improve, customize, and enhance our Services by expanding their features and functionality and tailoring them to our Users’ needs and preferences. For Authorized Users, all use of your Usage Data will be subject to the terms and conditions of the Subscription Services Agreement (each an “SSA”) between IT-Conductor and your company (as applicable). Any use of Usage Data by third parties on our behalf will be subject to requirements that such third parties access such Usage Data on an unattributed basis (such that the identity of the individual User cannot be ascertained by the third party) and that such third parties maintain the confidentiality and integrity of such Usage Data.
• Posted Data. Along with Monitoring data collected by IT-Conductor Services, when you use the IT-Conductor Services to post, send, or receive messages (including alerts, notifications, SMS, voice or video chat messages), files or any other information or text, audio, or video communication exchange posted to the IT-Conductor Services, we will transmit and store the content of such exchange (“Posted Data”) as necessary to provide the IT-Conductor Services.
• Information Sent by Your Mobile Device. We collect certain information that your mobile device sends when you use our Services, like a device identifier, user settings, and the operating system of your device, as well as information about your use of our Services. Such information helps us to, and will only be used in order to, improve, customize and enhance our Services.
• Location Information. When you use our Services and you enable location services on your device, we will collect and store information about your location by converting your IP address into a rough geo-location or by accessing your mobile device’s location services (including GPS coordinates or coarse location). We will only use location information to improve and personalize our Services for you. If you do not want us to collect location information, you can always disable that feature on your mobile device.

Please note that if you decide not to provide us with the PII that we request, you will not be able to access or use all of the features of the Services.

For Users located in the EU, the lawful basis of IT-Conductor’s processing of the foregoing information is further described at the end of this page.

Treatment of PII Following Termination.

• Visitors: If you wish to cease using the Services and (1) are located in the EU, please see Section 4 regarding your rights with respect to your PII or (2) are located outside of the EU, please contact legal@itconductor.com if you have any questions or concerns regarding the handling of your PII following cessation of your use of the Services.
• Direct Users: You can cease using the IT-Conductor Services at any time. If you would like IT-Conductor to delete your account, please contact legal@IT-Conductor.com and we will promptly comply with your request. Any Posted Data that has been sent by you to another User will remain with that User following termination of your account. Treatment of your other PII following termination will be handled in accordance with the SSA and applicable law.
• Authorized Users: If you are a User who is utilizing the IT-Conductor Services under the auspices your organization’s SSA with IT-Conductor, then following the termination of your organization’s access to or use of the IT-Conductor Services, IT-Conductor will, subject to the requirements of applicable law or any Governmental Authority, return to your organization or promptly destroy any PII it has in its possession, in accordance with such SSA. Please contact your organization directly to make this request, as we are only able to act on their instructions.

2. Information that We Share with Third Parties

We will not share any PII that we have collected from or regarding you except as described below, and in the sections of this Privacy Policy entitled “Where We Send Your PII” and “Collection and Use of Information”.

Information Shared with Our Services Providers. We engage certain third-party services providers to work with us to administer and provide a portion of the Services. Such third parties include:

• customer relationship management software providers, including Hubspot, headquartered in the US, which store your PII globally, in order to assist us in providing the Services and contacting you;
• Internet hosting and cloud service provider services, such as Amazon Web Services and Hubspot, headquartered in the US, which store your PII globally and enable us to offer a Software as a Service (SaaS) platform;
• customer support services and software, headquartered in the US and which store your PII globally, which allow us to deal with any service issues that Users may face and respond quickly to any questions about our Services; and
• business analytics and billing service providers, headquartered in the US and which store your PII in the US, which allow us to provide the Services to you and better understand how the Services are used.

These third-party services providers have access to your PII only for the purpose of performing services on our behalf, and in compliance with applicable laws and regulations (including, without limitation, the CAN-SPAM Act of 2003 and the Privacy Shield (as defined herein), as applicable). Such performance can include the processing of PII, provided that no such third-party service provider has access to your unencrypted Posted Data.

Such third parties will be required to maintain the confidentiality of all PII that they process on our behalf and to implement and maintain reasonable security controls to protect the confidentiality, integrity and availability of such PII. For Authorized Users, IT-Conductor will comply with the terms and conditions of the SSA in effect between IT-Conductor and your organization (as the data controller of your PII) in connection with any such onward transfer of your PII. Any such third-party service provider to whom IT-Conductor transfers PII for processing on behalf of IT-Conductor is also required to only employ staff who have committed themselves to confidentiality or are under a statutory obligation of confidentiality with respect to your PII. IT-Conductor could remain legally accountable for the protection of your PII that we transfer to our third-party service providers.

