Effective date: January 1, 2020
Panopta LLC (“Panopta”, “us”, “we”, or “our”) operates the Panopta infrastructure monitoring service, which consists of our public website, control panel, iOS/Android mobile apps (referred to collectively as the “Service”).
Service means the Panopta website, control panel and mobile app operated by Panopta LLC.
Personal Data means data about a individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies are small pieces of data stored on your device (computer or mobile device).
Data Processors (or Service Providers)
Data Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.
Data Subject (or User)
Data Subject is any individual who is using our Service or who has previously used our Service and is the subject of Personal Data.
Data Collection And Use
We collect several different types of data to provide and improve our Service to you.
Types of Data Collected
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
- First name and last name
- Email address
- Phone number
- Company name
- Address, State, Province, ZIP/Postal code, City
- Cookies and Usage Data
The primary use of the Personal Data is to operate the Service, including the distribution of alerts and reports on your monitored infrastructure via email, SMS or phone call.
We may use your Personal Data to contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. Any contact information provided by you in the process of signing up for a trial account or mailing list will only be used internally and never sold or shared with a third party for marketing purposes. You may opt out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us at firstname.lastname@example.org.
We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device (“Usage Data”).
This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When you access the Service by or through a mobile device, this Usage Data may include information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data.
Tracking Cookies Data
Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
- Session Cookies. We use Session Cookies to operate our Service in order to maintain state about authenticated users within our system.
- Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Use of Data
We do not sell your Personal Data – such as your name and contact information – to third parties for their own marketing purposes. Panopta uses the collected Personal Data for the following purposes:
- To provide and maintain our Service, including controlling access to your account, alerting you and your users about incidents that we have detected, and to collect payment for our Service.
- To notify you about changes to our Service, including information about upcoming improvements to the Service, changes to our monitoring network and other information to help you better make use of our Service.
- To allow you to participate in interactive features of our Service when you choose to do so.
- To provide troubleshooting and customer support via email, interactive chat and phone.
- To gather metrics so that we can improve our Service.
- To monitor the usage of our Service.
- To detect, prevent and address technical issues.
- To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or inquired about, unless you have opted not to receive such information.
As noted above, we compile Usage Data and other analytics through the offering of our Service. We may share such data with third parties, but only after the removal of all Personal Data.
Retention of Data
Panopta LLC will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
Transfer Of Data
Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.
If you are located outside United States and choose to provide information to us, please note that we transfer the information, including Personal Data, to the United States and process it there.
Disclosure Of Data
Disclosure for Law Enforcement
Under certain circumstances, Panopta LLC may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a search warrant or court order).
Panopta LLC may disclose your Personal Data in the good faith belief that such action is necessary to:
- comply with a legal obligation
- protect and defend the rights or property of Panopta
- prevent or investigate possible wrongdoing in connection with the Service
- protect the personal safety of users of the Service or the public
- protect against legal liability
Security Of Data
Panopta has implemented and currently maintains a strong and effective information security program that includes administrative, technical, and physical security measures to (a) ensure the security, confidentiality, and integrity of your Personal Data; (b) protect against any threats or hazards to the security, confidentiality, and integrity of your Personal Data; (c) protect against unauthorized access to, destruction, modification, disclosure or use of your Personal Data; and (d) detect and respond to security incidents involving your Personal Data.
Personal data within our system is stored and protected using Google’s GSuite and Google Cloud Platform infrastructure, which includes encryption of data at rest and when transferred in and out of Google’s infrastructure. Additional details on Google’s security and privacy policies can be found at https://policies.google.com/privacy.
Privacy for California Residents
California has adopted the California Consumer Privacy Act (“CCPA”), which took effect as of January 1, 2020. Panopta complies with the requirements of the CCPA to the extent they apply to us.
Personal Information Collected and Processed
Requests to Exercise Your Rights
RIGHT TO KNOW REQUEST – Under the CCPA, you have a right to request information about our collection, use, and disclosure of your personal information over the prior 12 months, and ask that we provide you with the following information:
- Categories of and specific pieces of personal information we have collected about you.
- Categories of sources from which we collect personal information.
- Purposes for collecting, using, or selling personal information.
