Other Covered Entities
- Information and Communications Technology
- Information Technology Services
- Computer Services
EU-U.S. Privacy Shield Framework: Active
Swiss-U.S. Privacy Shield Framework: Active
Purpose of Data Collection
Our Privacy Shield certification covers Personal Data we collect to market, sell, provision, and manage our products. We are generally considered a controller of such Personal Data. This includes data such as name, address, email, billing information, IP address, and product logging and usage information. We also use such Personal Data to conduct and manage our business, including for internal administrative and analytics purposes, and to comply with our legal and compliance obligations, policies and procedures. We collect and process Personal Data as part of the products and services we offer; we are processors of such Personal Data. We give our customers the ability to use data centers located in the European Economic Area (EEA) for the main processing associated with most of our products. Our Privacy Shield certification covers Personal Data for which we are a processor if we agree with our customer that the processing of such Personal Data is covered by our Privacy Shield certification. Our Privacy Shield certification also covers Personal Data related to technical and administrative support for a Product or its management portal even if the product’s processing takes place in an EEA data center. We may share Personal Data within our family of companies (including parent, subsidiaries and affiliates) for purposes consistent with this Notice. We share certain Personal Data for which we are a controller with third parties whose services we use to help 1) market, sell, provide and support our products; and 2) operate and manage our business. We make sure any third parties with whom we share Personal Data will use the data only for the purpose of providing their services to us, and in a manner consistent with our privacy practices. We assume responsibility for the processing of Personal Data that we transfer to a third party acting as our agent. We remain liable under the Privacy Shield principles if our agent processes such Personal Data in a manner inconsistent with the principles, unless we prove we are not responsible for the event giving rise to the damage. In addition, we may share Personal Data 1) as required by law, such as to comply with a subpoena, warrant, regulatory oversight or similar legal process 2) when we have a good faith belief the disclosure is necessary to prevent or respond to fraud, defend our websites or products against possible attacks, or to protect the safety of persons and property; and 3) in connection with any potential sale, transfer, merger, consolidation or other transaction involving all or part of our company.
This is our Privacy Shield notice.
Questions or Complaints?
If you have a question or complaint regarding the covered data, please contact Datto, Inc. at:
Norwalk, Connecticut 06851
Privacy Shield organizations must respond within 45 days of receiving a complaint.
If you have not received a timely or satisfactory response from Datto, Inc. to your question or complaint, please contact the independent recourse mechanism listed below
NON-HR RECOURSE MECHANISM
Appropriate statutory body with jurisdiction to investigate any claims against Datto, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission