PRIVACY STATEMENT

  1. INTRODUCTION.

Infrascale, Inc. (“Infrascale,” “we,” “us”, “our”) is committed to protecting your privacy.  This Privacy Policy describes Infrascale’s privacy practices and procedures relating to the Backup Data and Service Data Infrascale collects and processes in connection with our website, the data backup and disaster recovery services and products we provide, and our related business practices (collectively referred to as the “Products”).  Where we refer to our customers in this Privacy Policy, we also mean our partners and their customers.

“Backup Data” refers to the data processed, stored, and/or hosted by our customers using Infrascale Products for data backup and/or disaster recovery purposes. 

“Service Data” refers to the personal information we collect or generate during the provision and administration of the Infrascale Products, excluding any Backup Data.  “Service Data” also includes the personal information we collect in connection with (i) our website, (ii) offline collection methods such as Infrascale events, surveys, questionnaires, and the like, (iii) third-party sources, including business partners, ad networks, vendors, and other third-party sources, and (iv) your communications with us, including without limitation as a website visitor, customer, vendor, or prospective employment candidate.

This Privacy Policy summarizes the types of information we collect, how we process it, the circumstances in which we will disclose it, how we safeguard it, gaining access to it, updating or correcting it, and resolving disputes relating to Infrascale’s privacy practices concerning it.

  1. INFORMATION INFRASCALE COLLECTS OR PROCESSES.

Infrascale provides its customers with data backup and disaster recovery solutions that include hardware, software, and cloud-hosted functionality. Our Products help customers maintain business continuity (via backup and disaster recovery) while actively managing the efficiency of data storage. Infrascale Products are, generally, software-as-a-service solutions tied to Infrascale-hosted cloud facilities.  Some are sold as software-only and work on private or public cloud resources.

Infrascale collects and/or processes two categories of information:

    • Backup Data. Infrascale processes Backup Data provided by or on behalf of our customers when using Infrascale Products for the purpose of delivering data backup and/or disaster recovery services and functionality to our customers.  If a customer is using Infrascale’s cloud, Infrascale stores and hosts this Backup Data.
    • Service Data. Infrascale collects Service Data through our interactions with you and through the Infrascale Products. You provide some of this Service Data directly and we obtain some from other sources, including by collecting data about your interactions, use, and experiences with our Products.  Service Data includes:
      • Your communications with us. Infrascale maintains records of your communications and interactions with us, including your contact information. Your interactions may include account and Product-related communications, web forms you submit to us, online chats with our support representatives, and inquiries or submissions regarding employment opportunities. We also collect and maintain information for processing payments for our Products and we keep reasonable business records related to billing and payments.
      • Technical and Operational Details. We automatically collect and store certain types of information about your use of and interaction with our Products and your opening of emails or clicking on links in emails from us. Like many websites, we use “cookies” and other unique identifiers, and we obtain certain types of information when your web browser or device accesses our Products. Examples of the type of information we automatically collect include Internet protocol (IP) address, device and computer/browser information, the location of your device or computer, and identifiers and information contained in cookies. See Section 3 for more information on cookies.
      • Information from Other Sources. We might receive information about you from other sources, including service providers, partners, third-party databases, and publicly available sources. Examples of information we receive from other sources include: marketing, sales demand generation, and recruitment information, including your name, email address, mailing address, phone number, and other contact information; credit history information from credit bureaus; and subscription, support, or other information regarding your use of and interactions with our Products.
  1. COOKIES.

Our website uses cookies and other standard web technology (collectively, “Cookies”) to recognize your browser or device, learn more about your interests, enable our Products to work, recognize you when you sign in to use the Products, conduct research and diagnostics to improve our offerings, prevent fraudulent activity and improve security, and keep track of your preferences (such as your language and configuration preferences).

A “Cookie” is a small data file that we store on your computer. We may use session Cookies (which expire once you close your browser) or persistent Cookies (which remain on your computer for an extended period). We set a persistent Cookie on your computer if you choose “remember me”, so you don’t have to log in to the website each time you visit. In addition, our Products may cause or allow Cookies from third party sites or applications to be saved on your browser or device. Our Privacy Policy does not cover these third-party Cookies because we do not have any control over them. Finally, we may partner with third parties to manage our advertising on other sites or to analyze the use of our Products. More specifically, we may use Google, Microsoft, Facebook, or other providers to place advertisements on different sites across the Internet or to provide analytical data on how you and other users are using our Products. Such third parties may use technologies such as Cookies to gather such information on the other sites you visit to provide you advertising based upon your browsing activities and interests as well as to inform us about how, how often, and to what extent the Products are being used. Our Privacy Policy does not address these third-party Cookies designed for advertising and analytics.

Most web browsers accept Cookies by default but allow users to reject Cookies by changing the browser preferences. If you have set up your browser to reject all Cookies, our Products will not work properly.

Our emails to you use email beacons or tracking pixels. Email beacons and tracking pixels are small electronic images that tell us if an email has been opened and acted upon.

  1. INFRASCALE’S ROLE AS A DATA PROCESSOR.

If a customer uploads Backup Data containing Personally Identifiable Information (as defined below) to Infrascale’s Products, it is the customer that is the data controller with respect to such Personally Identifiable Information. That is, the customer has the direct contact with the individuals whose Personally Identifiable Information was uploaded to the applicable Product.  Customers, as opposed to Infrascale, collect the Personally Identifiable Information from their customers, personnel, or other data subjects. For purposes of this policy, “Personally Identifiable Information” means information that can be used to distinguish or trace an individual’s identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual.

