have the authority to act on behalf of any person for whom you are using the Product, and
2.3. Apploud refers to any one or more software products that are branded under the Apploud name.
2.4.Cookies are text filesplaced on your computer to collect standard internet log information and visitor behavior information.
2.5.Data means Personal Information and User Data
2.6.Data Subject means an identified or identifiable natural person who is a user of our Product.
2.7.Law means all relevant legal and regulatory requirements applicable to you or us.
2.8.Personal Information means information about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not and whether the information is recorded in a material form or not.
2.11.Supervisory Authority means the authority with the primary responsibility for dealing with the relevant data processing activity.
2.12.Unsolicited Information includes any unsolicited communications by you to the Company.
2.13.User Data means all information collected passively or actively from our Customers that is not Personal Information
3. DATA COLLECTION, SHARING AND USAGE
Our softwares come in two deployment versions to support corresponding variations in - Cloud & Server. Server instances are hosted within your infrastructure, neither we have any control nor any visibility into them.
Apart from your technical contact & billing contact, we do not receive any additional details in the case of Server version of our software. We will only use the technical & billing contacts to initiate product onboarding & to communicate billing information. Thus for the server (or data center or on-premise) version of our software - the responsibility of data security & infrastructure lies with you.
3.2.Collection of personal information
Your personal information is collected in order to provide the best possible experience with our software. Personal information is a broad concept & refers to any data points that can help identify an individual.
For example, your email addresses are collected to send out email notifications related to app features. Without an email address, our products/services will fail to provide you the desired experience. We do not store your email address (received through integration with Atlassian Apps) into our database but are rather stored temporarily until the emails are dispatched. An exception is when you store email address as 'user content'.
Any neutralised (also called anonymised) data does not fall under the purview of personal information. Your personal information is neutralised before being used for analysing product usage patterns.
The software collects your personal information either directly from you or through its integration with Atlassian Apps (like Jira, Jira Service Desk, Confluence, or any other).” without this information, the software may not be able to provide you with the desired functionality.
3.3.Modes of Information Collection
3.3.1. From your Account and profile information
We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases through the Services.
For example, you provide your contact information and, in some cases, billing information, when you register for the Services.
You also have the option of adding a display name, profile photo, job title, and other details to your profile information to be displayed in our Services. We keep track of your preferences when you select settings within the Services
3.3.2. From your use of software
We collect information about you when you provide it to us, when you use our Services, and when other sources provide it to us, as further described below.
126.96.36.199. Log files:
When you interact with the Software, we generate log files to help us operate and improve our Services. Web log files includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences and system configuration information. For our Cloud Services, the information we collect includes the URLs you accessed, usernames as well as elements of content (such as Jira project names, project keys, status names, and JQL filters, and Confluence page titles and space names) as necessary for the Cloud Services to perform the requested operations. Occasionally, we collect Personal Data to information gathered in our log files as necessary to improve our Services for individual customers.
188.8.131.52. Usage Data:
If you create, input, submit, post, upload, transmit, and/or store information (“User Content”) while using our services, your Personal information such as name, email address or other contact information will be associated with that User Content. For example, information regarding a problem you are experiencing with the Software could be submitted to our Support Services or posted in our public forums. Any information, including Personal Information, that you submit to our Websites could be visible to the public unless submitted to a secure area in the Website.
The Services include the products you use, where we collect and store content that you post, send, receive and share. This content includes any information about you that you may choose to include.
3.3.3. Installer Analytics, Software Updates & License Information from Server Version:
During the installation of Software (specifically Server version), the installer sends analytics information to us to understand where in the installation process users are experiencing trouble or dropping out.
3.3.4. Cookies and Other Tracking Technologies:
We use various technologies to collect information, including cookies. Cookies are used to support functionality in our apps to personalize the user experience (e.g. storing layout details from the last time you visited a page).
3.3.5. Payment Information:
We collect payment and billing information when you register for certain paid Services. For example, we ask you to designate a billing representative, including name and contact information, upon registration. You might also provide payment information, such as payment card details, which we collect via secure payment processing services.
