SplashBI Privacy Policy

What this Privacy Policy covers

This Privacy Policy describes how Splash Business Intelligence, Inc. and its affiliates and subsidiaries (collectively, “SplashBI”) collects, uses, processes, protects, and discloses personal information collected through the use of its software (the “Software’) and the performance of its Services (as defined below).

Definitions

In this policy,

Youany individual whose data is collected by a SplashBI Customer and provided to SplashBI in the context of a license agreement between the SplashBI Customer and SplashBI, and/or any individual whose data is collected by SplashBI.com for the purposes of direct marketing on behalf of SplashBI.
We or UsSplashBI
SplashBI Customer or Customerthe individual(s) or organization(s) that have entered into a license agreement with SplashBI entitling them to receive Services from SplashBI or use the Software, including free trial users and OEM partners.
Personal Informationinformation about you that is personally identifiable by name or can be linked to you through a personal identifier like your address, e-mail address, phone number, or location, and which is not otherwise publicly available. This definition is given here for this notice only, and some laws may use a different definition. If you are asserting your rights under law, the applicable legal definition governs your rights.
Servicesany services which may involve granting SplashBI access to SplashBI Customers’ information or records, such as support services, professional services, business intelligence consulting, and business relations.

SplashBI as a Data Processor

  • SplashBI is a business analytics software and services company.
  • Customers use the Software to analyze and create dashboards and reports of their data.
  • SplashBI provides related Services to licensees of the Software, and we provide the Software to Customers who host their instance of the Software on the cloud.
  • In cases where SplashBI has access to Personal Information found in a Customer’s data, the Customer is the Data Controller of that Personal Information. SplashBI is the Data Processor carrying out data processing activities and instructions on behalf of each Data Controller.

SplashBI as a Data Controller

SplashBI is a Data Controller of data, including any Personal Information contained in such data, that we use for our business purposes, such as our business records.

Disclosures of information under SplashBI Customer control

SplashBI provides its Services to Customers of the Software. SplashBI Software Customers use the SplashBI Software to store, process, and distribute data belonging to them (or their customers, licensees, or users) through their IT systems, websites, software applications, bundled products, or other comparable means. As the controllers of Personal Information included in their data, SplashBI’s Customers are responsible for maintaining the privacy of Personal Information included in their data.  SplashBI is not responsible for disclosures of information made by SplashBI Customers through the Software or using the Software on a Customer’s system. When we have access or process your Personal Information on behalf of our Customer, it is that Customer’s responsibility to protect your privacy.   If you are concerned about your privacy while interacting with products and services provided by a SplashBI Customer, you should address requests and inquiries relating to your Personal Information directly to that Customer. If you contact us regarding information belonging to our Customer, we may forward your requests or inquiries to the relevant Customer.

When does SplashBI have access to your Personal Information?

When a Customer requests Services from SplashBI, SplashBI may have access to their data. If a Customer’s data includes your Personal Information, SplashBI may have limited access or exposure to Personal Information. Examples of situations where SplashBI may have access or exposure to Customer data include:

  • When a Customer shares a screen showing their data on a business consulting call to help it evaluate or use the Software, your Personal Information may be revealed to us.
  • When a Customer submits a file containing its data to our support help desk to resolve a Software issue, your data may be included in such data.
  • If you interact with us as a Customer or on behalf of a Customer, we may have your name, contact information, billing address, and any other information you provided us.

Our customers use the Software for a wide range of business analytics purposes, and we do not preview, screen, or review their data. Therefore, we do not know what categories of Personal Information a Customer may collect and control about you in their data.

How we use your Personal Information

If we have access to your Personal Information as described above, we may only use it for our legitimate business interests, including:

  • To provide the Services and Software functions requested by our Customer.
  • To manage the business relationship with our Customer, such as providing service notices and billing.
  • To use the Customer’s contact and billing address to send the Customer offers and promotional information.
  • To carry out other legitimate business purposes, as well as other lawful purposes.

Service provider access to information

We rely on certain trusted third party service providers to provide part of the services and functions that make up the Services and the Software. For example, we host the Software on third-party cloud platforms, and the Software may be powered by a third-party service. We may also use outsourced personnel to perform technical and support functions that may involve access to customer data. SplashBI does not disclose your Personal Information to any third parties (other than our services providers) except in the limited circumstances detailed below. Our service providers do not have permission to use your Personal Information for any purpose other than to provide us the services we require to serve our Customers.

Disclosure of Personal Information to third parties

We do not disclose your Personal Information to third parties (except our service providers, as stated above) and except under the following circumstances and for the following purposes:

  • When we have the Customers’ permission, to provide the Customer with Services it requests.
  • When required by law to respond to subpoenas, court orders, or legal process by public authorities, including disclosures required by national security or law enforcement agencies.
  • When we need to establish or exercise our legal rights, or to defend against legal claims, or when we believe it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, data breaches, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law.
  • If SplashBI is acquired by or merged with another company, SplashBI will come under the control of a new entity any rights and permission that SplashBI has to access your Personal Information may be assigned to the new entity.

