Date Last Updated: September 14, 2021
AutoRABIT is committed to international compliance with data protection laws as part of our commitment to conducting our business ethically and to observing applicable laws, rules and regulations. AutoRABIT has chosen to standardize its practices based upon certain laws and regulations. Its privacy program aligns closely with the key principles of the European Union and United Kingdom’s General Data Protection Regulation (‘GDPR’), the Health Information and Protection and Portability Act (“HIPPA”) and the California Consumer Privacy Act (“CCPA”). Harmonizing our practices to these standards keeps us focused on these key principles: lawfulness, fairness and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality (security), and accountability.
We ask that you read this Policy carefully as it contains important information on who we are, how and why we collect, store, use, and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a question or complaint about our handling of personal information.
This policy uses terms that are defined in the GDPR or HIPPA. We have listed some of these terms for you here:
Business Associate: Under HIPAA, a Business Associate is a person or entity that performs certain functions or activities that involve the use or disclosure of protected health information for a Covered Entity.
Covered Entity: HIPAA defines a covered entity as health care providers, health plans, and health care clearinghouses involved in the transmission of protected health information (PHI). This transmission can take place for payment, treatment, operations, billing, or insurance coverage. Covered entities can include organizations, institutions, or persons.
Health Insurance Portability and Accountability Act of 1996 (HIPAA): HIPAA is a United States legislation that provides data privacy and security provisions for safeguarding PHI.
Personal Information (PI): PI is any data that could potentially identify a specific individual. Any information that can be used to distinguish one person from another is considered as PI. All personal identity information is mapped to PI. Examples of PI include email address, bank account information, and social security number.
Protected Health Information (PHI): Information, in any format, that is created or received by AutoRABIT and relates to the past, present, or future physical or mental health or condition of a patient; the provision of health care to a patient; or the past, present, or future payment for the provision of health care to a patient; and that identifies the patient or for which there is a reasonable basis to believe the information can be used to identify the patient.
Who We Are
AutoRABIT is a provider of cloud-based CI/CD and release management services designed for Salesforce.com, including Automated Release Management, Vault Data Backup and Recovery, AutoRABIT CI/CD Platform, IDE Extensions, and CodeScan.
AutoRABIT collects, uses and is responsible for certain PI about you. When we do so, as noted above, we harmonize our practices to conform with the GDPR and the CCPA. We are responsible as controller of that information for the purposes of those laws.
AutoRABIT also processes PI on behalf of and at the direction of our customers as part of provisioning AutoRABIT’s suite of services, in which case AutoRABIT is acting as the processor of PI. In some instances, AutoRABIT performs services for some entities that are Covered Entities under HIPPA. Performing services on behalf of Covered Entities may, on occasion, involve the use or disclosure of PHI in which case AutoRABIT is a Business Associate. AutoRABIT is fully committed to implementing the measures of data protection and privacy wherever PHI is involved.
What We Collect
We get information about you in a range of ways.
Information You Give Us
Certain parts of our Site may ask you to voluntarily provide information about yourself. The Site provides you the opportunity to provide information such as your first and last name, email address, phone number, organization name, job title, country, state, time zone, zip code, username, as well as other information you directly give us on our Site. Examples of where the Site may ask you for such information include the “Contact Us” page, the “Login” page, the webinar sign-up form, our blog, and the chat box.
We may also collect such information, including your contact and job details, when you connect with us at certain events or meetups, whether in-person or virtual, including Dreamforce, TrailheadX, and various community-led Salesforce events.
In all instances, when we request you to voluntarily provide us with information, we will make it clear why you are asked to provide that information.
Information We Get From Others to Support our Business
We may get information about you from other sources, such as database services. This information may contain data lists of information, such as business e-mail address, phone number, and company name. We may add this as a supplement to information we get from this Site, or may use such information independently.
Information Automatically Collected
When you visit our Site, we automatically log certain information about you and your device. In some countries, including countries in the European Economic Area, this information may be considered PI under applicable data protection laws.
Specifically, the information we collect may include your operating system type, browser type, browser language, the website you visited before browsing to our Site, pages you viewed, how long you spent on a page, access times and information about your use of and actions on our Site. We work with third party analytics companies on such analytics including conversion tracking. This information is used only for internal purposes, and never sold or marketed to third parties.
We may log information using “cookies.” Cookies are small data files stored on your computer or mobile device by a website. As it is customary to the industry, cookies are widely used by companies in order to, by way of example, make their websites or services work, or work more efficiently and effectively, as well as to provide reporting information.