IT-Conductor will also take reasonable steps to confirm that any such third-party service provider processes such PII in a manner that provides at least the same level of data protection as is provided for by this Privacy Policy and, for Authorized Users, as is required of us pursuant to the SSA in place between IT-Conductor and your organization. Lastly, IT-Conductor will obligate any such third-party service provider to notify IT-Conductor if such provider becomes unable to satisfy such data protection obligations, and IT-Conductor will take reasonable steps to stop and remediate unauthorized or noncompliant processing by such third-party services provider, upon becoming aware of such processing.

Information Shared with Third Parties. We could collect and share aggregated and de-identified information (such that information cannot be identified as the information of a particular User and will therefore not include PII) with third parties for industry research and analysis, demographic profiling and other similar purposes, and for third-party programs to access the Services in a manner that extends the IT-Conductor user experience and helps us operate and improve the Services.

Information Disclosed in Connection with Business Transactions. Information that we collect from our Users, including PII, is considered to be a business asset. Thus, if we are acquired by a third party as a result of a transaction such as a merger, acquisition or asset sale or if our assets are acquired by a third party in the event we go out of business or enter bankruptcy, some or all of our assets, including your PII, will be disclosed or transferred to a third-party acquirer in connection with the transaction. The disclosure and transfer of any of your PII to such third-party acquirer will be done in compliance with applicable law and regulation (including but not limited to the Privacy Shield, as the case may be), and only as necessary in order to enable IT-Conductor or the relevant acquiror to continue to perform services to you or your organization.

Information Disclosed for Our Protection and the Protection of Others. We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. In certain circumstances, we will disclose any of your PII to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas), law enforcement requests and national security requests; (ii) to protect our rights and safety and the rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity. In the event of such disclosure or transfer of your PII to public authorities, there is a chance that IT-Conductor will not be able to require such public authorities to implement and maintain reasonable security controls to protect the confidentiality, integrity and availability of your PII.

Information Shared with Other Users. For Direct Users, the information you list about yourself or, if you are an Authorized User of a company that is subject to the terms of an SSA, that is listed on your behalf by the company in your user profile, including, but not limited to, your profile photo, your organization and your name (collectively “Profile Data”), will be published and viewable to other Users in the IT-Conductor directory of Users so that other Users can find you using the “Search” or “Management → People” feature in the IT-Conductor Services. For Authorized Users, the content of your Profile Data and its publication in the IT-Conductor directory of Users will be controlled by your company’s administrator.

3. Where We Send Your PII

As our Users operate globally, we need to send User PII to different countries in order to provide the Services, and you might send your PII to different countries in the course of submitting Posted Data on the IT-Conductor Services to Users in those countries. When we send PII outside of the European Economic Area (EEA), we use a variety of legal mechanisms to make sure that your PII is sent with appropriate safeguards:

• EU-US Privacy Shield: We may send some of your PII from the EEA to IT-Conductor in the US. IT-Conductor Inc. complies with the EU-U.S. Privacy Shield Framework (together with the Swiss-U.S. Privacy Shield, the “Privacy Shield”) as adopted and set forth by the U.S. Department of Commerce and the European Commission regarding the collection, use and transfer of personal data from European Union member countries, as well as from Iceland, Liechtenstein and Norway. IT-Conductor Inc. commits to adhere to and has certified that it adheres to the Privacy Shield Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability, as well as the Supplemental Privacy Shield Principles, in each case with respect to all PII that IT-Conductor Inc. receives in reliance on the EU-U.S. Privacy Shield. To learn more about the Privacy Shield, and to view IT-Conductor Inc. certification, please visit https://www.privacyshield.gov and https://www.privacyshield.gov/list, respectively.
• Swiss-US Privacy Shield: We may send some of your PII from Switzerland to IT-Conductor in the US. IT-Conductor Inc. complies with the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal data from Switzerland. IT-Conductor Inc. has certified that it adheres to the Privacy Shield Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Privacy Shield, and to view IT-Conductor Inc.’s certification, please visit https://www.privacyshield.gov.
• Model Clauses: The PII that we collect from you may be transferred to, and stored at or processed in, the US, Hong Kong, Singapore and Japan, and may be held on servers globally by some of our service providers. These transfers of PII are based on the European Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses) pursuant to Decision 2010/87/EU.
• Regulatory Jurisdiction. The Federal Trade Commission and the relevant EU data protection authorities have jurisdiction to investigate and enforce any issues relating to compliance with or certification to the Privacy Shield. IT-Conductor will cooperate and comply with the dispute resolution panel established by the relevant EU data protection authorities.

4. Your Choices – EU Users

If you are a User located in the EU, then depending on whether you are a Visitor, a Direct User or an Authorized User, we will offer you certain choices regarding the collection, use and sharing of your PII.

