Caspio Privacy Statement

Caspio is committed to respecting your privacy and has developed this Privacy Statement to demonstrate its transparency and commitment to protecting your information. This statement is provided to explain our information practices and the choices you can make about the way your information is collected and used.

This statement applies to our websites, sales and technical calls with you, products and Services. Capitalized terms not otherwise defined herein shall have the meaning ascribed to them in the Caspio Platform Terms of Service Agreement.

This Privacy Statement explains how we collect, use and disclose information, including Personal Data, in connection with Caspio Services. For these purposes, “Personal Data” means information related to an identified natural person or that could reasonably be used (by itself or in combination with other data reasonably available) to identify a natural person.

This Privacy Statement describes the choices available to you regarding our use of your Personal Data and how you can access and update this information. This statement also covers our treatment of any Personal Data that our business partners share with us or that we share with our business partners.

2. INFORMATION WE COLLECT

When you visit our websites, register for the Service, speak with us on sales or technical calls, or request more information about Caspio Services, we may request that you provide Personal Data about yourself, we may record a live encounter, and we collect navigational information. In some cases, if you do not provide sufficient Personal Data, we may not be able to provide all of our products and services.

PERSONAL DATA

Caspio collects Personal Data such as name, title, phone number, email address, mailing address, and IP address. Additionally, when you sign up for a Caspio paid service, we collect your billing information, including your credit card number, expiration date, and billing address. Caspio may also receive Personal Data from its business partners based on your consent. 

NAVIGATIONAL INFORMATION

Caspio also automatically collects navigational information such as your browser including your browser type, referrer page, domain name, access time, entry page, exit page, operating system type, and search engine keywords used. 

COOKIES AND OTHER TRACKING TECHNOLOGIES

As is true of most websites, Caspio and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking mechanisms (web beacons, device identifiers and similar technologies) to recognize you across websites and provide certain functionality. Caspio uses cookies and similar technologies to administer our websites, monitor behavioral trends to improve our content and Services, and protect the security of Caspio Services. For more information, please see Caspio’s Cookie Policy at https://www.caspio.com/cookie-policy, where we have provided a mechanism to opt out of certain cookies and tracking technologies. 

The Caspio Platform Service uses cookies tied to Personal Data for their essential operation, such as maintaining the security of authenticated user sessions. While you can disable cookies used in the Caspio Platform Service at the browser level, it is not recommended because certain features and/or controls may not function as designed or as required to effectively and securely use the Service. 

SURVEYS

From time to time, Caspio may invite you to participate in an online survey administered by Caspio or a third-party agent. In addition to questions about your experience with Caspio Services, these surveys include Personal Data such as name and email, and may request additional profile information. The results of these surveys help us better understand the needs of our customers in order to improve Caspio Services, and may be shared in aggregate format with third parties. 

TESTIMONIALS

We display personal testimonials of satisfied customers on our website in addition to other endorsements. With your consent, we may post your testimonial along with your name, company, title, logo, or profile photo.

REFERRALS

Caspio may invite you to participate in a referral program to inform your colleagues and friends about Caspio Services. If you choose to use our referral service to tell a friend about Caspio Services, we will ask you for your friend’s name and email address, which we understand you are authorized to provide.

3. HOW WE USE YOUR INFORMATION

Caspio uses the information we collect through our websites and Services to measure our business success, to identify effective ways to communicate with or educate our customers and prospects, to meet requests for certain product features and services, and to communicate about product updates and service incidents. 

Caspio acts as an agent (the data processor) for each of our customers, in that Caspio processes Personal Data only on the instructions from our customers (the data controller). As per our customer agreements, Caspio does not access or make use of any data collected on the customer’s behalf except as necessary to provide our services to that customer. We do not aggregate, transfer, or otherwise disclose it to anyone but the customer, or pursuant to the customer’s instructions. We do, however, reserve a right to disclose data we collect if required by law or valid order of a court or other governmental authority. 