We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site. We may also use “first party cookies,” which are cookies set by the website owner or service provider (in this case AutoRABIT). We may also use “third party cookies,” which enable third party features or functionality to be provided on or through our Site (including, for example, advertising, interactive content and analytics). This type of information is collected to make the Site more useful to you and to tailor the experience with us to meet your special interests and needs.
Information Processed as part of the Provision of Services
When AutoRABIT acts as a Processor on behalf of its customers, the following categories of Customer Relationship Management (‘CRM’) data held within Salesforce may be processed in the course of the provision of AutoRABIT products:
- Data which identifies individuals, including name, address, email, phone, birth date, and social media information
- Data which describes an individual’s lifestyle information, including career, education, interests, and familial details
How we use your information
Generally, we may use your information for a number of reasons, including
- To operate, maintain, and improve our sites, products, and services.
- To respond to comments and questions and provide customer service.
- To communicate about promotions, upcoming events, and other news about products and services offered by us and our selected partners.
- To link or combine user information with other information.
- To protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
Specifically, information that you give us, whether voluntarily from the Site or when we connect with you at certain events or meetups, are provided to one of our customer relationship management (CRM) partners, Through our CRM partners, we are able to contact you to respond to your comments or questions, to provide you with assistance of our Site and other customer service, and to communicate with you about promotions, upcoming events, and other news about products and services offered by us and our selected partners. Our CRM partners will also have access to the information that you give us, which are subject to their privacy policies.
Information that we obtain from other sources, such as database services, are also provided to our CRM partners, and are used to supplement or provide new information about you in order to communicate with you about promotions, upcoming events, and other news about products and services offered by us and our selected partners.
Information that we automatically collect from the Site is used to operate, maintain, and improve our Site, products, and services; and to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
In AutoRABIT’s role as Processor, your information may be processed as part of a customer’s use of the AutoRABIT suite of services in the following ways:
- AutoRABIT’s provision of Automated Release Management services, including Single Data Loader and Data Loader Pro, in the process of imports/exports of data between databases and Salesforce
- AutoRABIT’s provision of Vault Data Backup and Recovery, in the process of storing, backing up, and recovering CRM data held in Salesforce
Our legal basis for processing information is discussed below in the section titled “Reasons We Collect and Use Your Information”
Why we share your information & with whom
We may share information as follows:
- We may share information, with your consent, with our third party advertising partners for their own marketing uses. Those uses will be subject to their privacy policies.
- We may share your PI with our contractors, partners, or affiliates, with your consent or as necessary to complete any transaction or provide you with additional information that you have requested or authorized. For example, when you request a product demo, we share your contact information with our CRM partner in order to place you on a mailing list that allows our demand generation team to contact you in order to set up the product demo that you requested.
- We may share information with other corporate entities when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding. If AutoRABIT is involved in a merger, acquisition, or sale of part or all of it business, we may share your PI in connection with that activity.
- We may share information with law enforcement or other authorities for legal, protection, and safety purposes, to comply with laws, and to respond to lawful requests and legal processes, and will provide you with reasonable notice if possible.
- We may share information in an emergency. This includes protecting the safety of our employees and agents, our customers, or any person.
- We may share PI with vendors, agents, and service providers working on our behalf for the purposes described in this Policy. For example, companies that we’ve hired to provide customer service support may need access to PI in order to provide those functions.
Some of those third-party recipients may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see Transfer Of Your Information Out Of The EEA.
Whether information has to be provided by you and why
AutoRABIT endevours to follow each jurisdication’s requirements for opt-in or opt-out of business solicitations. We avoid sending marketing emails to businesses located in jurisdictions that require opt-in to such solicitions.
If you live in an opt-out jurisidiction, you have the option to “opt-out” of our marketing emails. Each of our marketing emails will have a link that allows you to “unsubscribe” from our mailing list.
The provision of cookies and other tracking technologies are required from you to enable us to identify you and your user preferences, and track your use of our website in order to analyze and improve our website’s user experience. You can remove and reject cookies from our Site with your browser settings. Many browsers are set to accept cookies until you change your settings. If you remove or reject our cookies, it could affect how our Site works for you.
How long your information will be kept
We will hold your PI for the period necessary to fulfill the purposes outlined in this Policy. When assessing these periods, we carefully examine our need to collect PI at all and if we establish a relevant need, we only hold it for the shortest amount of time to achieve the purpose of collection unless a longer retention period is required by law.
Reasons we can collect and use your information
We share your PI with your consent or as necessary to complete any transaction or provide you with additional information that you have requested or authorized. For example, when you request a product demo, we share your contact information with our CRM partner in order to place you on a mailing list that allows our demand generation team to contact you in order to set up the product demo that you requested.
In addition, we share PI among AutoRABIT-controlled affiliates and subsidiaries. We also share PI with vendors and agents working on our behalf for the purposes described in this Policy. For example, companies that we’ve hired to provide customer service support may need access to PI in order to provide those functions.
If you are from the European Economic Area, our legal basis for collecting and using the PI described above will depend on the PI concerned and the specific context in which we collect it.
However, we will normally collect and use PI from you where the processing is in our legitimate interests and not overridden by your data-protection interests or fundamental rights and freedoms. Typically, our legitimate interests include improving, maintaining, providing, and enhancing our technology, products, and services; ensuring the security of the services and our Site; and for our marketing activities.
When acting as a Processor for one of the AutoRABIT customers, we process PI in accordance with the customer’s instructions.
Cross-Border Transfers of your PI
If you are in the EEA, the United Kingdom, Switzerland or other country that regulates the cross-border flow of PI, your information may be transferred outside of your home jurisdiction to the United States where our primary office and servers are located, and to India where we have sales and technical support teams available to assist you.
Accordingly, your information may be transferred to, stored, or processed in the United States and India. While the data protection, privacy, and other laws of the United States and India might not be as comprehensive as those in the EEA or other countries, we take many steps to protect your privacy, including the use of approved Model Contractual Clauses for the international transfer of PI collected in the EEA, the United Kingdom and Switzerland. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where AutoRABIT processes personal data, please visit: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en
If you would like further information, please contact us (see “How to contact us” below).
Depending on your jurisdiction and applicable data protection law, you may have some or all of the following rights with regard to your personal information, free of charge. In summary, those include rights to:
- Fair processing of information and transparency over how we use your use information
- Access to your information and to certain other supplementary information
- Require us to correct any mistakes in your information which we hold
- Require the erasure of information concerning you in certain situations Receive the information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- Object at any time to processing of information concerning you for direct marketing
- Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- Object in certain other situations to our continued processing of your information
- Otherwise restrict our processing of your information in certain circumstances
- Claim compensation for damages caused by our breach of any data protection laws
If you would like to exercise any of those rights, please:
- Email, call, or write to us
- Let us have enough information to identify you
- Let us have proof of your identity and address (a copy of your driving license or passport and a recent utility or credit card bill)
- Let us know the information to which your request relates, including any account or reference numbers, if you have them
If you would like to unsubscribe from our mailing list, you can also click on the unsubscribe button at the bottom of the email effective immediately.
Notice for California Residents
The California Consumer Privacy Act of 2018 (“CCPA”) provides California residents with the following specific rights relating to their personal information:
Right to know: You have the right to know about the PI we collect about you, how that information is used, and, if applicable, to whom your PI is shared.
Upon request, we will disclose to you:
- The categories of PI collected and categories of sources of that information
- The purpose(s) of collection and how we use your personal information
- The categories of third parties to whom we share your PI
Right to delete personal information: You have the right to request deletion of PI we have collected about you. In some cases we may be unable to fulfill your request, for example, if your PI is necessary for us to provide a good or service you have requested, or in order to comply with a legal obligation.
Right to non-discrimination for exercising your rights under the CCPA: We will not discriminate against you for exercising your rights under the CCPA.
To exercise the above rights or for inquiries regarding these rights, please contact us via email phone, or mail as described in the “How to contact us” section below.
In your request, please provide a description of your request and sufficient information so that we may identify you and follow up with you with regard to your request.
AutoRABIT follows industry-recognized security safeguards coupled with carefully developed physical, electronic, and managerial security processes to safeguard the information we collect and process. AutoRABIT has prevailing industry practices, security measures, and privacy and security management procedures in place to prevent PI from being accidentally lost, or used or accessed in an unauthorized way. We limit access to your information to those who have a genuine business need to know it. Those processing your PI will do so only in an authorized manner and are subject to a duty of confidentiality.
However, no collection or transfer of information via the Internet is guaranteed to be 100% secure, and therefore we cannot guarantee the security of such information. We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator as required by applicable law.
How to raise a question or complain
We hope that we can resolve any query or concern you raise about our use of your information. You may contact us with questions or complaints using the ‘How to contact us’ section below.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union or EEA state where you work, normally live, or where any alleged infringement of data protection laws occurred.
How to contact us
AutoRABIT Holding, Inc.
Attn: Compliance Manager
548 Market Street PMB 98272
San Francisco CA
Do you need extra help?
If you would like this notice in another format (for example: audio, large print, braille) please contact us (see “How to contact us” above).