Privacy Policy

This Privacy Policy (‘Policy’) has been adopted by the board of directors (‘Board’) of Flowgear (‘Company’) and is based on, inter alia, the provisions of privacy laws in the jurisdictions in which the Company does or expects to do business or may be deemed to be doing business.

Effective Date This Privacy Policy will be effective as at May 23, 2018 for all new users and users in EU and EEA member countries. For all other users, this Privacy Policy will be effective on June 23, 2018.
Last Modified 14 May 2018

1.

Preamble

1.1. The following additional documentation referenced in this policy
1.1.1. Master Services Agreement concluded between Customer and Flowgear
1.1.2. Cookie Policy
1.1.3. Third Party Processing
1.1.4. Domain Registration Services Privacy Policy Addendum
1.1.5. Data Processing Addendum

2.

Interpretation

2.1. “Customer” or “You” means any party from whom we collect personal information;
2.2. “Users” means collectively, our customers and visitors who use our websites, products and services;

3.

About us

3.1. Flowgear and our subsidiaries (“we” or “us”) are a leading provider of cloud technology services. We care about protecting the personal information of our Users.
3.2. This privacy policy provides details about how personal information is collected, shared and used by us. To learn more about the Flowgear corporate family, visit: https://www.flowgear.net. For questions about this privacy policy or the practices described herein, you may contact privacy@flowgear.net or PO Box 2174, Parklands, 2121, Johannesburg South Africa.
3.3. The Master Services Agreement and the Data Processing Addendum referenced in the preamble to this policy govern the processing of personal data by Flowgear on behalf of its customers as a data processor.
3.4. For the purposes of the European Union’s General Data Protection Regulation 2016/679, or GDPR, this policy governs Flowgear and its subsidiaries in their capacity as the data controller when Flowgear is not processing personal data on behalf its customers in terms of 3.3 above.

4.

Information covered by this policy

4.1. This privacy policy covers personal information, including any information we collect, use and share from you, as described further below. This privacy policy applies to all websites in the Flowgear corporate family, our products and services (collectively, the “Services”). This privacy policy does not cover how our Users may use or share data that they collect using our services.
4.2. When you purchase a Service from us, your personal information will be collected, used, and shared consistent with the provisions of this privacy policy as well as the following addendums related to specific products and services offered by Flowgear, which are a part of this privacy policy:
4.2.1. Addendum for Users who purchased Domain Registration services is described in the Domain Registration Services Privacy Policy Addendum referenced in the preamble to this policy;

5.

Information we collect from you

5.1. During your use of the Services, we obtain the following information about you as described below. We collect this data for the purposes described under “How we Use Your Information” in paragraph 6 .
5.2. Signing Up for Services; User Information
5.2.1. Information you provide prior to any registration process, such as your email when you provide it to us;
5.2.2. Information that you provide during any registration process, including in connection with a co-branded offer (such as your name, company name, email address, phone number, billing address or credit card information, geographic location and industry), when you call or email us (for support or otherwise) or when you use our products or services; and
5.2.3. Payment information that you provide to us (by way of our Services or otherwise) when you purchase some of our products and services, including credit card data.
5.3. Use of Services, Website Visits and Support
5.3.1. Data relating to your online activity on our websites with respect to our Services, including the following:
5.3.1.1. IP address;
5.3.1.2. browser type and version;
5.3.1.3. geographic location;
5.3.1.4. pages you view;
5.3.1.5. how you got to our Services and any links you click on to leave our Services;
5.3.1.6. when you update your information, communicate with us, or order new Services;
5.3.1.7. metadata about your use and your contacts’ use of our Services and your emails you send (including clicks and opens);
5.3.1.8. your interactions with any videos we offer;
5.3.1.9. issues you encounter requiring our support or assistance;
5.3.1.10. any device or other method of communication you use to interact with the Services;
5.3.2. We store this data we collect in a variety of places within our infrastructure, including system log files, back end databases and analytics systems.
5.3.3. Your telephone conversations with us (which we may monitor or record).
5.4. Social Media
5.4.1. Information from third party social networking sites, including information that social networking sites provide to us if you use your credentials at such social networking sites to log into some of our Services (such as your name and email address to pre-populate our sign-up form).
5.4.2. The information you allow us to access varies by social networking site and depends on the level of privacy settings you have in place at the social networking site. You can control and find out more about these privacy settings at the applicable social networking site.
5.5. Other Sources
5.5.1. Information you provide to us at seminars or to our partners;
5.5.2. Information you provide to us in surveys;
5.5.3. Information that is publicly available; and
5.5.4. Information you consent to us receiving from third parties.