3.3.6. Device and Connection Information:
We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you install, access, update, or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience. How much of this information we collect depends on the type and settings of the device you use to access the Services. Server and data center Service administrators can disable collection of this information via the administrator settings or prevent this information from being shared with us by blocking transmission at the local network level.
3.3.7. From other sources
In order to provide you with certain services, we may obtain Personal Information from our third-party service providers to verify and confirm the information you have submitted. For example, if you log into our Software through a third-party service, that service will share your Personal Information with us.
3.3.8. Other Partners:
We receive information about you and your activities on and off the Services from third-party partners, such as advertising and market research partners who provide us with information about your interest in and engagement with, our Services and online advertisements.
3.3.9. Third-Party Providers:
We may receive information about you from third party providers of business information and publicly available sources (like social media platforms), including physical mail addresses, job titles, email addresses, phone numbers, intent data (or user behavior data), IP addresses and social media profiles, for the purposes of targeted advertising of products that may interest you, delivering personalized communications, event promotion, and profiling.
3.4.Sharing/Disclosure of personal information or data
3.4.1. With our third-party service providers:
Some of the services we provide require the involvement of our third-party service providers, such as web hosting providers, application development, maintenance, virtual infrastructure (including storage and backup), communications providers, customer relationship management providers, and software providers. We have carefully selected these third-parties and have taken steps to ensure that your Personal Information is adequately protected. We do not share your Personal Information with third-parties for their marketing purposes (including direct marketing).
3.4.2. Compliance with Laws and Legal Requests:
We may disclose your Personal Information to a third-party if we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request. In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our products and services, (d) protect Atlassian, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person
3.4.3. Protection of Our Services:
We may disclose your Personal Information to a third-party, if we believe it is reasonably necessary to (a) to enforce our agreements, policies and terms of service; (b) to protect the security or integrity of the product and services; (c) to protect our product, our customers or the public from harm or illegal activities; or (d) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.
3.4.4. Business Transfers:
3.4.5. With Your Consent:
We will share your Personal Data with third-parties when we have your consent to do so
3.5. Data retention policy
You agree that we may collect and use technical data and related information, including without limitation, technical information relating to your device, system, and use of the Product(s), that is gathered periodically to facilitate the provision of software updates, product support, marketing efforts and other services and communications to you related to the Products, including providing you with information about services, features, surveys, newsletters, offers, promotions; providing other news or information about us and our select partners; and sending you technical notices, updates, security alerts, and support and administrative messages. We may use this technical data and related information, as long as it is in a form that does not personally identify you, except to the extent necessary to provide you with support, or communications to improve our products or to provide services or technology to you.
4. SECURITY MEASURES
4.1. Third party
4.2. Internal Controls
4.2.1. TRUNDL LABS PRIVATE LIMITED has a strict policy in place to limit the production database access. According to the policy, it is possible to access production database only when requested by a customer/prospect who is evaluating or is facing a problem
184.108.40.206. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that information, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others.
220.127.116.11. If you use our server or data center Services, responsibility for securing storage and access to the information you put into the Services rests with you. We strongly recommend that server or data center users configure SSL to prevent interception of information transmitted over networks and to restrict access to the databases and other storage points used.
4.3. Need to know basis:
5. INCIDENT RESPONSE
Where there has been a security breach, data leakage or Personal Information is lost, destroyed or becomes damaged, corrupted or unusable, we will notify you as soon as practicable.
6. YOUR OBLIGATIONS
You agree and warrant that:
6.1. the processing, including the transfer itself, of Personal Information has been and will continue to be, carried out in accordance with all applicable Laws (and, where applicable, you have notified the Supervisory Authority in your country of such processing);
6.2. all Data that you provide on behalf of a Data Subject has been obtained with the informed consent of the Data Subject;
6.3. you have assessed our security measures as described in clause 4 and believe our security measures ensure a level of security appropriate to the nature of the Data you provide to us
7. ACCESS TO DATA
7.1. Data Subjects have the right to request that we update, correct or, upon request, erase personal Information in our possession. We will endeavour to provide the requested Personal Information within a reasonable time with or without a reasonable Fee.
