Privacy Policy

Last updated: January 19, 2022

Rampiva is committed to protecting your privacy. There are various ways that you might interact with Rampiva, and the information you provide when doing so allows us to improve our services.

This Privacy Policy applies to Rampiva Technology Inc. its subsidiaries and affiliates (collectively, “Rampiva,” “we,” “us,” “our”) and covers our processing activities as a data controller.

This website, and our related website (collectively, the “Site”, “Sites”) are owned and operated by Rampiva Technology Inc. The Rampiva Automate, Rampiva Collector, Rampiva Baseline, and other Rampiva software applications are licensed to and operated by third-parties, and Rampiva Portal, and Rampiva License Service is owned and operated by Rampiva Technology Inc. (collectively, the “Application”, “Applications”).

Our privacy policy explains:

  • What information we collect, and why we collect it;
  • How we use that information;
  • How we protect that information;
  • How you can control your information, including accessing, updating and deleting what we store; and
  • How we share information collected.

Information We Collect

Information Voluntarily Provided

We may collect, record, store, and use basic personal information which you voluntarily provide through completing forms on our Site, through questions you send to us, or through other means of communication between you and us. The categories of personal information you provide may include:

  • first and last name;
  • job title and company name;
  • email address;
  • phone number
  • mailing address;
  • password to register with us;
  • your personal or professional interests;
  • any other identifier that permits us to make contact with you.

Information from Site Visits

We may collect, store, and use information about your visits to the Sites and about your computer, tablet, mobile or other device through which you access the Sites. This includes the following information:

  • technical information, including the Internet protocol (IP) address, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, operating system and platform, and geographical location;
  • information about your visits and use of the Site, including the full Uniform Resource Locators (URL), clickstream to, through and from our Site, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), and Site navigation and search terms used.

Information from Application Usage

We may collect, store and use diagnostic information from the usage of the Applications. The type of data in scope depends on the Diagnostic Level configured within the Application. The Diagnostic Level None is only available when using the Application with an offline license file, in an air-gapped environment. When using the Application with a license ID and key, the Diagnostic Level Basic or higher is required.

Diagnostic Level – None

  • N/A

Diagnostic Level – Required

  • Rampiva license details;
  • Application name and version;
  • Related third-party software, such as Nuix Workstation and Nuix Engine, license details, product name and version;
  • Utilization sessions time, duration and volume of data processed through the Application.

Diagnostic Level – Enhanced

  • Data from the Required level;
  • Unique identifiers (UUID) and settings corresponding to objects in the Application, such as Cases, Servers, Resource Pools, Jobs, Users, etc., but not their assigned names or descriptions;
  • Statistical information about the data processed through the Application, such as the count and size of files processed by extension, type, operation, etc., but not the file names or content;

Diagnostic Level – Optional

  • Data from the Enhanced level;
  • Mapping between the unique identifiers and the user-defined names associated to these objects in the Application. The user-defined names are encrypted prior to being sent to us with a key that is stored locally by the Application and is never sent to us by the Application.

All diagnostic data is encrypted using TLS during transfer from the device to the our data management services.

How We Use Information

As a data controller, we will only use your personal information if we have a legal basis for doing so. All processing of your personal data is justified by a “condition” for processing. In the majority of cases, processing will be justified on the basis that it is in our legitimate interests to:

  • respond to your queries and provide any information and materials requested in order to generate and develop business;
  • improve the Site and Application in order to enhance your experience, to facilitate system administration and better our services;
  • market our services and products. For direct marketing sent by email to new contacts (i.e. individuals who we have not previously engaged with), we need your consent to send you unsolicited direct marketing;
  • ensure that any changes to our policies and other terms are communicated to you;
  • continually monitor and improve our services and your experience of the Sites and Applications, and to ensure network security;
  • continually improve our offering and to develop our business;
  • to enforce our EULA, Terms of Service, and Agreements;

We use the personal data we collect to:

  • provide you with information and materials that you request from us.
  • personalize our services and products and the Sites to you.
  • update you on services and products and benefits we offer.
  • send you information regarding changes to our policies, other terms and conditions and other administrative information.
  • administer our Sites including troubleshooting, data analysis, testing, research, statistical and survey purposes; improve our Sites to ensure that consent is presented in the most effective manner for you and your computer, mobile device or other item of hardware through which you access the Sites; and keep our Sites safe and secure.
  • measure or understand the effectiveness of any marketing we provide to you and others, and to deliver relevant marketing to you.
  • enforce the terms and conditions and any contracts entered into with you.

If you do not wish to provide us with your personal data and processing such data is necessary for the performance of a contract with you and to fulfil our contractual obligations to you, we may not be able to perform our obligations under the contract between us. Where you provide consent, you can withdraw your consent at any time and free of charge, but without affecting the lawfulness of processing based on consent before its withdrawal. You can update your details or change your privacy preferences by contacting us through your usual business contact or as provided in “Contacting Us” below.

