For companies using our Platform and Services for building and running applications containing any PII (Personally Identifiable Information) a separate DPA (Data Processing Agreement) must always be signed. Please contact our support for assistance.

It is also important that you review this policy from time to time, particularly if your business changes, or if you begin to send us new types of information. It is our goal to limit the number of changes we make to this policy. If we do make a change, we will notify you through your customer portal. Other than in an emergency, we will give you thirty days prior notice of any change, and the new policy will be effective on the thirty-first day of our notice.

What data does Elastx collect?

There are three types of data that we collect: data that is required by us to provide Services to you; data that is automatically collected by us; and data you voluntarily provide to us.

We collect the following personal information from you:

• Contact Information. This is information you are required to provide to us to enable us to contact you. Examples of contact information may include name, email address, mailing address and telephone number. Contact information may identify you personally.
• Billing Information. This is information you are required to provide to us to enable us to be paid for the Services, or for a third party to provide services through us to you. Examples of billing information may include credit card number, bank information, PayPal id, billing address, billing contact name, telephone numbers and email address. Billing information may identify you personally.
• Password Information. This is information that allows you to access the Services, technical support, our ticketing system and any third party services provided through us. Examples of password information may include user id, account number and password. Password information does not identify you personally, but when associated with other information, it may.
• Technical Information. This is information that allows us to configure the Services so that they are more easily provided to you. Examples of technical information may include your IP address, browser type, referring/exit pages, operating system, and affiliate id. Technical information does not identify you personally, but when associated with other information, it may.
• Voluntary Information. This is information you choose to provide to us and that is not necessary for the operation of the Services. Examples of voluntary information include submissions to our knowledgebase, your endorsements of us and your connections to us in social networks. It is your decision whether you include information that identifies you personally when you provide voluntary information to us.

How does Elastx use the data it collects?

We will use contact information as follows:

• To provide the Services to you;
• To contact you about the Services;
• To contact you about our business and new products and services we offer;
• To allow third parties to provide their services through us to you; and
• To law enforcement, regulatory and government entities to whom we believe we are required to provide it by law.

We do not make this information public except as provided above. However, it is possible that this information may become public. For example, contact information may be provided to a domain name registrar who publishes that information in a who-is register.

We will use billing information as follows:

• To provide the Services to you;
• To bill you, or have third party services bill you, for the Services;
• To allow third parties to provide their services through us to you; and
• To law enforcement, regulatory and government entities to whom we believe we are required to provide it by law.

We require third parties to whom we provide billing information to keep this information confidential, but cannot be responsible if they breach our contract.

We will use password information as follows:

• To provide the Services to you;
• To allow third parties to provide their services through us to you

We will use technical information as follows:

• To provide the Services to you;
• To allow third parties to provide their services through us to you;
• To troubleshoot the Services, and allow third parties to assist us in doing so; and
• To law enforcement, regulatory and government entities to whom we believe we are required to provide it by law.

We require third parties to whom we provide technical information to keep this information confidential, but cannot be responsible if they breach our contract.

We will use voluntary information as follows:

• To enhance our services;
• To help third parties use our services; and
• In our advertising.

You may voluntarily connect with us on many different social networking platforms. Their privacy policies, not this privacy policy, govern our use of that data. We may use social networking data to the fullest extent permitted by the privacy policies of the provider.

Will we sell data?

Contact information, billing information, password information and technical information will only be sold in conjunction with the sale of all or a portion of our business.

E-mail communication

You have the right to ask us to be excluded from the Elastx e-mail communication such as newsletters and invites. E-mails with a marketing purpose may be sent from Elastx, the products that are being marketed are directly associated with the Elastx products with a purpose to offer extension of the service that Elastx provides.

In case of third party marketing through e-mail. You have the right to ask us not to process your personal data for external marketing purposes. We will inform you (at the moment of collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. Therefore, we will not be able to process your personal data for marketing purposes unless we expressly obtain your consent for it.

Third party articles or information may be shown in Elastx e-mails. They are only to be shown in e-mail communication or marketing when a purpose or a connection to the Elastx brand is relevant.

You may at any time opt out by choosing the opt out alternative in the received e-mails or by mailing gdpr@elastx.se to be removed.

As a billing customer that uses the services provided by Elastx, you can not opt out from critical e-mails that may inform you of performance changes or other associated and relevant information.

