Last Updated: 28 August 2018
RUNCLOUD SDN BHD and its Group Companies (collectively, "RunCloud", "us", "we", or "our") operates https://runcloud.io, https://blog.runcloud.io, https://manage.runcloud.io, https://runcloud.news and other subdomain of runcloud.io (the "Sites", "Service" or "Services"). This page informs you ("user", "you", or "your") our policies regarding the collection, use and disclosure of Personal Data ("Personal Data") we receive from users of the Sites. In this Privacy Policy, the term "Personal Data" means data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, our possession, and includes personal data as described in Data Protection Legislation (as defined below).Please read the following carefully. Registering for a RunCloud account ("Your Account"), use of Your Account and accepting the terms of this Privacy Policy indicates that you have reviewed this Privacy Policy and have agreed to be bound by it. You will be required to expressly accept this Privacy Policy before registering Your Account (or before continuing to use the Service).
If you do not agree to these terms you must leave our website immediately.
If you choose to accept this Privacy Policy, we will keep a record of your acceptance in this regard. We will handle your Personal Data in accordance with relevant Data Protection Legislation. “Data Protection Legislation” means the PERSONAL DATA PROTECTION ACT 2010 (Malaysia), the Data Protection Acts 1988 and 2003 and Directive 95/46/EC, General Data Protection Regulation (EU) 2016/679 (“GDPR”) and any other applicable law or regulation relating to the processing of personal data and to privacy (including the E-Privacy Directive), as such legislation shall be amended, revised or replaced from time to time, including California Consumer Privacy Act of 2018 (CCPA).
1. Information Collection And Use
Our Sites collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (“personal information”). In particular, our Sites have collected the following categories of personal information from its consumers within the last twelve (12) months:
Category | Collected |
---|---|
A. Identifiers | Yes |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). | Yes |
C. Protected classification characteristics under California or federal law | No |
D. Commercial information | Yes |
E. Biometric information | No |
F. Internet or other similar network activity | Yes |
G. Geolocation data | Yes |
H. Sensory data | No |
I. Professional or employment-related information | No |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)) | No |
K. Inferences drawn from other personal information | No |
Personal information does not include:
- Publicly available information from government records.
- Deidentified or aggregated consumer information.
- Information excluded from the CCPA’s scope, like:
- health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data;
- personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver’s Privacy Protection Act of 1994.
We obtain the categories of personal information listed above from the following categories of sources as mentioned below.
1.1. Information you provide
1.1.1. Account Registration. When you register for an Account, we may ask for your contact information, including items such as name and email address.
1.1.2. Company Information. When you are using the Sites, we may ask you to provide your company information to allow us to print the correct invoice and receipt for you.
1.1.3. Payment Information. When you add your financial account information to your Account, that information is directed to our third-party payment processor. We do not store your financial account information on our systems. However, we have access to subscriber information through our third-party payment processor (Braintree). Once a user has linked their credit card, the credit card information will be transferred to the stated payment gateway and we will be provided with a token in return. This token will be used for communication with the payment gateway in the future instead of the user's credit card information. Your credit card details are encrypted and securely stored by Braintree to enable us to automatically bill your credit card on a recurring basis. We have no way to retrieve your full Credit Card information including Card Number and CVV/CVC. Braintree's Privacy Policy can be reviewed here.
1.1.4. IP Addresses. When you are using our Sites, you may provide the IP of your server in order for us to provision your server. The IP Address of your server is important to allow us to deliver our Service to you. We also log your IP address once you logged in to our Service, for authentication and providing security measures to you.
1.1.5. Communications. If you contact us directly, we may receive additional information about you such as your name, email address, the contents of the message and/or attachments you may send us, and any other information you may choose to provide. We may also receive a confirmation when you open an email from us.