Our legal basis for collecting and processing your Personal Data when you evaluate Caspio Services, register for a Caspio account, or purchase Caspio Services is based on the necessity to perform a contract or take steps enter into a contract. Our legal basis for collecting and processing your Personal Data when you subscribe to receive Caspio marketing emails is based on consent. There may be instances where processing Personal Data is in our legitimate interests (which is not overridden by your data protection interests), such as for research and development, to market and promote Caspio Services, and to protect our legal obligations and interests. 

4. INFORMATION WE SHARE

Caspio will not rent, sell, or share Personal Data about you with third parties except to provide services that you have requested, when we otherwise have your permission, or under the following circumstances: 

• When we need to disclose Personal Data to third-party agents that work on our behalf in order to provide Caspio Services, but only to the extent needed to enable them to provide such services. For example, Caspio uses third party agents for infrastructure hosting services and payment processing. All such third parties function as our agents performing services at our instruction and on our behalf pursuant to contracts which require they provide an equivalent level of privacy protection as is required by this Privacy Statement and any applicable data processing agreement in place. 
• When we need to transfer your Personal Data to provide you with a service or product you are requesting through a Caspio business partner. For example, if you sign up for a Caspio account through one of our authorized resellers.
• When we conform to edicts of the law (i) in the event that we believe that the Services are being or have been used to commit unlawful acts; or (ii) if the information is subpoenaed or requested pursuant to any court order or lawful request by public authorities, including to meet national security or law enforcement requirements; provided, however, that, where permitted by applicable law, we shall provide you with email notice, and opportunity to challenge the subpoena/court order, prior to disclosure of any personal information pursuant to a subpoena.
• When you have violated our agreements for the Caspio Services you are using or have used.
• When we act under exigent circumstances to protect the personal safety of our customers or the public.
• If we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Data could be one of the assets transferred to or acquired by a third party.

5. HOW TO ACCESS AND UPDATE YOUR INFORMATION

You have the ability to access, change and delete the Personal Data you submitted when you registered for the Service. If you are a registered Caspio account user, you can access, change and delete your Personal Data at any time by signing into your account and editing your profile (under the Account option). If you are unable to sign into your account, reset your password or contact Caspio Support. Caspio takes steps to verify your identity before granting access to your account or Personal Data.

EUROPEAN PRIVACY RIGHTS

Caspio acknowledges that you have the right to control your Personal Data, as provided by applicable data protection laws, including:

• You can request access, correction, updates, portability and/or deletion of your Personal Data. 
• You have the right to object to Caspio processing your Personal Data and request the processing be restricted. 
• If you have consented to the processing of your Personal Data, you have the right to change your mind at any time, but this will not affect any processing that has already taken place nor will it affect any processing that is required for legal obligations. 
• If we are unable to solve your request to your satisfaction, you have the right to complain to a data protection authority. 

To exercise any of these rights, you can submit your request by contacting us at https://www.caspio.com/contact-caspio-privacy or by mail to Caspio, Inc., Attention: Privacy, 1286 Kifer Road, Suite 107, Sunnyvale, CA 94086 USA. We will respond to your privacy requests within 30 days and notify you of the action(s) we have taken or required steps to fulfill the request. 

Your requests to access, correct, or delete Personal Data may be restricted in certain situations, for example, if fulfilling the request would compromise Personal Data about another individual, or if you ask to delete information which Caspio, Caspio business partners, or Caspio account owners are permitted by law or have compelling legitimate interests to keep. 

If Personal Data pertaining to you as an individual has been submitted to us by a Caspio customer and you wish to exercise any rights you may have to access, correct, or delete such data, please inquire with our customer directly and Caspio will respond to the customer’s request within 30 days. 