6.

How we use your information

6.1. We have a legitimate interest in running a successful and efficient business and in providing you with Services and useful content, and we use the information we collect, both on its own and combined with any other information we collect about you, for the following purposes:
6.1.1. To provide the requested Services to you;
6.1.2. To provide you with useful content;
6.1.3. To ensure the proper functioning of our Services
6.1.4. To offer and improve our Services;
6.1.5. To provide you with requested information or technical support
6.1.6. To facilitate your movement through our websites or your use of our Services;
6.1.7. To do a better job of advertising and marketing our Services (our use of your information to do this is performed with your consent where required by applicable law);
6.1.8. To advertise and market third party products and services (such advertisement is only performed with your permission where your consent is required by applicable law)
6.1.9. To diagnose problems with our servers or our Services;
6.1.10. In connection with our security and compliance programs;
6.1.11. To administer our websites;
6.1.12. To communicate with you;
6.1.13. To target prospective customers with our products or services (such targeting is only performed with your permission where your consent is required by applicable law);
6.1.14. To assist us in offering you a personalised experience or otherwise tailor our Services to you; and
6.1.15. As otherwise described in this privacy policy.
6.2. We also use the information we receive in aggregated and anonymised formats to produce reports on trends and statistics, such as mobile search trends, email open rates by industry, campaign best practices or the number of users that have been exposed to, or clicked on, our websites or evaluated or purchased our products and services.
6.3. Payment information that you provide to us, including credit card data, will only be used to facilitate payment for our products and services.
6.4. We also use recorded telephone conversations for quality control purposes, to train our employees and for our own protection.

7.