1.2. Information we collect
1.2.1. Cookies and Other Tracking Technologies. As is true of most websites, we gather certain information automatically and store it in log files and database. In addition, when you use our Sites, we may collect certain information automatically from your device. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, landing page, and referring URL. To collect this information, a cookie may be set on your computer or device when you visit our Sites. Cookies contain a small amount of information that allows our web servers to recognize you. We may also automatically collect information about your use of features of our Sites, about the functionality of our Sites, frequency of visits, and other information related to your interactions with the Sites. We may track your use across different websites and services under us.Please see our Cookie Policy for further information about our use of Cookies and similar technologies
1.2.2. Usage of our Sites. When you use our Sites, we may collect information about your engagement with every function inside our Sites. We use this data to operate the Sites, maintain and improve the performance and utilization of the Sites, develop new features, protect the security and safety of our Sites and our customers, and provide customer support. We also use this data to develop aggregate analysis and business intelligence that enables us to operate, protect, make informed decisions, and report on the performance of our business. Use of this information helps us to create a more user-friendly experience for all visitors and continually improve our service.
1.2.3. Your server's data. When using our service, your server may send some data to our service. This includes current load, memory usage and disk usage. Your server may send notifications to our service when a job has been completed. E.g. your server will send notifications stating that it has successfully created a database. When using the cloud file manager, we pull data from inside your server to our system so that it may be manipulated by yourself via the graphical user interface provided as part of the platform. The pulled data will be immediately removed from our system when you are no longer accessing it.
1.3. Information we received from Third Parties
1.3.1. Third-Party partners. We may use third-party partners information about you to allow us to provide the services that you need from us. This information only includes the information that we need to provide you with our service.
2. How do we use your information?
RunCloud only processes Your Data for the purpose of providing, improving, and ensuring the delivery of the Service, developing new related services to users, and personalising the way our content is presented to you and ensuring that content from our Service is presented in the most effective manner for you and for your computer/device.Specifically, we may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To allow us to better service you in responding to your customer service requests.
- To administer a contest, promotion, survey or other site feature.
- To quickly process your transactions.
- To ask for ratings and reviews of services or products.
- To communicate with you (live chat, email, support ticket or phone inquiries).
- To send you notification including but not limited to Slack, Telegram and Email.
- Helping in a fraud investigation.
- To inform you of service improvements and information that we believe may be of benefit to you and your business.
- For compliance purposes, including enforcing our Terms of Service, or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.
We use cookies to save your time while using our Services, remind us who you are, and track and target User interests in order to provide a customized experience. Cookies also allow us to collect Non-Personally Identifiable Information from you, like which pages you visited and what links you clicked on. Use of this information helps Us to create a more user-friendly experience for all visitors.
3. How do we share and protect your information?
We are fully committed to protecting the security of customer collected Personal Information. To achieve that, we implement the use of various industry-standard security technologies and measures to help to protect your Personal Information from unauthorized access, use, or disclosure which include but are not limited to encrypting any transmission of said information using secure socket layer (SSL), passing of credit card information directly to our PCI compliant Merchant Processor, encryption of any collected credit card information, encryption of passwords and other authentication mechanisms.
We will never ever sell your personal data, or any data that you have given us or we have collected, to any entity.
We may share the information we collect in various ways, including the following:
3.1. Vendors and Service Providers. We may share information with third-party vendors and service providers that provide services on our behalf, such as providing technical support, helping to provide our Sites, for promotional and/or marketing purposes, subscription analysis, and to provide you with information relevant to you such as product announcements, software updates, special offers, or other information.
3.2. Advertising. We may work with third-party advertising partners to show you ads that we think may interest you. These advertising partners may set and access their own cookies, pixel tags, and similar technologies on our Sites, and they may otherwise collect or have access to information about you which they may collect over time and across different online services.
3.3. Analytics. We use analytics provider (Google Analytics) to provide analytics for us. Google Analytics uses cookies to collect non-identifying information.
3.4. A/B Testing. We may use 3rd party tools (may differ from time to time) to help us do A/B testing.
3.5. Law Requirement. We may share your data to authorities (including but not limited to police and banking fraud investigator) if we believe you are committing fraudulent transactions with stolen credit or bank cards.
4. Legal basis for processing personal information
Our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.