Retention of information

We may retain Customer data (including your Personal Information) for any lawfully permitted period of time, and as necessary to comply with our legal and contractual obligations, enforce our agreements, and enable us to investigate events and resolve disputes.

Confidentiality, security, and data integrity

We take great precautions to protect the integrity of your Personal Information. However, no data transmission over the Internet or stored on any other network or system can be guaranteed to be 100% secure. While we strive to protect information on our systems, we cannot and do not guarantee the security of any information you transmit.

Rights of European Data Subjects under the General Data Protection Regulation (GDPR)

If you are in one of the EU/EEA countries, beginning in May 2018, SplashBI will have certain obligations as a data processor towards our Customers regarding your Personal Information, and certain obligations towards you as a data controller, under the General Data Protection Regulation (GDPR).  The Customer, as data controller, will be responsible for protecting your rights under the GDPR for your Personal information included in data under the Customer’s control. Until the GDPR comes into effect in May 2018, you will continue to enjoy the privacy rights under applicable national legislation and the EU Data Protection Directive (Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data). To learn more about your rights under the GDPR you can visit the European Commission’s page on Protection of Personal Data, at: https://ec.europa.eu/commission/index_en.

Cross-border Personal Information transfers

Data hosted on the SplashBI Cloud is hosted in the cloud environment selected by the Customer, which may be either in the EU or outside the EU. Our staff located in the United Kingdom, the United States and India have access to Customer data on the SplashBI Cloud environment. Data we collect while providing our Services is hosted in the United Kingdom, the United States and India. If you are in the European Union, EEA, or Switzerland, you have a right to access your Personal Information that we hold about you, and can correct, amend, or delete that information where it is inaccurate, or has been processed in violation of the Privacy Shield Principles, except where the burden or expense of providing you access would be disproportionate to the risks to your privacy in the case in question, or where the rights of other persons would be violated. If you wish to exercise any of your rights in your Personal Information held by a Customer, please contact the relevant Customer (the data controller).

Your rights in Personal Information

If you wish to exercise any of your rights in Personal Information held by us, please contact us at the contact information below.

Note, however, that it is usually better to address requests related to your Personal Information directly to the relevant Customer, since it controls the information, knows how it was collected and used, and has additional copies of your Personal Information in its possession.

You have a right to choose (opt-out) whether your Personal Information is

  • to be disclosed to a third party or
  • to be used for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by you.

In cases where we are acting as an agent (data processor) for a Customer, your choices are determined according to your relationship between you and that Customer, and you should direct your inquiries to that Customer.

In cases where we control your information, and you gave us permission to share your information with a third party, you may exercise your choice to opt-out of the permission you gave us by contacting us at the contact information below (the services you requested from us may be affected by your choice). We will notify you and give you an opportunity to opt-out before using your Personal Information for a purpose that is materially different from the purpose for which we originally collected your data.

In the context of an onward transfer of Personal Information to a third party (including our service providers), we have a responsibility for the processing of personal information we receive under the Privacy Shield and subsequently transfer to a third party acting as an agent on our behalf. We shall remain liable under the Privacy Shield Principles if our agent processes such personal information in a manner inconsistent with the Privacy Shield Principles, unless we can prove that we are not responsible for the event giving rise to the damage.

We will investigate and attempt to resolve requests, complaints and disputes regarding use and disclosure of your information in accordance with this Privacy Policy. We may require further information from you to identify you and address the matter at issue.

Individuals in the European Union, EEA, and Switzerland may submit unresolved complaints to binding arbitration before the American Arbitration Association (“AAA”) under certain conditions. Information about AAA services can be found at its website: http://go.adr.org/privacyshield.html.  The exclusive location for such arbitration shall be Atlanta, Georgia, United States.   SplashBI is subject to the regulatory authority of the U.S. Federal Trade Commission. The Federal Trade Commission may be contacted at the following address:

Federal Trade Commission

Attn: Consumer Response Center

600 Pennsylvania Avenue NW

Washington, DC 20580

Email: consumerline@ftc.gov

www.ftc.gov

People in the European Union (EU Data Subjects) and Switzerland can invoke binding arbitration as stipulated in the EU-U.S. Privacy Shield Agreement, Annex I, for some residual claims not resolved by other redress mechanisms.

Changes to this Privacy Policy

SplashBI may update this Privacy Policy at any time without prior notice. Any such changes will become effective prospectively from the date of publication. This Privacy Policy was last updated on May 16, 2018. We encourage you to check this page frequently for any changes to our Privacy Policy.

Contacting SplashBI about this Privacy Policy

Any inquiries, concerns, or requests regarding the use or disclosure of your Personal Information should be directed to us at: legal@splashbi.com.
You may also update your contact preferences by clicking the button below.

Update Contact Preferences

 

 

Copyright © 2018 SplashBI Inc. All rights reserved.