Sharing of information

7.1. As further described below, we will only share certain personal information with:
7.1.1. other members of the Endurance corporate family;
7.1.2. our partners;
7.1.3. third party service providers and vendors;
7.1.4. in connection with a sale, merger, acquisition or corporate reorganization;
7.1.5. authorized users within your organization; and
7.1.6. for legal reasons.
7.2. Further information about the third parties with whom we share personal information is available, the most recent of which is referenced in the pre-amble of this policy.
7.3. Sharing with the Flowgear corporate family
7.3.1. We share personal information with other members of the Flowgear corporate family to allow our corporate affiliates to contact you with offers, services or products that may be of interest to you and to provide you with their products and services. Any such corporate affiliate may use your information only according to the terms of this privacy policy. If you are located in a jurisdiction where such sharing requires your permission, we will only do so with your consent.
7.4. Sharing with partners
7.4.1. When we share personal information with certain third-party partners, including marketing and advertising partners, that information includes your name, email address and other information enabling partners to:
7.4.2. assist you in using our products and services;
7.4.3. contact you with offers, services or products that may be of interest to you, and
7.4.4. provide you with their products or services.
7.4.5. If you are located in a jurisdiction where such sharing requires your permission, we will only do so with your consent. Please note that if you access our services through a tool that hides your location, such as through a virtual private network, you may not receive our request for permission because we were not able to identify you as being located in a jurisdiction where your permission is required.
7.4.6. Further, our partners are prohibited from using your contact information for any purpose beyond those set forth above without your consent. We will not provide our partners with your credit card information. Further information about certain partners we share personal information with is included in the Third-Party Data Controllers and Sub-Processors document referenced in the preamble to this policy.
7.4.7. In the event we collect information from you in connection with an offer that is jointly presented by us and a partner, we will let you know who is collecting the information and whose privacy policy applies, as well as any options you may have regarding use of your information.
7.5. Sharing with third party service providers and vendors
7.5.1. Occasionally, we enter into contracts with carefully selected third parties so that they can assist us in servicing you (for example, providing you with customer service, fraud detection and deterrence or access to advertising assets and providing us with information technology and storage services) or to assist us in our own marketing and advertising activities (including providing us with analytic information and search engine optimization services). Our contracts with such third parties prohibit them from using any of your personal information for any purpose beyond the purpose for which it was shared.
7.5.2. If you purchase a product or service from a third party through one of our brands, we will pass your personal information to such third party in order for them to fulfill your order.
7.5.3. We also share non-personal information with certain third parties, including the media, industry observers, marketing and advertising partners, vendors, customers, potential customers or partners. For example, we disclose mobile search trends, email open rates by industry, campaign best practices or the number of users that have been exposed to, or clicked on, our websites or evaluated or purchased our products and services.
7.6. Corporate reorganizations
7.6.1. If we are involved in a merger, acquisition, a sale of all or a substantial portion of our assets, or other similar sale transaction, your information will be transferred as part of that transaction. We will notify you by email and/or a prominent notice on our website of any such transfer and any choices you may have regarding your information.
7.7. Authorised users
7.7.1. All users authorised by you to have access to your account can view personal information stored in the account. A primary account holder can view personal information saved in subaccounts to which they have authorised access. We share information about authorised users only for legitimate purposes consistent with this privacy policy, including servicing your account and marketing products and services to you.
7.8. Legal process
7.8.1. Lastly, if legally required to do so, or if we have a good faith belief that such disclosure is reasonably necessary, we may disclose your personal information to courts of law, law enforcement authorities and other relevant third parties, such as internet service providers, to conduct an investigation, respond to a third party or law enforcement subpoena or court order, bring legal action, prevent harm to others or pursue other relief when you or a third party are or may be:
7.8.1.1. violating our terms and conditions of use;
7.8.1.2. causing injury or other harm to, or otherwise violating the property or other legal rights, of us, other users, or third parties; or
7.8.1.3. violating federal, state, local, or other applicable law.
7.8.2. This disclosure can include transferring your information to the U.S. and other countries outside the European Economic Area. To the extent we are legally permitted to do so, it is our policy to notify you in the event that we are required to provide your personal information to third parties in connection with a subpoena or summons.

8.

Security of your information

8.1. The measures we take
8.1.1. We are committed to industry best practice when it comes to preventing loss, misuse, alteration, unauthorised access, or unlawful or unnecessary processing of the information we collect. For example, we:
8.1.1.1. make use of encryption technology as appropriate;
8.1.1.2. use appropriate network access control technology to limit access to the systems on which collected information is stored;
8.1.1.3. monitor for possible vulnerabilities and attacks.
8.1.2. Unfortunately, we cannot guarantee that the technical, physical and organizational measures we take will prevent every security threat nor can we guarantee that your personal information will not be improperly accessed, used, altered or destroyed. We will notify you if we discover there has been a material breach of security, which resulted in an unauthorized disclosure of your personal information.
8.2. The steps you should take
8.2.1. To help maintain the security of information you provide to us or you store on our hosted systems, please follow these rules:
8.2.1.1. Keep your passwords private;
8.2.1.2. If you’re already a customer, remember that you’re responsible for making sure no unauthorized person has access to your passwords and account details. You should promptly notify us if you need to deactivate your login or change your password. You should also implement appropriate security measures for the data you store on the hosted system;
8.2.1.3. Remember, when you use online tools such as our forums, community sites or social networking sites, the content you upload to them will be public. If you don’t want the content you upload to be seen by the rest of the world, please don’t post it!

9.

Tracking technologies and online advertising

9.1. We use cookies, web beacons, pixels, tags, scripts and other similar technologies in the course of our business. Information about the technologies we use, why we use them (for example, in connection with online advertising), and how you can control them can be found in our Cookie Policy referenced in the preamble to this policy.

10.