- Categories of third parties with which we share personal information.
- Categories of personal information disclosed about you for a business purpose.
- If applicable, categories of personal information sold about you and the categories of third parties to which the personal information was sold, by category or categories of personal information for each third party to which the personal information was sold.
To make a verifiable request for information about the personal information we have collected about you, please email us at email@example.com.
RIGHT TO DELETE REQUEST – You also have a right to request that we delete personal information, subject to certain exceptions. You may exercise your right to delete by emailing us at firstname.lastname@example.org.
HOUSEHOLD REQUESTS – We currently do not collect household data. If all the members of a household makes a Right to Know or Right to Delete request, we will respond as if the requests are individual requests.
REQUESTS, GENERALLY – Please note, if you do not have a Panopta account we will not have enough information about you to verify your Right to Know and Right to Delete requests, as we do not keep sufficient information necessary to reidentify and link you to a prior visit to the Panopta website where data may have been collected. As such, we will be unable to verify and honor your requests. You may make a verifiable consumer request related to your personal information twice per 12-month period. We will not discriminate against you for exercising any of your rights under the CCPA.
REQUESTS MADE THROUGH AGENTS – You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
Disclosures of Personal Information for a Business Purpose
We do not sell your Personal Information. However, we do disclose certain categories of aggregate, anonymized information to our partners and other third parties, all as described in the section entitled “Use of Data” above.
Legal Basis for Processing Personal Data Under General Data Protection Regulation (GDPR)
Panopta LLC may process your Personal Data because:
- We need to perform a contract with you
- You have given us permission to do so
- The processing is in our legitimate interests and it’s not overridden by your rights
- Processing is required for payment purposes
- To comply with the law
Your Data Protection Rights Under General Data Protection Regulation (GDPR)
If you reside in the European Economic Area (EEA), you have certain data protection rights. Panopta aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data, whether you are a current or former user of the Service.
Some of these rights, e.g., the right to be forgotten or the right to request that we transfer your information to another company, will only apply in certain circumstances. Generally, these rights will not be available if there are outstanding contracts between us, if we are required by law to keep the information or if the information is relevant to a legal dispute.
We have listed the rights you have over your Personal Data and how you can use them below. These rights are subject to restrictions under European data protection law and, subject to the exemptions in that law, may only apply to certain types of information or processing.
If you want more information regarding what Personal Data we hold about you orif you want your Personal Data to be removed from our systems, please contact us.
The right to access, update or to delete your Personal Data. Whenever possible, you can access, update or request deletion of your Personal Data directly within your account settings section on our Service. If you are unable to perform these actions yourself, please contact us to assist you.
The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
The right to object. You have the right to object to our processing of your Personal Data.
The right of restriction. You have the right to request that we restrict the processing of your personal information.
The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
The right to withdraw consent. You also have the right to withdraw your consent at any time where Panopta LLC relied on your consent to process your Personal Data.
Please note that we may ask you to verify your identity before responding to such requests.
You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).
We may employ third party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
Our current Service Providers are listed below, along with links to their privacy policies:
|Core infrastructure provider for compute, network and storage||https://policies.google.com/privacy|
|SalesForce||Customer data management, sales and marketing communication, customer support communication||https://www.salesforce.com/company/privacy/|
|Intercom||Interactive chat for customer support||https://www.intercom.com/terms-and-policies#privacy|
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use your Personal Data for any other purpose. Additional details on their handling of Personal Data can be found in each of the policies linked to above.
We currently use the following third-party Service Providers to monitor and analyze the use of our Service.
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. For more information on the privacy practices of Google, please visit http://www.google.com/intl/en/policies/privacy.
Heap Analytics provides user behavior analytics on users of our Service. This data is used by our product team to identify and optimize user interfaces and ultimately provide better service to our customers. For more information on the privacy practices of Heap, please visit https://heapanalytics.com/privacy.
We use Personal Data to collect for payment of our Service. For customers paying via credit card or Paypal, we use third-party services for payment processing:
- Braintree: https://www.braintreepayments.com/legal/braintree-privacy-policy-us
- Paypal: https://www.paypal.com/us/webapps/mpp/ua/privacy-full
Our Service does not address anyone under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.