7.2. If you request a correction to your Personal Information, then we will take reasonable steps to correct that Personal Information within a reasonable time frame.
7.3. To guard against fraudulent requests, we will require information to confirm your identity before granting access or making corrections.
7.4. We may decline to provide a Data Subject with access to Personal Information including where we determine that the information requested may disclose:
7.4.1. the Personal Information of another individual; or
7.4.2. trade secrets or other business confidential information;
7.4.3. is subject to legal professional privilege;
7.4.4. is not readily retrievable and the burden or cost of providing the information would be disproportionate to the nature or value of the information;
7.4.5. does not exist, is not held, or cannot be located by us;
7.4.6. would pose a serious threat to the life, health or safety of any individual, or to public health or safety if it were accessed; or
7.4.7. is not permitted by Law to be accessed.
8.2. When we work with Subprocessors, we seek to provide the Subprocessor with only the information the Subprocessor needs to perform its specific functions.
9. CROSS-BORDER TRANSFER OF DATA
9.1. If you are using our Products in a country other than the India, your communications will result in the transfer of Data across international boundaries. The countries in which recipients of your Personal Information are most likely to be located is India.
9.2. If you provide Personal Information, you acknowledge and agree that Personal Information may be transferred from your current location to the offices and servers of the Company and Subprocessors located primarily in India.
We warrant that:
10.1. you may withdraw your consent for us to process your Data at any time at which time the process under clause 13 will be followed;
10.5. we will implement and maintain appropriate technical and organisation measures to meet the requirements of the GDPR. This does not alter your own obligations under these legal regimes;
10.6. we will only use your Data for the purposes for which it is provided by you;
10.7. we will not sell or otherwise redistribute to third parties the Data we collect from you;
10.8. we will promptly notify you of:
10.8.1. any legally binding request for disclosure of the Data by a law enforcement authority unless otherwise prohibited, such as a prohibition under criminal law to preserve the confidentiality of a law enforcement investigation;
10.8.2. any unauthorised access to or disclosure of Personal Information or any circumstances that are likely to give rise to such unauthorised access or disclosure, where there is a likely risk of serious harm to any Data Subject as a result of the unauthorised access or disclosure; and
10.8.3. any request received directly from one of your customers or a Data Subject, without responding to that request, unless we have been otherwise authorised by you to do so;
10.9. we will deal promptly and properly with all inquiries from you relating to the processing of your Data and we will abide by the advice of any Supervisory Authority with regard to the processing of the Data transferred; and
On termination, you will have the choice of having all Data transferred to you or the Data being destroyed, unless Laws imposed on us prevents us from returning or destroying all or part of the Data. If we cannot return or destroy the Data, we warrant that we will guarantee the confidentiality of the Data and will not actively process the Data after termination.
13. AUDIT OF MEASURES
13.1. Where you are required by a Supervisory Authority to demonstrate compliance with privacy obligations, we allow and contribute to audits, including inspections.
13.2. We will submit our data processing facilities for an audit of the measures referred to in clause 13.1 at the request of you and/or the Supervisory Authority.
13.3. We will promptly inform you of the existence of any Laws that prevent us from being audited.
14. UNSOLICITED INFORMATION
You agree to submit any dispute arising out of your use of the products to the exclusive jurisdiction of India.
You agree that the resolution for any dispute or conflicts will be in accordance with the laws including but not limited to data protection laws of the Republic of India.
16. MAKING A COMPLAINT
You are entitled to lodge a complaint about our treatment of your Data with the relevant Supervisory Authority.
Before lodging a complaint with any Supervisory Authority, we encourage you to first attempt to resolve the complaint by contacting us using the details below. We will respond to your complaint within 30 days.