Updating Your Information and Opting Out

To review, correct, update, delete, object or otherwise limit our use of your personal information that has been provided to us, or request portability and/or details of your personal information that is held by us, please contact us using the contact information listed below in the “Contacting Us” section and clearly describe your request.

If you have registered for an account with us, you can help to ensure that your personal information is accurate and up to date by logging into your account.

You may unsubscribe from marketing communications at any time by clicking the “Unsubscribe” button available at the bottom of any electronic communication we may send to you. You may also unsubscribe from any medium of communication by contacting us using the information set out in the “Contacting Us” section below.

Rampiva as Data Processor

In certain cases, we also operate as a data processor and we collect and process personal information on behalf of our business customers in the provision of our services and products. In these circumstances, Rampiva is acting as a data processor and our business customers remain the data controller in respect of personal information they provide to us.

Our business customers remain the data controllers with respect to any customer information that they provide to us for our provision of services. To the extent that we are acting as data processor, we therefore act in accordance with the instructions of such customers regarding the collection, processing, storage, deletion and transfer of customer information, as well as other matters such as the provision of access to and rectification of customer. We will only use such personal information for the purposes of providing the services and products for which our business customers have engaged us.

Our business customers are responsible for ensuring that these individuals’ privacy is respected, including communicating to the individuals in their own privacy policies who their personal information is being shared with and processed by. Where Rampiva is acting as a data processor, we will refer any request from an individual for access to personal information which we hold about them to our customer. We will not respond directly to the request.

As a data processor, we may share personal information where instructed by our business customer. Where authorized by the business customer, we may also share personal information with third-party service providers who work for us and who are subject to security and confidentiality obligations.

Sub-Processors

We may engage sub-processors to render services to you, which also includes the processing of your data. Third-party services engaged by the Processor as purely supplementary services to facilitate its business activities shall not be considered a sub-contractual relationship (e.g. cleaning services, purely telecommunication services without specific reference to services rendered by the Processor on behalf of the Controller, postal and courier services, transport services, financial services, as well as security services).

We currently use the following sub-processors:

Name

Purpose

Address

Privacy
Policy

Atlassian 

Support
portal

Atlassian
Corporation Plc

Level
6, 341 George Street
Sydney, NSW, 2000, Australia

https://www.atlassian.com/legal/privacy-policy

Amazon
Web Services

Cloud
hosting infrastructure and services

Amazon
Web Services, Inc.

410
Terry Avenue North,
Seattle, WA 98109-5210, USA

https://aws.amazon.com/privacy

Communiteq

Community forum

Communiteq BV

Aalbespad Heerjansdam, 2995TA, Netherlands

https://www.communiteq.com/privacy-policy/

Google

Analytics – User
statistics

Forms – User surveys

Account – User authentication

Google
LLC

1600,
Amphitheatre Parkway,
Mountain View, CA 94043, USA

https://policies.google.com/privacy

LinkedIn

Account – User authentication

LinkedIn Corp

1000 West Maude Avenue Sunnyvale, CA 94085, USA

https://www.linkedin.com/legal/privacy-policy

Mailchimp

Mail
services

The
Rocket Science Group, LLC

675
Ponce de Leon Ave NE,
Suite 5000,
Atlanta, GA 30308, USA

https://mailchimp.com/legal/privacy

Microsoft

Azure – Cloud
hosting infrastructure and services

Account – User Authentication

Microsoft
Corporation

One
Microsoft Way,
Redmond, WA 98052-6399,USA

https://privacy.microsoft.com/en-us/privacystatement

Qualtrics

Customer
experience management

Qualtrics LLC

333 W. River Park Drive, Provo, UT 84604, United States of America

https://www.qualtrics.com/privacy-statement/ 

Salesforce

Customer
relationship management

salesforce.com
inc.

Salesforce
Tower
415 Mission Street, 3rd Floor
San Francisco, CA 94105, USA

https://www.salesforce.com/eu/company/privacy/

Zapier

Integration between various platforms

Zappier Inc.

548 Market St. #62411
San Francisco, CA 94104, USA

https://zapier.com/privacy

Security of Your Personal Data

The security of your personal information is important to us. We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. We use appropriate measures to safeguard personally identifiable information, which measures are appropriate to the type of information maintained, and follow applicable laws regarding the safeguarding of any such information under our control. No method of transmission over the Internet, or method of electronic storage, can be 100% secure. Therefore, we cannot guarantee the absolute security of your information. The Internet by its nature is a public forum, and we encourage you to use caution when disclosing information online. Often, you are in the best situation to protect yourself online. You are responsible for protecting your username and password from third-party access, and for selecting passwords that are secure.

Data Retention: How Long We Keep Your Personal Data

We will retain personal information which we process on behalf of our customers for as long as needed to provide services and products to our customers and in accordance with any agreement in place with our customers. When you contact us, we may keep a record of your communication to help solve any issues that you might be facing. Your information may be retained for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirement.