CALIFORNIA PRIVACY RIGHTS

California residents may request certain information regarding Caspio’s disclosures in the prior calendar year, if any, of their Personal Data to third parties for their own direct marketing purposes. If you are a California resident, you can make such a request by contacting us at https://www.caspio.com/contact-caspio-privacy. You must clearly state the nature of your California Privacy Rights request and provide sufficient information for us to process your request; at a minimum your name, email address, and California postal address.

YOUR CHOICES

At any time, you can unsubscribe from our marketing emails by accessing our unsubscribe page at https://www.caspio.com/unsubscribe, or by clicking on the “unsubscribe” link located at the bottom of our marketing emails.

We reserve the right to send you account-related communications, such as service announcements and administrative messages, that are considered part of your Caspio Service, and we do not offer you the option to opt out of these messages.

6. INTERNATIONAL DATA TRANSFERS

Because Caspio offices and Services are globally dispersed, we may process information in many countries, and therefore your Personal Data may be transferred to servers located in different geographical areas. Caspio processes information as both a data controller and a data processor, and we take the necessary steps in these distinct capacities to ensure the protection for international transfers in compliance with applicable data protections laws and regulations.

Caspio complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Caspio has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.

Caspio has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

The Federal Trade Commission has jurisdiction over Caspio’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

Caspio uses a limited number of third-party service providers to assist us in providing our services to customers. These third-party providers offer the services outlined previously. These third parties may access, process, or store personal data in the course of providing their services. Caspio maintains contracts with these third parties restricting their access, use and disclosure of personal data in compliance with our Data Privacy Framework obligations, including the onward transfer provisions, and Caspio remains liable if they fail to meet those obligations and we are responsible for the event giving rise to damage.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Caspio commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to JAMS, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit the JAMS DPF page for more information or to file a complaint. The services of JAMS are provided at no cost to you.

7. DATA SECURITY AND INTEGRITY

The security of your Personal Data is important to us. We use robust security measures to protect the Personal Data submitted to us, both during transmission and once it is received. All information transferred within the Caspio Platform Service, customers’ deployed applications, and the Caspio website(s) is automatically served through a secure connection (HTTPS). However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. While Caspio has implemented and will maintain appropriate security measures to protect your Personal Data, we cannot guarantee its absolute security. We use commercially acceptable means to maintain the integrity of your Personal Data and have implemented physical, technical, and administrative safeguards to protect your data from unauthorized access, use, disclosure, and destruction.

8. DATA RETENTION

We retain Personal Data that you provide to us where we have an ongoing legitimate business need to do so (for example, as long as is required in order to contact you about Caspio Services, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements).

We regularly review collected data and set data retention policies in order to delete data in accordance with contractual agreements, legal obligations and applicable data protection laws.

9. CHILDREN AND PRIVACY

Caspio Services are intended for adults. We do not intentionally or knowingly collect Personal Data from children as defined by applicable law, and we request that children not submit any Personal Data to us. If you are aware that your child or any other child is using our Services, please contact us at https://www.caspio.com/contact-caspio-privacy.

10. DO NOT TRACK RESPONSE

Certain web browsers may allow you to enable a “do not track” option that sends signals to the websites you visit indicating that you do not want your online activities tracked. However, some browsers with the “do not track” option selected may still accept cookies. Because there is no industry standard for how companies should respond to “do not track” signal, we do not respond to “do not track” signals at this time. If we do so in the future, we will modify this statement accordingly.

11. MATERIAL CHANGES

We reserve the right to make changes to this statement at any time to reflect changes to our data practices, so please review it frequently. Should we make material changes to the manner in which your Personal Data is processed, we will notify customers via email (sent to the email address specified in the user profile) and also post a notice on our website and Services.

12. CONTACT CASPIO

To comment or ask questions about this Privacy Statement and our data practices, or if you need to update, change or remove your information, contact us at https://www.caspio.com/contact-caspio-privacy or at the address below:

Caspio, Inc.
ATTN: Privacy
1286 Kifer Road, Suite 107,
Sunnyvale, CA 94086 USA
privacy@caspio.com