Privacy Statement
Effective February 15, 2024
CrashPlan Group LLC (“CrashPlan”) knows that you care about your personal data, and your privacy is important to us. This Privacy Statement describes the personal data we collect and how we use or share that data. It also explains your rights regarding our processing of your personal data.
This Privacy Statement applies to personal data collected by us through a CrashPlan website, in connection with our events, and sales and marketing activities, and from customers of our products and services where we act as a controller of the personal data.
Please see our Applicant Privacy Statement for information on personal data we collect about job applicants.
This Privacy Statement provides the following information:
- Personal data we collect
- How we use personal data
- When we share personal data
- How long we retain personal data
- When we transfer personal data internationally
- How we secure personal data
- Your privacy rights
- Conditions of use, notices and revisions
- Links to other sites
- Personal data from children
- How to contact us
- CrashPlan affiliates
- Personal data we collect
The following are types of personal data we collect. The specific information we collect will depend on how you interact with CrashPlan.
Data you provide to us.
We collect personal data directly from you when:
- You enter information on our website or send to us electronically (including information you choose to provide when completing any ‘free text’ boxes in our forms) to express interest in obtaining additional information about our products and services, sign up for a webinar, event or contest, download certain content or submit survey responses.
- You attend one of our events.
- You engage with sales representatives, including during phone calls.
- You contact customer support.
- You post on our message boards, chat features, blogs and other CrashPlan services to which you are able to post information and materials.
- You visit our offices and register as a visitor.
The personal data you provide directly to us may include your name, address, telephone number, email address, billing information, job title, department or job role, as well as the nature of your request or communication. You can choose not to provide some information, but doing so may limit our ability to communicate with you or fulfill your requests.
Data we collect automatically.
When you interact with our website or receive electronic communications from us, we automatically collect information, including:
- Information about your device and network. This includes information about the specific device you are using, such as the hardware model, operating system version, web browser and your Internet Protocol (IP) address/MAC address/device identifier.
- Information through cookies, clear GIFs, pixel tags and other similar technologies This includes statistics on your activities on the website, pages accessed and links clicked; information about how you came to and used the website; broad geographic location (e.g. country or city-level location) and other technical data collected through cookies, pixel tags and other similar technologies that uniquely identify your browser; and confirmation when you open an electronic communication.
This data often does not reveal your identity directly. For additional information about our use of cookies and similar technologies, please read our Cookie Notice.
Data we receive from other sources.
We receive information from third parties, such as channel partners, social media platforms, joint marketing partners, referral or commercial lead sources and other data providers. In certain circumstances, we will send you an email letting you know that we have received your personal data, the source of the data, and a link to this Privacy Statement. Personal data we receive from these sources includes name, email address, phone number, event attendance information, job role, public employment profile, and information about your product or service interests or preferences.
We may combine this information we receive from other sources with other personal data we hold about you and use it as described in this Privacy Statement.
- How we use personal data
CrashPlan relies on a variety of information to operate our business. We collect and process your personal data for the following purposes. Where required by law, we obtain your consent to use and process your personal data for these purposes. Otherwise, we rely on another authorized legal basis to collect and process your personal data.
- Provide products and services to you and fulfill other requests you have, including support requests, as necessary to perform our contract with you. Where we have not entered into a contract with you, our processing of your personal data is based on our legitimate interest to provide you with the content you request
- Evaluate the frequency, duration and patterns of usage of our website to improve the user experience. (This use is necessary for our legitimate interest in understanding how users experience our website)
- Update and expand our records with new information, and analyze our records to identify potential customers by understanding your role in your organization (for EU data subjects, this use is based on your consent to receiving communication about our products and services that may be of interest to you)
- Contact you with tailored advertising for products and services that may be of interest to you, including information about our products, promotions, and events as necessary for our legitimate interest or to the extent you have provided consent.
- Register you as a visitor to our offices and manage non-disclosures you may be required to sign to the extent such processing is necessary for our legitimate interest in protecting our offices and our confidential information against unauthorized access.
