Last updated May 24, 2018
- What information do we collect?
- How your information is collected – and the lawful basis for that collection
- How we use the information collected?
- How can you control your information?
- Sharing information with third parties
- How do we protect your information?
- International Data Transfer
- Third Party Websites; Social Media Features
- California Privacy Rights
- EU Data Subject Rights
1. What information do we collect?
We collect two types of data and information from our Users:
- The first type of information is non-identifiable and anonymous information (“Non-Identifiable Information”). Non-Identifiable Information is any information that does not enable the identification of an individual. This kind of information is made available to us while you enter and/or use the Websites or the Services. Non-Identifiable information consists of technical information and behavioral information, and includes, among other things, the type of browser you use and the actions you take on the Websites or by using the Services, date/time stamp, referring/exit pages, clicked pages and any other information your browser may send us.
- The second type of information that is collected, either alone or in combination with other information, is information that could identify an individual (“Personal Identifiable Information” or “PII”). PII may include your Internet Protocol Address, first and last name, email or physical address and phone number.
At all times, you may choose whether to provide or disclose PII. If you choose not to provide PII, you may still visit parts of the Websites or receive limited Services, but you may be unable to access certain options, programs, offers, and services that involve our interaction with you.
2. How your information is collected – and the lawful basis for that collection
Non-Identifiable Information is collected when you access or use the Websites and/or the Services. We use industry standard tools and software to monitor your navigation and usage of the Websites and services, your usage pattern-logs and other communications data. We may also use “cookies” and Flash (or similar technologies), which stores certain information on your computer (“Local Storage”) and which allows us to enable automatic activation of certain features and improve your experience. It is easy to prohibit Local Storage, most browsers will allow you to erase cookies from your hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. To erase or disable the Local Storage option in Flash you should use the settings option of Flash according to the specific instructions provided by the technology provider. However, if you block or erase cookies, or change the settings of Flash, your online experience may be limited.
We also collect information that you provide us voluntarily, for example, we collect PII when you:
- File an online form on one of our Websites
- Provide us with information at a live event
- Register for our services and making payments
- Post materials, participating in online forums or providing comments and feedback to online discussions on our Websites
- Contacting us by email
- In addition, we may receive your PII from your employer
Your personal data is stored by us on our servers and on the servers of various cloud-based database management services we engage, located in the United States and the European Union (“EU”). We will only collect and process personal data about you when we have a lawful basis to do so. Such basis includes your consent, a contract between us and you or a third party you are associated with, as well as other legitimate interests (for example: our compliant with applicable law, protecting the security of ours and our customers’ systems and data, and enable our services).
3. How we use the information collected?
We collect each type of information for different purposes.
Non-Identifiable Information is collected to allow enhancement of your experience on the Websites and Services, for statistical and research purposes and for customization and improvement of our various interfaces. It also helps us learn about the preferences of our users and general trends relating to the Websites and Services.
PII is collected to:
- Enable use of the Services. For example, in order to register to the Services you will need to provide us with your name and email so we will be able to issue a license key.
- Allow us to contact you (in accordance with applicable law) with proposals and tailored information regarding new products, events, offers, services, features, enhancements, special offers, upgrade opportunities, and events of interest. For example, when you fill out a request for a quote, we will need you to provide us with contact details.
- Provide you with technical assistance and support.
- Issue invoices and contact you in connection with payments for our services
4. How can you control your information?
JFrog may retain your information for a period consistent with the original purpose of collection. For example, we will retain your information for as long as you are using our services, and for a reasonable period thereafter. Aggregated and/or anonymous data, and any other Non-personal Information may remain on our servers indefinitely all as permitted under the applicable privacy laws.
You may request to review, correct, delete or otherwise modify any of the PII that was provided to us, or request to confirm whether we process your personal information. In addition, you may object to our processing of your PII for a legitimate interest. Kindly send an email to Compliance@jfrog.com in connection with the aforementioned issues and we will provide you with all required information.
Please note that you may manage the receipt of marketing and non-transactional information from us by clicking on the “unsubscribe” link located on the bottom of marketing emails sent by us.