Data handling for non-billed

Non-billed visitors and contacts of the Elastx public cloud platforms that are stored in our CRM-system have the right to ask to be removed at any time as well as receive their data and information stored on Elastx CRM. The non-billed visitors are opted in through affiliation, contact with the Elastx-team or former Elastx product users with consent from both parties in all cases. See section E-mail communication to learn more about what is being communicated to non-billed customers. You may at any time e-mail us and ask to be removed from our CRM as well as ask for your data by sending an email to gdpr@elastx.se.

Can I opt out?

You may opt out of receiving information about our business, new products, and the services we offer. Simply uncheck the mailing list option under the contact information section in your customer portal. Once you provide voluntary information to us, you may not opt out of its use.

How do I change the information you collect?

To change any of the information set out in this policy, other than voluntary information, you need to log into your customer portal and change or modify it. For information we control, these changes will be immediate. However, it may take some time for third parties to change your information. This is particularly true of certain types of contact information and technical information. For example, if you change your contact information, it may take several days for a domain name registrar to make those changes. You should never assume that any changes to that type of information will be immediate. Once you provide voluntary information to us, you may not change it.

Information tracking programs

Our site uses information tracking programs. These programs may be cookies, single-pixel gifs (web beacons) or other technology that provides us with information about your activities on our site and the internet in general. Information tracking programs do things like keep track of your preferences and profile information so that you do not have to enter that information each time you visit our site (Preferences), or to modify our site so that it presents information to you that we believe you will find helpful. These programs may also collect usage and volume statistical information. Other than Preferences, no personally identifiable information is collected by us. We do not provide the Preferences to third parties.

If you do not want your Preferences stored on your computer, you can deselect this option when you are asked for this information. If you wish to change the Preferences after you chose to have them stored, you may log into your customer portal and change them. For information collected other than the Preferences, it is your obligation to configure your browser so that this information is not collected.

How do we secure this information?

When you provide us with information covered by this policy it is protected by encrypted SSL. The information is stored on secured servers configured to allow only authorized access. This information is encrypted when required by the laws that generally apply to our industry or as required by our vendors.

No information transmitted on the internet, nor stored on servers, is 100% secure. The methods set out above are industry standard security measures. Nevertheless, dishonest people exist, software and hardware can malfunction and people make mistakes. As a result, we cannot guarantee that any information covered by this policy will be absolutely secure.

By accepting our Terms of Service and Privacy Policy, you:

• confirm that you are 16 years old or older;
• confirm that you was given consent to the processing of your personal data for all the following purposes: Providing our services to you;
• Billing, accounting and financial matters;

• Send informative and marketing communications for the purpose of selling and raising brand awareness for the Elastx products and services;

  • Example such as:

    • Newsletters
    • Events
    • Meetups
    • Webinars
    • Product sales
    • Updates
    • Service windows

Data Processing

• Nature and Purpose of the Processing: Elastx will process your Personal Data for the purposes of providing the Services to you in accordance with the Terms of Service. Also Elastx can process personal data for marketing purposes (excluding direct marketing in the sense of the Article 21 (2) of the GDPR). Categories of Data: Data relating to individuals provided to Elastx via the Services.

Data Deletion

• Deletion by Customer. Elastx will enable you to delete your Data during the Term in a manner consistent with the functionality of the Services.

Data Transfers

• Transfers of data out of the EEA. If the storage and/or processing of your Personal Data involves transfers of your Personal Data out of the EEA, and the European Data Protection Legislation applies to the transfers of such data, Elastx will ensure that Elastx as the data importer of the Transferred Personal Data enters into Contract Clauses with entity as the data exporter of such data, and that the transfers are made in accordance with such Contract Clauses.
• International transfers of data may also take place in the location of the previous transfers. In any case, third parties with whom certain personal data are shared will have previously accredited the adoption of adequate technical and organizational measures for the correct protection of the same. The transfers will be executed within the framework of the technical and organizational guarantees implemented as binding corporate rules by Elastx.

Subprocessors

• Consent to Subprocessor Engagement. You specifically authorize the engagement of Elastx Affiliates as Subprocessors. In addition, Customer generally authorizes the engagement of any other third parties as Subprocessors.

Cloud Data Protection Team

• Elastx Cloud Data Protection. If you have any questions regarding the Cloud Data Protection, email us at gdpr@elastx.se

I have more questions. Who do I contact?

If you are not a customer, please email us at: info@elastx.se.

If you are a current customer, the fastest way for you to contact us about this policy is to open a support ticket through your customer portal support.elastx.se. If you would rather contact us by email, you may email us at support@elastx.se.

Previous version: 2018-05-18