- Manage event registrations and attendance to plan and host events or webinars for which you have registered or that you attend, including sending related communications to you, to perform our contract with you
- Manage contests or promotions you register for, which is necessary to perform our contract with you.
- When we share personal data
We share your personal data as necessary to operate our business. We do not sell your personal data and do not share it except as described below.
- CrashPlan affiliates: CrashPlan may use affiliates that it controls (see “CrashPlan affiliates” below) to provide products, services or support to you. We transfer your personal data to those affiliates, and they will process your personal data as data controllers in accordance with this Privacy Statement.
- Business partners: CrashPlan shares your personal data with resale partners to fulfill product and information requests. We engage in joint sales or product promotions with select business partners and share your contact information with those partners if you consent to sharing when you express interest in the product or promotion.
- Service providers: CrashPlan uses other companies and individuals to provide services on its behalf, such as to assist with marketing, billing, customer support, payment processing and data analysis. These service providers have access to the personal data required to provide their services and are prohibited from using your personal data for any other purpose.
- Professional advisers: CrashPlan may share personal data with professional advisers acting as service providers, processors, or joint controllers – including lawyers, bankers, auditors, and insurers to the extent we are legally obliged to share or have a legitimate interest in sharing your personal data.
- Event partners: If you attend an event or webinar organized by us, CrashPlan may share your personal data with partners or sponsors of the event or webinar. If required by applicable law, you may consent to such sharing by opting-in via the registration form. In these circumstances, your information will be subject to the partner’s privacy statements. If you do not wish for your information to be shared you can opt-out in accordance with Section 7 below.
- Business transfers: In the event that CrashPlan or substantially all of its assets are acquired or CrashPlan is involved in a merger, dissolution, sale of all or a portion of its assets, or other fundamental corporate transaction, we reserve the right to sell or transfer your personal data as part of the transaction.
- Protection of CrashPlan and others: CrashPlan shares personal data when required by law or to respond to legal process, to protect customers or others, to maintain the security of our products, and to protect the rights or property of CrashPlan.
- Community website and blog users: Any information that you post on our community pages or blog is publicly available and will be accessed through search engines or other publicly available platforms. It may be “crawled” or searched by third parties.
- With your consent: Except as described above, we will provide you with notice when your personal data will be shared with third parties, and you can choose not to share that information.
- How long we retain personal data
CrashPlan will retain your personal data for as long as needed to fulfill the purpose for which it is collected, and as required or permitted by law (such as tax, legal, accounting or other purposes). See Section 7 for information on your rights for storage of your personal data. We will consider your request in accordance with applicable laws.
- When we transfer personal data internationally
CrashPlan is headquartered in the United States with entities, operations and service providers in the United States and throughout the world. Your personal data may be transferred outside your jurisdiction, including to countries that are not subject to an adequacy decision by the European Commission and that may not provide for the same level of data protection as your jurisdiction. We have appropriate safeguards to ensure your personal data receives an adequate level of protection and security. This includes entering into agreements with written assurances from services providers and implementing standard contractual clauses, as required, for the transfer of personal data as approved by the European Commission.
- How we secure personal data
CrashPlan uses administrative, organizational, technical and physical safeguards to protect your personal data. We use physical access controls, encryption, Internet firewalls, intrusion detection and network monitoring depending on the type of data. We also require our service providers to use appropriate security measures. If you have questions about the security of our website, products, or services, please contact us at security@CrashPlan.com.
In compliance with the Privacy Shield Principles, CrashPlan commits to resolve complaints about our collection or use of your personal data. EU, UK and Swiss individuals with inquiries or complaints regarding our Privacy Statement should first contact CrashPlan at privacy@crashplan.com.
- Your privacy rights
Updating your information: If you would like to update the personal data you have provided to us, please contact us at privacy@crashplan.com.
Marketing communications: You can opt-out of receiving marketing communications from us by clicking “unsubscribe” in any marketing email communications we send you.
Additional rights for the EEA and certain other territories: If you are located in certain territories (such as the European Economic Area and United Kingdom), you have the right, under certain circumstances, to exercise the following privacy rights available to you under applicable data protection laws:
Right not to provide consent or to withdraw consent: We rely on your consent to process certain personal data. Where we do so, you have the right not to provide your consent or to withdraw your consent at any time. You can revoke consent to receiving marketing communications from us by clicking “unsubscribe” in any marketing email communication we send you.
- You can revoke consent generally by sending an email to privacy@crashplan.com.
- Right of access: You have the right to access the personal data that we hold about you.
- Right of erasure: In certain circumstances, you have the right to request the deletion of your personal data.
- Right to object to processing: You have the right to request that CrashPlan stop processing your personal data and we will do so if we are processing your personal data for marketing, or if we are relying on our legitimate interest to process your personal data – unless we demonstrate compelling legitimate grounds to continue the processing.
- Right to data portability: You have the right to obtain the personal data that you consented to give us or that was provided to us to perform our contract with you. We will provide your personal data in a structured, commonly used and machine-readable format, and you may reuse it elsewhere.
- Right to rectification: You have the right to require us to correct any inaccurate or incomplete personal data.
- Right to restrict processing: You have the right to request that we restrict processing of your personal data in certain circumstances, to the extent permitted by applicable data laws.
- Right to lodge a complaint with the data protection authority: If you have a concern about our privacy practices, including the way we handled your personal data, you can report it to the data protection authority that is authorized to hear those concerns.
To exercise your rights, please contact privacy@crashplan.com. CrashPlan will consider your request in accordance with applicable and will respond within a reasonable timeframe. To protect your privacy and security, we will take appropriate steps to verify your identity before complying with the request.
California Privacy Right:
The California Consumer Protection Act (CCPA) provides California consumers with specific rights regarding the processing of their personal information. You have the ability to request that CrashPlan:
- provide details about the categories of personal information that we collect about you, including how we use and share it
- provide you access to the personal information we collect about you
- delete the personal information we have about you.
To exercise your rights, please contact privacy@crashplan.com. CrashPlan will consider your request in accordance with applicable law and respond within a reasonable timeframe. To protect your privacy and security, we will take appropriate steps to verify your identity before complying with the request.
- Conditions of use, notices and revisions
If you choose to visit a CrashPlan website, your visit and any dispute over privacy is subject to this Privacy Statement and our website terms of use. If you have any concern about privacy at CrashPlan, please contact us with a thorough description, and we will try to resolve it. Our business changes constantly, and our Privacy Statement will change also. We may email periodic reminders of our notices and conditions, but you should check our website frequently to see recent changes. If required by applicable law, we will notify you of any material changes to this Privacy Statement. Unless stated otherwise, our current Privacy Statement applies to all information that we have about you. We will never materially change our policies and practices to make them less protective of personal data collected in the past without the consent of affected individuals.
- Links to other sites
Our website provides links to other websites through direct links or through applications such as “Share” or “Like” buttons. Other websites may contain links to the CrashPlan website or services. We do not control those sites or their privacy practices, which differ from those described in our Privacy Statement. The personal data you choose to give to unrelated parties is not covered by this Privacy Statement, and we encourage you to review their privacy policies.
- Personal data from children
Our website, products and services are not directed to individuals under the age of 16. We do not knowingly collect personal data from those individuals. If you become aware that a child has provided us with personal data, please contact us in accordance with Section 11 below. If we become aware that a child under the age of 16 has provided us with personal data, we will take steps to delete the information.
- How to contact us
If you have any questions about this Privacy Statement, you can write to us or any of our affiliates at privacy@crashplan.com or by mail at:
CrashPlan Group, LLC.
400 S 4th St Suite 410
PMB 31083
Minneapolis, MN 55415-1419
United States
Attn: General Counsel
Our EU Data Representative is CrashPlan Group LLC. You can contact our EU Data Representative at privacy@crashplan.com or by mail at:
CrashPlan Group UK Ltd
Floor 2, Building 220
Wharfedale Road
Winnersh
RG41 5TP
GB
Attn: General Counsel