Your Rights

You may request from us access to, correction of, blocking of and/or deletion of your personal data in line with applicable data protection law. You may also withdraw your consent for us to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. Where your personal data is processed by us with your consent or for the performance of a contract by automated means, we will provide to you, or a third-party you have chosen, your personal data in a structured, commonly used, machine-readable format upon request.

Responding to Requests

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. Also, please note that we may refuse a request for blocking and/or deletion where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise or defence of legal claims.

Use of Cookies, IP Addresses and Aggregate Information

We may collect data in connection with your use of our Sites using small files commonly known as “cookies”. A cookie is a small amount of data which often includes a unique identifier that is sent to your computer or mobile phone (your “device”) from the Sites and is stored on your device’s browser or hard drive. We may also collect data that your browser sends to us, such as your IP address, browser type, location, language, access time and referring website addresses. Such data may be used to analyze trends, to administer the Site, to track your movements around the Site and to gather demographic data about our visitor base as a whole. The data gathered by these cookies is in the form of aggregated anonymous data.

By continuing to browse the Sites, you are agreeing to our use of cookies.

If you don’t want us to use cookies when you use the Sites, you can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it or decline at any time. However, if you block cookies some of the features on the Sites may not function as a result.

You can find more information about how to do manage cookies for all the commonly used internet browsers by visiting allaboutcookies.org. This website will also explain how you can delete cookies which are already stored on your device.

We currently use the following cookies:

Category

Name

Use

Analytic cookies

Google Analytics, MailChimp

These cookies collect data to help us understand
how our visitors use the Sites and how we can improve the Sites

Infrastructure cookies

Cloudflare, Atlassian, Google Account, Google
reCAPTHCAv3, Microsoft, Okta

Third-party cookies used for load balancing,
caching, content management, and third-party authentication

IP Addresses and Aggregate Information

An Internet Protocol (“IP”) address is associated with your computer’s connection to the internet. We may use your IP address to help diagnose problems with our server, to administer the Site and to maintain contact with you as you navigate through the Site. Your computer’s IP address also may be used to provide you with information based upon your navigation through the Site. Aggregate information is used to measure the visitors’ interest in, and use of, various areas of the Site and the various programs that we administer. We will rely upon aggregate information, which is information that does not identify you, such as statistical and navigational information. With this aggregate information, we may undertake statistical and other summary analyses of the visitors’ behaviours and characteristics. Although we may share this aggregate information with third parties, none of this information will allow anyone to identify you, or to determine anything else personal about you.

Links to Third-party Websites and Third-Party Applications

Our Sites may contain links to third-party websites. These third-party websites are operated by companies that are outside of our control, and your activities at those third-party websites will be governed by the policies and practices of those third parties. Rampiva does not in any way endorse or make any representations about such third-party websites and applications. As such, Rampiva is not responsible for the privacy practices or content of such third-party websites and applications that are subject to their own privacy policies. If you choose to access such links, we encourage you to review all third-party site privacy policies before submitting any of your data.

Social Media and Online Engagement

We occasionally use a variety of new technologies and social media options to communicate and interact with customers, potential customers, employees and potential employees. These sites and applications include popular social networking and media sites, open source software communities and more. To better engage the public in ongoing dialog, certain of our businesses use certain third-party platforms including, but not limited to, the Twitter Tweet widget, the Linkedin Share widget, the Reddit Badge widget, Google reCAPTCHA v3 and MailChimp. Third-Party Websites and Applications (TPWA) are Web-based technologies that are not exclusively operated or controlled by us. When interacting on those websites, you may reveal certain personal information to us or to third parties, such as your IP address, user-agent string, browser type, operating system, referral URLs, device information, pages visited, links clicked, user interactions, the requested URL, web browser screenshots, and hardware settings.

Age

We do not sell our services to children and the Site is not intended for or directed at children under the age of 16 years. As such, our Sites are designed for adult user interaction. We do not intentionally collect personally identifiable information from children under the age of 13. If you believe that we may have collected personal information from someone under the age of 16 (or the applicable age of consent) without proper consent, please let us know using the methods described in this policy.

Complaints

If we receive formal written requests or complaints, we will follow up with the party making the request or complaint. To the extent permitted by applicable law, where we would not properly address properly your request, you have the right to lodge a complaint with the competent data protection authority in your locality.

Contacting Us

We have appointed a Data Protection Contact who you can reach out to about any queries you may have in relation to this Privacy Policy. If you have any questions about our Privacy Policy or your information, or to exercise any of your rights as described in this Privacy Policy or under data protection laws, you can contact us as follows:

Rampiva
140 Yonge Street, Suite 200
Toronto ON, M5C 1X6, Canada
Email: privacy@rampiva.com

Changes to This Policy

We may change this privacy policy from time to time. If this privacy policy changes, the revised privacy policy will be posted at the “Privacy Policy” link on the Site’s home page. Please check the privacy policy frequently. Your continued use of the Site and Applications constitutes acceptance of such changes in the privacy policy, except where further steps are required by applicable law. This privacy policy was last updated on the date set out at the top of the policy.