Choice/opt-out

10.1. Marketing communications from us
10.1.1. Email
10.1.1.1. You always have the opportunity to opt out of our marketing communications with you or change your preferences by following a link in the footer of all non-transactional email messages from us or by emailing us at privacy@flowgear.net. Some communications from us are considered transactional or service communications (for example, important account notifications and billing information), and your account(s) for Flowgear products and services are provided to you upon the condition that you receive these communications from us. You must cancel your account(s) for Flowgear products and services, as applicable, if you do not wish to receive any transactional or service communications. To cancel your Flowgear account(s), please follow the instructions found in the terms of service for the applicable Flowgear service. You may still receive marketing communications from us even after you cancel your account unless you also opt-out of our marketing communications, as described above.
10.1.2. Phone
10.1.2.1. We may contact you by telephone, with your consent where applicable, for marketing purposes (including by automatic dialer and/or prerecorded message). If you do not want to receive marketing calls, please contact customer support at the brand from which you purchased your Services. You do not need to agree to receive automated marketing phone calls or texts from us to use the Services.
10.2. Cookies
10.2.1. For information about how to manage and opt out from cookies, please visit our Cookie Policy.
10.3. Information from third parties
10.3.1. To manage the information, we receive about you from a social networking site or other third parties (if applicable), you will need to follow the instructions from that party for updating your information and changing your privacy settings, where available. The information we collect is covered by this privacy policy and the information the third-party collects is subject to such third party’s privacy practices. Privacy choices you have made on any third-party site will not apply to our use of the information we have collected directly through our Services.
10.4. Unauthorised accounts
10.4.1. If an account or profile was created without your knowledge or authorization, please contact customer support at the brand on which the account or profile is located to request removal of the account or profile.

11.

Retention of personal information

11.1. We retain your personal information to provide services to you and as otherwise necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We will retain your personal information for no more than seven years following the later of (i) the date on which you terminate your use of the Services or (ii) as long as needed to fulfil the purpose for which personal information was originally collected, or (iii) May 25, 2018, unless we are otherwise required by law or regulation to retain your personal information for longer.
11.2. Access
11.2.1. You have the right to know whether we process personal information about you, and if we do, to access data we hold about you and certain information about how we use it and who we share it with.
11.3. Portability
11.3.1. You have the right to receive a subset of the personal information you provide us if we process it on the legal bases of our contract with you or with your consent in a structured, commonly used and machine-readable format and a right to request that we transfer such personal information to another party. If you wish for us to transfer the personal information to another party, please ensure you detail that party and note that we can only do so where it is technically feasible. We are not responsible for the security of the personal information or its processing once received by the third party.
11.4. Correction
11.4.1. You have the right to require us to correct any personal information held about you that is inaccurate and have incomplete data completed. Where you request correction, please explain in detail why you believe the personal information we hold about you to be inaccurate or incomplete so that we can assess whether a correction is required. Please note that while we assess whether the personal information we hold about you is inaccurate or incomplete, you may exercise your right to restrict our processing of the applicable data as described below.
11.5. Erasure
11.5.1. You may request that we erase the personal information we hold about you in the following circumstances:
11.5.1.1. where you believe it is no longer necessary for us to hold the personal information;
11.5.1.2. we are processing it based on your consent and you wish to withdraw your consent;
11.5.1.3. we are processing your data based on our legitimate interest and you object to such processing;
11.5.1.4. you no longer wish us to use your data to send you marketing; or
11.5.1.5. you believe we are unlawfully processing your data.
11.5.2. Please provide as much detail as possible on your reasons for the request to assist us in determining whether you have a valid basis for erasure.
11.6. Restriction of processing to storage only
11.6.1. You have a right to require us to stop processing the personal information we hold about you other than for storage purposes in the following circumstances:
11.6.1.1. You believe the personal information is not accurate for the period it takes for us to verify whether the data is accurate;
11.6.1.2. We wish to erase the personal information as the processing we are doing is unlawful, but you want us to simply restrict the use of that data;
11.6.1.3. We no longer need the personal information for the purposes of the processing, but you require us to retain the data for the establishment, exercise or defense of legal claims; or
11.6.1.4. You have objected to us processing personal information we hold about you based on our legitimate interest and you wish us to stop processing the personal information while we determine whether there is an overriding interest in us retaining such personal information.
11.7. Objection
11.7.1. You have the right to object to our processing of data about you and we will consider your request. Please provide us with detail as to your reasoning so that we can assess whether there is a compelling overriding interest in us continuing to process such data or we need to process it in relation to legal claims.
11.7.2. You also have the right, at any time, to object to our processing of data about you in order to send you marketing, including where we build profiles for such purposes and we will stop processing the data for that purpose.
11.8. Withdrawal of consent
11.8.1. Where you have provided your consent to us processing your personal data, you can withdraw your consent at any time by contacting our Data Protection Officer at privacy@flowgear.net.

