Privacy Policy of Xgrid

Updated October 2023

At Xgrid, Inc. (“Xgrid” or “We”), the protection of your personal data is of particular importance to us. We protect your personal data in accordance with applicable data protection laws as well as this Privacy Policy. We have prepared this Privacy Policy to inform you of the manner in which we collect, use, disclose, and otherwise process the information we may collect about you from:

  • Your use of our Website, located at(https://xgrid.co/). and/or our products and services
  • Your interactions with us online and at in-person events, or
  • Any other circumstances in which we provide you with a copy of this Privacy Policy.

Definitions

Under this Privacy Policy:

Personal data means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, including both processors and controllers. Legal basis means a lawful ground for data processing under the GDPR or similar laws.

Personal Data We Collect

We may collect your personal data when you:

  • Contact us
  • Visit or register with our Website
  • Apply for employment or other positions
  • Subscribe or request to attend our webinars, events or workshops, sign up for our slack channel or blog posts
  • Interact with us on our social media profiles (e.g., Facebook, Twitter, LinkedIn)
  • Provide your personal data to our third party sources, including our service providers
  • Interact with us or our personnel at in-person events.

Personal Data You Provide to Us Directly

We may collect information provided by you directly, including from our Website; from your contacts with us, including through our webpage and on social media.This information may include your first and last name, email address, username, password, job title, phone number, country of residence, company name, payment information, profile picture and any other information provided by you. We may also collect information provided by you in the course of evaluating or engaging you for employment or other positions. This information may include your first and last name, email address, CV, resume, cover letter and any other information provided by you.

Personal Data We Collect through Automated Data Collection Technologies

We may collect information using Automated Data Collection Technologies from your use of our Website and products. This information may include your IP Address, Log Files, Referrer URL, Browser Information, Device Information, and Data and Time of user request, cookies, information reflecting how you searched, browsed, and were directed to the Website, including mouse movement, click, touch, scroll, and keystroke activity, and any other information provided by your use of our Website and products, as further explained in the “Use of Cookies and Other Web Technologies” section below.

Personal Data We Obtain from Third Parties

We may collect information from third party sources such as lead generation companies, data sellers, advertising partners, and Service Providers. This information may include your first and last name, email address, phone number, company name, job title, and country, and other information. he “Use of Cookies and Other Web Technologies” section below.

How We Use Your Personal Data

We may use your personal data:

  • To provide, maintain, and improve our Website, products and services, including for collaboration within the product, to enhance your user experience, and to understand and save your preferences for future visits;
  • To monitor our products’ performance and implement security measures
  • For the performance or preparation of a contract to which you, our customer or service provider are a party
  • To communicate with our customers or clients
  • To establish and maintain our business relationship with you
  • To plan and host events, workshops, and webinars, including to manage our list of attendees
  • To send you marketing and other information about our products, services or offerings, including through our publications and on other websites and/or media channels; To advertise to you on other sites
  • To receive, process, and respond to your feedback, requests or queries through our products, Website, or social media
  • For compliance with our legal obligations and other internal legal compliance purposes
  • To evaluate your employment application and assess you as a candidate
  • For other purposes consistent with the context of the collection of your personal data, or as otherwise disclosed to you prior to the use of your personal data.

Data Sharing

Personal data may be disclosed to third parties in the following circumstances:
Processors, Service Providers and other companies that work with or on behalf of Xgrid Personal data may be disclosed to processors or service providers who act on our behalf in order to process personal data in accordance with the purposes outlined above.

This includes the following categories of service providers:

  • IT service providers
  • Email marketing providers
  • Administrative, billing, operations, and payment operators
  • Cloud and other software service providers

Data access by processors or service providers is protected under our contracts with these entities, which limit the processing purposes. The agreement obliges the service providers to process your personal data only on our behalf and upon our instruction. They are prohibited to pass on your personal data to other parties without permission, unless this is required by law.

We may also share data with entities that are controllers, such as advertising partners, data sellers, and similar companies, in accordance with the “Use of Cookies and Other Web Technologies” Section below and other sections of this Privacy Policy.

Sale of Business

If, in the future, we sell or transfer, or we consider selling or transferring, some or all of our business, shares or assets to a third party, we will disclose your personal data to such third party (whether actual or potential) in connection with the foregoing events. In the event that we are acquired by, or merged with, a third party entity, or in the event of bankruptcy or a comparable event, we reserve the right to transfer, disclose or assign your personal data in connection with the foregoing events.