• Visitors and Direct Users: If you are a Visitor or a Direct User, you have specific rights over the PII that IT-Conductor controls which you can exercise in specific circumstances, such as:
• Access: to know whether we process PII about you, to access that PII and find out how we use it and who we share it with;
• Portability: to receive a subset of the PII we collect from you in a structured, commonly-used and machine-readable format, and to request that we transfer such PII to another party;
• Correction: to require us to correct PII about you that is accurate or incomplete;
• Erasure: to request that we erase PII we hold about you in certain circumstances. Note that in cases where we grant your request for deletion, copies of erased PII could remain in archived/backup copies for our records, as we are not always able to delete information from those locations;
• Restriction: to require us to stop processing the PII we hold about you other than for storage purposes in certain circumstances; and
• Objection: to object to our processing of PII about you and we will consider your request.

Please contact us at legal@itconductor.com with such requests. We will respond to your request as soon as we reasonably can and we will attempt to respond to all requests within 30 days of verifying your identity.

• Authorized Users: If you are an Authorized User, the PII associated with your Account and your Profile Data is managed by your company administrator. IT-Conductor can only act on the instructions of your company, so you must contact them directly to exercise any rights over your PII. For questions about how you can exercise your rights over your PII, please contact the appropriate IT-Conductor representative at your company and they will be able to provide more information about how your request will be handled.

5. Questions; Complaints; Other

Questions?

If you have any questions about this Privacy Policy or our treatment of your information, please write to our General Counsel by email at legal@itconductor.com or by postal mail at:

IT-Conductor Inc.
Attn: Legal Counsel
20660 Stevens Creek Blvd., Suite 261
Cupertino, CA 95014
USA

Complaints and Data Requests Under the Privacy Shield. You can at any time submit a complaint, personal data access request or communicate any other issues arising under the Privacy Shield with respect to your use of the Services or IT-Conductor’s processing of your PII to IT-Conductor’s General Counsel at legal@itconductor.com, or by courier to:

IT-Conductor Inc.
Attn: Legal Counsel
20660 Stevens Creek Blvd., Suite 261
Cupertino, CA 95014
USA

IT-Conductor will respond promptly to any such complaints or inquiries, within one month from the date on which we receive such complaint or inquiry and have verified your identity. This is without prejudice to your right to launch a complaint with the data protection authority in the EEA country in which you live or work.

In addition, under certain conditions, you could be entitled to invoke binding arbitration to resolve a complaint or dispute arising under the Privacy Shield.

Conflict Notwithstanding any other provisions of this Privacy Policy, nothing in this Privacy Policy will be interpreted to expand IT-Conductor’s rights under the privacy and data processing provisions of any agreement applicable to you, and specifically:

• Direct Users: If you are a Direct User, in the event of any conflict or inconsistency between the provisions of this Privacy Policy and the SSA, the applicable provision of the SSA shall govern.
• Authorized Users: If you are an Authorized User who is using the Services as part of a company that has an SSA with IT-Conductor, in the event of any conflict or inconsistency between the provisions of this Privacy Policy and the SSA, the applicable provision of the SSA shall govern.
• Visitors: If you are a Visitor, in the event of any conflict or inconsistency between the provisions of this Privacy Policy and the Terms of Service governing use of the Site, the applicable provision of this Privacy Policy shall govern.

Our Policy Toward Children

You must be at least 18 years of age to use the Services. Our Services are not directed to individuals under 18 and we do not knowingly collect PII from individuals under 18. If we learn that we have collected PII of an individual under 18 we will take steps to delete such information from our files.

6. Revisions to this Privacy Policy

Any PII that is collected via our Services is processed in accordance with the Privacy Policy in effect at the time such information is collected. We could revise this Privacy Policy from time to time. We’ll update the “Last Updated” date above to indicate when the Privacy Policy was last materially changed.

If we make any material changes to this Privacy Policy that adversely impact or decrease the privacy and security of PII we’ll notify you as follows:

• Visitors and Direct Users: We’ll post them on the Services.
• Authorized Users: We’ll send your company a notification at least 30 days prior to such change taking effect and provide your company with a link to such updated Privacy Policy so they can notify you (or, promptly upon request, we’ll provide you with such updated Privacy Policy).

Legal Basis Table

(see Section 1 for further information)

Please note that this table is only for Visitors and Direct Users located in the EU and applies where IT-Conductor is the data controller. For Authorized Users, please contact your company for further information about its legal basis of processing.

IT-Conductor's Legal Agent for Notice of claims of infringement on its site can be reached as follows:

IT-Conductor Inc.
Attn: Legal Counsel
20660 Stevens Creek Blvd., Suite 261
Cupertino, CA 95014
USA

(888) 666-2899
legal@itconductor.com