5. Sharing information with third parties
Our Websites and some of the Services allow you to share information with other users and create and publish content. Any content that you post on or via the Websites (“User Submissions”) may be publicly available to other users. The notices and tools that we provide on the Websites are intended to inform you which information will be made publicly available. If you publish your personal information in any User Submissions, you may receive unsolicited messages from other users of the Websites or the public. We, therefore, encourage you only to post information that you are sure you want to be accessible to anyone.
If you are using our services on behalf of an organization or if you provide us with an email address which belongs to an organization, certain information provided to us may be accessible to the respective administrator or to other users of such organization.
- Microsoft Azure policy is available here;
We also reserve the right to: (a) use or disclose your information if required by law, under a judicial proceeding, court order, or legal processor if we reasonably believe that such disclosure is required to protect our rights, including their enforcement; or (b) to transfer or assign the PII retained by us in the event that we are acquired by or merged with a third party entity; or (c) in the event of bankruptcy or a comparable event.
6. How do we protect your information?
We use industry standard technologies and internal procedures (including without limitation, using tokens and encryption mechanisms) to maintain the security and integrity of our Websites and Services and your information, and to prevent unauthorized access thereto. Please note, however, that there are inherent risks in transmission of information over the internet or other methods of electronic storage and we cannot guarantee that unauthorized access or use of your information will never occur. Further information is available at Compliance@jfrog.com.
7. International Data Transfer
We collect information globally and primarily store that information in the United States and the EU. We transfer information collected about you, including PII, to affiliated entities and to other third-party service providers, which may be located outside your country of residence. Please note that we may transfer such information to a country and jurisdiction that does not have similar data protection laws that apply to your country of residence.
- International transfers within JFrog. JFrog is operated globally and our services are provided from various location. In order to allow us to perform our obligations and provide you with the services, we transfer information within our group of companies (a list thereof is available here). When we share information about you within and among our corporate affiliates, we make use of standard contractual data protection clauses, which have been approved by the European Commission, to safeguard the transfer of information we collect from the European Economic Area and Switzerland (collectively: “EEA”) outside of the EEA.
8. Third Party Websites; Social Media Features
In addition, certain links on our Websites, enable our users to enter other sites or services. Those linked sites and services are provided solely as a convenience to you and are not under the control of JFrog. We are not responsible or liable for such linked sites and services’ privacy practices and/or any other practices. Your access to, use of and reliance upon any such sites, services and content and your dealings with such third parties are at your sole risk and expense.
The Websites is intended for users over the age of eighteen (18). Therefore, JFrog does not intend and does not knowingly collect PII from children under the age of eighteen (18). We reserve the right to request proof of age. If we learn that we collected PII from children under the age of eighteen (18) we will delete that information promptly. Please contact JFrog at Compliance@jfrog.com if you have reasons to suspect that JFrog collected such information.
11. California Privacy Rights
California Civil Code Section 1798.83 permits our users who are California residents to request certain information regarding our disclosure of PII to third parties for their direct marketing purposes. To make such a request, please send an email to Compliance@jfrog.com.
In addition, if you are a California resident under the age of 18 and a registered user to our services, California Business and Professions Code Section 22581 permits you to remove content or Personal Information you have publicly posted. If you wish to remove such content or PII and you specify which content or PII you wish to be removed, we will do so in accordance with applicable law. Please be aware that after such removal you will not be able to restore the removed content. In addition, such removal does not ensure complete or comprehensive removal of the content or PII you have posted and that there may be circumstances in which the law does not require us to enable removal of content.
12. EU Data Subject Rights
The EU’s General Data Protection Regulation (“GDPR”) and other countries’ privacy laws provide certain rights for data subjects. Useful information regarding the GDPR (in English) is available on the following EU website.
You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside JFrog might have received the data from JFrog; the source of the information; and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by JFrog if it is inaccurate. You may request that JFrog erase that data or cease processing it, subject to certain exceptions. You may also request that JFrog cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how JFrog processes your personal data. When technically feasible, JFrog will—at your request—provide your personal data to you or transmit it directly to another controller.
Got any Questions?