12.

Third party links and information collection and use by our users

12.1. Some of our Services provide links to other websites. Because we do not control the information policies or practices of these third-party sites, you should review their privacy policies to learn about how they collect and use personal information.
12.1.1. You may also log in to some of our Services using sign-in services such as Facebook Connect or an Open ID provider. These services will authenticate your identity and provide you with the option to share certain personal information with us, such as your name and email address to pre-populate our sign-up form. For example, if you take advantage of certain of our social media features, such as the Facebook Like button, and widgets, such as the “Share This” button or interactive mini-programs that run on our site, the applicable social networking sites may collect your IP address, which page you are visiting on our websites and may set a cookie to enable it to function properly.

13.

Children

13.1. Our Services are not directed to persons under 18. We do not knowingly collect personal information from children under 18. If a parent or guardian becomes aware that his or her child has provided us with personal information without such parent or guardian’s consent, he or she should contact us. If we become aware that a child under 18 has provided us with personal information, we will delete such information from our files.

14.

Data transfer

14.1. In order for us to provide the Services to you, your personal information will be transferred to, and stored at/processed in the South Africa. Your personal data is also processed by staff operating outside the European Economic Area (EEA), who work for us or for one of our suppliers. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this policy.
14.2. For transfers of personal information within the Flowgear corporate family, such transfer will be under the Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decision 2004/915/EC and 2010/87/EU.
14.3. For transfers of data to third parties, such transfers will either (i) be under the Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decision 2004/915/EC and 2010/87/EU; or (ii) rely on the EU-US Privacy Shield Framework.
14.4. You can contact the Data Protection Officer listed below to obtain a copy of the data transfer agreement or more information regarding the relevant safeguard we put in place.

15.

Personal information of our customers’ clients

15.1. Our customers use the Service to host, transmit or process data on our hosted systems, which may include your personal information (“Customer Data”). In these situations, it is our customers rather than us who decide the reasons for which the Customer Data is collected and otherwise processed. Flowgear will not review, share, distribute, nor reference any such Customer Data except as provided in the agreement that we have in place with the customer, or as may be required by law. Nothing contained in this Privacy Policy shall be construed to alter specific terms and conditions applicable to the Services. Our customers remain responsible for personal information that they collect and process and for compliance with applicable data protection laws.
15.2. Our customers are responsible for maintaining the security and confidentiality of their accounts and access to the hosted systems and encrypting any personal information they store on or transmit to/from our hosted system.
15.3. For details of how the Customer Data will be used and protected, and details of how to access or correct it, amend or delete inaccuracies please refer to the privacy policy of the relevant Flowgear customer to which you submitted your personal information. If requested to remove your personal data, we will inform our customer within a reasonable timeframe.
15.4. Flowgear provides its services under the direction of its customers and has no direct relationship with the individuals whose personal data our customers process. If you are a client of one of our customers and would no longer like to be contacted by one of our customers that use our service, please contact the customer that you interact with directly.
15.5. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our customers

16.

Complaints

16.1. In the event that you wish to make a complaint about how we process your personal information, please contact our Data Protection Officer at privacy@flowgear.net and we will try to deal with your request.

17.

Notification of changes

17.1. We reserve the right to modify this privacy policy at any time, so please review it frequently. If we decide to change this privacy policy in any material way, we will notify you here, by email, or by means of a notice on www.flowgear.net or the website of the Flowgear product or service you use prior to the change becoming effective. In all cases, your continued use of any Services constitutes acceptance to any such changes and may set a cookie to enable it to function properly.