However, we will normally collect personal information from you only:
4.1. Where we need the personal information to perform a contract with you.
4.2. Where the processing is in our legitimate interests and not overridden by your rights.
or
4.3. Where we have your consent to do so.
We have a legitimate interest in operating our Services and communicating with you as necessary to provide these Services, for example when responding to your queries, improving our platform, undertaking marketing, or for the purposes of detecting or preventing illegal activities.
In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.
If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
5. Security
The security of your Personal Information is very important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot fully eliminate security risks and guarantee its absolute security.
6. Data Retention
We retain your data as long as you have legitimate business needs with us. We only retain your data to allow us to provide you with our service and will never have any other purposes other than that.
When you request data deletion by deleting your account, we will remove all information about you. We will also request deletion of your data from our vendors and service providers platforms and systems to ensure you have been completely removed from our services.
However, we may keep anonymized transaction details for our financial audit. These transaction details will have no information about you nor your associates.
We may also keep your email address as SHA512 hash when you request your account deletion. This is to prevent future registration with the same email address and thus prevent abuse of our service. Using SHA512 will prevent reversing as it is only a one way function. So, we remain unaware of which emails we have banned.
7. Data Portability
In accordance with Data Protection Legislation, you may ask for an electronic copy of your Personal Data that you have provided to us and which we hold electronically, or for us to provide this directly to another party. This right only applies to Personal Data that you have provided to us – it does not extend to data generated by us. In addition, the right to data portability also only applies where:
7.1 The processing is based on your consent or for the performance of a contract; and
7.2 The processing is carried out by automated means.
8. Your data protection rights under GDPR
8.1. Access, Correct, Update and Delete. You can exercise your rights by contacting us by opening a ticket using the internal support ticket system or contacting us by email.
8.2. Object to process your data. If you wish to object to us processing your data you may stop using our service. We only access and process your data when you are using it.
8.3. Opt-out from marketing. If you wish to opt-out from our marketing email, you can click unsubscribe when you receive our marketing email.
8.4. Consent withdrawal. For all data that you have provided us with your consent, you may withdraw it by changing it to fake data. This data includes your name, email, and company information.
8.5. Complain. You have a statutory right to complain to a data protection authority about how we collect and use your personal information.
9. Your rights under CCPA, for California Residents.
The California Consumer Privacy Act of 2018 (CCPA) provides consumers (California residents) with specific rights regarding their personal information. This section describes your CCPA rights in detail.
9.1 Right of Access
You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you.
- The categories of sources for the personal information we collected about you.
- Our business or commercial purpose for collecting or selling that personal information.
- The categories of third parties with whom we share that personal information.
- The specific pieces of personal information we collected about you
9.2 Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
9.2 Non-Discrimination
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or service.
10. Children's Privacy
RunCloud does not knowingly collect information from children under the age of 13, and children under 13 are prohibited from using our Sites and Services. If you learn that a child has provided us with personal information in violation of this Privacy Policy, you can alert us at [email protected].
11. Information disclosed pursuant to business transfers
Information about our users, including Personal Information, may be disclosed and otherwise transferred to an acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, or in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this Privacy Policy.
12. Information disclosed for our protection and the protection of others
We also reserve the right to access, read, preserve, and disclose any information as we reasonably believe is necessary to (i) satisfy any applicable law, regulation, legal process or governmental request, (ii) enforce this Privacy Policy and our Terms of Service, including investigation of potential violations hereof, (iii) detect, prevent, or otherwise address fraud, security or technical issues, (iv) respond to user support requests, or (v) protect our rights, property or safety, our users and the public. This includes exchanging information with other companies and organizations for fraud protection and spam/malware prevention.
13. Changes To This Privacy Policy
This Privacy Policy is effective as of date of last revision and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
We reserve the right to update or change our Privacy Policy at any time and we encourage you to check this Privacy Policy whenever you use our Service to stay informed. If the changes are significant, we will provide a more prominent notice by adding a notice on our Sites, notification, or by sending you an email notification.
Your continued use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.
14. Contact Us
If you have any questions about this Privacy Policy or you wish to exercise your rights, please do not hesitate to contact us by email at [email protected] or by raising a ticket in the support system.