General Data Protection Regulation (GDPR) Statement
Last Updated: March 14, 2019
The General Data Protection Regulation (GDPR) is a European Union regulation which protects the rights of data subjects in the European Economic Area (EEA), with respect to the processing of their “personal data,” as such term is defined in the GDPR.
Privacy Monitor is a technology-powered privacy solution developed and powered by Osano, Inc., A Public Benefit Corporation (“Osano”). Any personal data collected as a result of using the Privacy Monitor software is being collected by Osano as the controller.
Table of contents:
- What Personal Data is Collected, How is it Collected and Who is It Shared With
- How Long is Personal Data Retained
- Children’s Privacy
- Legal Basis
- Profiling & Direct Marketing
- International Data Transfers
- Access, Rectification, Suppression, and Erasure
- How to Contact Us
- Changes to this GDPR Statement
The Privacy Monitor software is purpose-built not to collect personal data of individuals. Rather, we created it with the goal of helping you better understand who has access to your personal information and how they use it. Here are some of the actions we’ve taken to ensure our compliance with GDPR:
- We limit the personal data we collect to IP address, period
- We have established a legal basis for the processing of that data
- We only retain personal data for a period of 30 days, after which, the data is deleted
What Personal Data is Collected, How is it Collected and Who is It Shared With
How Long is Personal Data Retained
The only personal data collected by the Privacy Monitor software is IP address. The IP address is stored in our log-files for a period of thirty (30) days. After 30 days, it is deleted from our system.
If you contact us directly using the contact information provided on the PrivacyMonitor.com website, we will retain your contact information as long as necessary in order to respond to your inquiry. We may retain copies of these communications for a period of up to twelve months. After that, the communications will be deleted from our system, unless we are required by law to retain it longer.
The Privacy Monitor software was not developed or intended for individuals that are deemed to be children under applicable data protection or privacy laws, nor do we knowingly collect information from children. The personal data collected when using the Privacy Monitor software is limited solely to IP address.
If you are a user of the Privacy Monitor software located in the EEA, we rely on legitimate interest as the legal basis for processing the limited personal data (i.e., limited to IP address) we collect via the software.
Profiling & Direct Marketing
We do not use any personal data for any (i) automated processing, including profiling, or (ii) direct marketing.
International Data Transfers
If you download and use the Privacy Monitor software on a device and are located within the EEA when you use it, we may transfer personal data (i.e., limited to IP address) about you outside of the EEA. When we do, we will ensure that an adequate level of protection is provided for the information by using industry standard encryption at rest and in transit. Visit our Security Statement to learn more about the technical and operational measures we implement.
In connection with the provision of the Privacy Monitor solution, Osano may engage third parties (each a “Subprocessor”) to process your personal data. As a condition of permitting a Subprocessor to process your personal data, Osano will enter into a written agreement with each Subprocessor containing data protection obligations at least as protective as the technical and organizational measures Osano has put into place to protect your personal data from accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access.
|Name||Subprocessing Activity||Country of Origin|
|Amazon Web Services, Inc.||Cloud Service Provider||United States|
Access, Rectification, Suppression, and Erasure
Because the personal data we collect through the Privacy Monitor software is limited to IP address, we are not able to personally identify you or retrieve any information about you for purposes rectification or suppression, or erasure of such information. We will not request or seek to process any additional personal data from you. You may remove/uninstall the Privacy Monitor software from your device at any time to prevent us from receiving any personal data related to you.
How to Contact Us
If you have any questions about this GDPR Statement, you may contact us at this email address: firstname.lastname@example.org, or you can send correspondence to the following address:
Osano, Inc., A Public Benefit Corporation 3800 North Lamar Blvd Suite 200 Austin, TX 78756
If contacting us does not provide you with an adequate resolution and your inquiry is related to information collected about you in the European Union/European Economic Area, please contact the applicable EU Data Protection Authority.
Changes to this GDPR Statement
Please visit this page periodically to stay aware of any changes to this GDPR Statement, which we may update from time to time. If we modify this GDPR Statement, we will make the revised overview available at the URL of this page and indicate the date of the latest revision.