Legal Purposes

We may share your personal data with regulators, courts or competent authorities, to comply with applicable laws, regulations and rules (including, without limitation, federal, state or local laws), and requests of law enforcement, regulatory and other governmental agencies or if we have a good faith belief that the law requires it, such as in response to a search warrant, subpoena, or other legally valid inquiry, order, or process. We may also disclose information to assist us in collecting a debt, or as necessary to exercise our legal rights or defend claims brought against us.

With Your Consent

We may share your personal data where you have provided your consent to us sharing or transferring your personal data (e.g., where you provide us with marketing consents or opt-in to optional additional services or functionality).

Your Rights

Depending on the circumstances, you may be entitled to exercise some or all of the following rights, Obtain confirmation as to whether or not your personal data is being processed and access to copy of your personal data undergoing processing:

  1. access to and/or duplicates of your personal data retained
  2. receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format
  3. to transmit those personal data to another controller without hindrance from our side; where technically feasible you shall have the right to have the personal data transmitted directly from us to another controller
  4. Request rectification, removal or restriction of your personal data

Where the data processing is based on your consent, refuse to provide and – without impact to data processing activities that have taken place before such withdrawal – withdraw your consent to processing of your personal data at any time Take legal actions in relation to any potential breach of your rights regarding the processing of your personal data, as well as to lodge complaints before the competent data protection regulators

Not to be subject to any automated decision making, including profiling (automatic decisions based on data processing by automatic means, for the purpose of assessing several personal aspects) which produce legal effects on you or affect you with similar significance Further, you may be entitled to object, out of grounds relating to your particular situation, at any time to processing of personal data concerning you, including object to direct marketing and automated individual decision-making including profiling. In this case, please provide us with information about your particular situation. After the assessment of the facts presented by you we will either stop processing your personal data or present you our compelling legitimate grounds for ongoing processing.

You can exercise your rights by submitting a request at priv. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfill your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes, before processing and/or honoring your request. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initial requested, we will address your request to the maximum extent possible, all in accordance with applicable law.

Legal Basis

Where applicable under the GDPR or similar laws, the legal basis for our collection and use of your personal data may include any of the following:

Performance of a contract

We process your personal data as necessary to perform our obligations under any contract with you, such as to provide our Website or services to you or complete transactions.

Consent

We may ask for your consent to use your personal data, including if we need your consent to engage in certain marketing activities. If we obtain your consent as a legal basis for processing, you may withdraw your consent at any time.

Legitimate interests

We have a legitimate interest in using your personal data for our business purposes, including operating, improving, and marketing our business, Website and services. Compliance with a legal obligationWe may need to use your personal data to comply with applicable legal requirements.

Data Storage and Transfers

Where applicable under the GDPR or similar laws, we have implemented appropriate cross-border transfer mechanisms when transferring your personal data to a country outside of your home jurisdiction, including, where relevant, the EU Standard Contractual Clauses.

Interaction With Third Parties

We may link to or otherwise enable you to interact with a third party Website, mobile software applications and products or services that are not owned or controlled by us (each a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services can collect personal data from you. Accordingly, we encourage you to read the terms and conditions and privacy policies of each Third Party Service.

Data Retention

We retain your personal data as long as reasonably necessary for the respective purpose. In determining the criteria by which to retain or dispose of your personal data, we consider the type, sensitivity, context, and purpose of collecting the information. Xgrid may additionally delete your personal data in response to a valid data subject request, as described below.

Security of Your Information

We maintain administrative, technical, and physical safeguards designed to protect against unauthorized access, use, modification, and disclosure of your personal data in our custody and control. No data, on the Internet or otherwise, can be guaranteed to be 100% secure. While we strive to protect your information from unauthorized access, use, or disclosure, Xgrid cannot and does not ensure or warrant the security of your personal data. No Processing for Automated Individual Decision-making Including Profiling We do not knowingly collect or process personal data for automated individual decision-making including profiling.

Use of Cookies and Other Web Technologies If your browser is configured to accept cookies, we may collect non-personally identifiable information passively using “cookies” and “page tags”.

It is Xgrid’s policy to respect your privacy regarding any information we may collect while operating our Website. Please read this policy carefully to understand how we handle and treat your personal data.

Cookies

“Cookies” are small text files that can be placed on your computer or mobile device in order to identify your Web browser and the activities of your computer on the Xgrid Service and other Websites.

We use cookies to personalize your experience on the Xgrid Website (such as dynamically generating content on webpages specifically designed for you), to assist you in using the Xgrid Service (such as saving time by not having to reenter your name each time you use the Xgrid Service), to allow us to statistically monitor how you are using the Xgrid Service so that we can improve our offerings, and to determine the popularity of certain content. By using cookies and page tags together, we are able to improve the Xgrid Service and measure the effectiveness of our advertising and marketing campaigns.

Page Tags

“Page tags,” also known as web beacons or gif tags, are a web technology used to help track Website or email usage information, such as how many times a specific page or email has been viewed. Page tags are invisible to you, and any portion of the Xgrid Service, including content, or email sent on our behalf, may contain page tags.

Do I Have To Accept Them

You do not have to accept cookies to use the Xgrid Website or services. If you reject cookies, certain features or resources of the Xgrid Website may not work properly or at all and you may have a degraded experience.

Although most browsers are initially set to accept cookies, you can change your browser settings to notify you when you receive a cookie or to reject cookies generally. To learn more about how to control privacy settings and cookie management, click the link for your browser below.

  • Microsoft Internet Explorer
  • Mozilla Firefox
  • Google Chrome
  • Apple Safari

To learn more about cookies; how to control, disable or delete them, please visit( http://www.aboutcookies.org). Some third party advertising networks, like Google, allow you to opt out of or customize preferences associated with your internet browsing. For more information on how Google lets you customize these preferences, see their documentation.

All cookies, on our Website and everywhere else on the web, fall into one of five categories:

  • Essential
  • Advertising
  • Analytics & Customization
  • Performance & Functionality
  • Social Networking

You are able to see the specific cookies we use and exercise choices about the types of cookies and other technologies you want to accept by selecting the “Manage Cookie Preferences” section of our website ( https://xgrid.co/). lse on the web, fall into one of five categories:

Log Files

We collect non-personal data through our Internet log files, which record data such as browser types, domain names, and other anonymous statistical data involving the use of the Xgrid services. This information may be used to analyze trends, to administer the Xgrid services, to monitor the use of the Xgrid services, and to gather general demographic information. We may link this information to personal data for these and other purposes such as personalizing your experience on the Xgrid services and evaluating the Xgrid services in general.

Do Not Track (DNT) Settings

We do not currently respond or take any action with respect to web browser “do not track” signals or other mechanisms that provide consumers the ability to exercise choice regarding the collection of personally identifiable information about an individual consumer’s online activities over time and across third-party web sites or online services. We may allow third parties, such as companies that provide us with analytics tools, to collect personally identifiable information about an individual consumer’s online activities over time and across different websites when a consumer uses the Services.

Data Subject Rights

You may be entitled to exercise some or all of the following rights under the CCPA:

  1. Right to Know About Personal Data Collected, Disclosed, or Sold You may have the right to request that we provide certain information to you about our collection and use of your personal data over the past twelve (12) months. Specifically, you may have the right to request disclosure of:
    • The specific pieces of personal data we collected about you
    • The categories of personal data we collected about you
    • The categories of sources from which personal data was collected
    • Our business or commercial purpose for collecting or disclosing personal data, and
    • The categories of third parties with whom we shared personal data.
    • Right to Request Deletion of Personal Data
  2. You may also have the right to request that we delete any of your personal Data that we collected or maintain about you, subject to certain exceptions.
  3. Right to Correct Inaccurate Personal Data You may also have the right to request that we correct inaccurate personal data we maintain.
  4. Right to Non-Discrimination for the Exercise of a Consumer’s Privacy Rights We will not unlawfully discriminate against you for exercising any of your applicable privacy rights.
  5. Right to Opt Out of the Sale or Sharing of your Personal Data Xgrid uses third party cookies and similar technologies to deliver targeted advertisements, also known as data “sharing” and/or “selling” under the CCPA, as further detailed in the “Cookie Policy” section above. You can opt out of these practices by turning off advertising cookies in the “Manage Cookie Preferences” section of our website( https://xgrid.co/).

Exercising Your Rights

You can exercise your rights by submitting a request at isoc@xgrid.co or modifying your cookie preferences on( https://xgrid.co/).

Response Timing and Format

We will make our best effort to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Within ten (10) days of receiving the request, we will confirm receipt and provide information about its verification and processing of the request. Xgrid will maintain records of consumer requests made pursuant to the CCPA as well as our response to said requests for a period of at least twenty-four (24) months.

Updates to This Policy

We may update this Privacy Policy from time to time. If we modify our Privacy Policy, we will post the revised version here, with an updated revision date. You may visit these pages periodically to be aware of and review any such revisions. If we make material changes to our Privacy Policy, we may also notify you by other means prior to the changes taking effect, such as by posting a notice on our Website or sending you a direct notification.

Contact Us

Please feel free to contact us at any time if you have any questions or comments about this Privacy Policy.

Contact our Information Security Team at: isoc@xgrid.io