We may process any Personally Identifiable Information contained within the Backup Data, among other Backup Data, when customers use the Products for data backup and/or disaster recovery purposes. When providing the Products, Infrascale processes Backup Data strictly in accordance with the actions or instructions of the applicable customer or as required by law.

As a data processor, with certain exceptions, Infrascale may have an obligation under its agreement with the customer not to disclose or otherwise transfer Backup Data to a third party except to provide the Products or pursuant to the customer’s instructions to us to disclose or transfer such information. Except as set forth herein, Infrascale processes Backup Data solely for the purpose of providing Products to customers.  Infrascale may use third party data processors to assist it in providing the Products to its customers.

  1. USE OF BACKUP DATA AND SERVICE DATA.

We use your Backup Data and Service Data for lawful purposes to operate, provide, develop, and/or improve our Products while also respecting your privacy.

Backup Data. We process Backup Data provided by or on behalf of our customers for the purpose of providing data backup and/or disaster recovery services and functionality to our customers.  Our systems process Backup Data to perform these functions based on the actions and instructions of our customers.  If a customer is using Infrascale’s cloud, Infrascale also stores and hosts the Backup Data.

Service Data. We use your Service Data to operate, provide, develop, and improve Infrascale Products.  Our purposes for using Service Data include:

    • Communicate with You. We use your Service Data to communicate with you regarding Infrascale Products, including via email, online chat, and phone, to provide assistance to assist you, and in the case of employment candidates, to communicate regarding possible employment opportunities at Infrascale.
    • Provide Infrascale Products. We use your Service Data to provide and deliver Infrascale Products and process transactions in connection with Infrascale Products, including subscriptions, purchases, and payments.
    • Maintain and Improve Infrascale Products. We use your Service Data to analyze the performance of, correct errors in, provide support for, develop, and improve Infrascale Products.
    • Personalization. We use your Service Data to personalize your experience with our website and Products and to identify your preferences.
    • Comply with Legal Obligations or Satisfy Requirements. In certain circumstances, we may be legally required to collect, use, disclose, or retain your Service Data when we’re responding to legal process or an enforceable governmental request, or to meet our regulatory, legal, insurance, or financial record-keeping obligations.
    • Marketing. We use your Service Data to market and promote Infrascale Products, provide you with ongoing news, publications, and information, better tailor our marketing activities, and implement and maintain loyalty programs.
    • Fraud and Abuse Prevention. We use your Service Data to detect, prevent, and respond to fraud, abuse, and technical issues and to protect the security of Infrascale, our users, and others.
    • With Your Consent or as Required or Permitted by Law. We may ask for your consent to use your Service Data for other purposes not covered in this Privacy Policy. We may also use your Service Data as required or permitted by law.
  1. HOW INFRASCALE SHARES BACKUP DATA AND SERVICE DATA.

We do not sell or rent Backup Data or Service Data to anyone. Nonetheless, we may sell, transfer, or otherwise share some or all of Infrascale’s assets in connection with a merger, acquisition, reorganization, or sale of assets of our business, or in the event of bankruptcy.  These assets may include Backup Data or Service Data as described in this Privacy Policy.

Service Data may be disclosed to (i) our employees, agents, representatives, advisors, affiliates, and independent contractors, in connection with their performance of services for or on behalf of our customers or website visitors, and (ii) service providers who perform functions on our behalf or provide services to us in connection with our business operations, sales and marketing, information technology, or professional services.  The individuals and entities described in (i) and (ii) above have access to Service Data needed to perform their functions and are not permitted to use it for other purposes.

We may disclose Backup Data or Service Data when required by a subpoena, court order, search warrant, other legal process, legally binding requests by law enforcement agencies, lawful requests by any other public authorities (including to meet national security or law enforcement requirements), or applicable law. Moreover, we may disclose Service Data to the extent necessary to maintain the security of our websites or Products; resolve disputes; enforce or apply our Terms of Use and other agreements; protect the rights, property or safety of Infrascale, our users, or others, or investigate possible misconduct.

Other than as described above, you will receive notice when Service Data about you might be shared with third parties, and you will have an opportunity to choose whether to share the information.

  1. THIRD PARTY HOSTING OF BACKUP DATA AND SERVICE DATA.

We use certain third-party service providers to host and maintain Backup Data that we may receive from you. For example, we may use Amazon Web Services, Google Cloud Platform, and other cloud platform providers to host the Infrascale cloud solutions and to collect and maintain Backup Data processed by our Products.  In addition, we upload certain account-related Service Data to third party service providers to maintain and analyze information about our relationships with our customers and others, undertake Infrascale marketing campaigns, facilitate sales-related activities, and provide customer and technical support.

We enter into agreements with third parties hosting Backup Data and Service Data. These agreements bind such third parties to confidentiality restrictions requiring them to use Backup Data and Service Data only for purposes of delivering their services to us, not to disclose Backup Data without authorization, and to adhere to the kinds of privacy practices summarized in this Privacy Policy.

  1. THIRD PARTY WEBSITES AND SERVICES.

This Privacy Policy does not address, and we are not responsible for, the policies and practices of third parties or other organizations that are not operating on our behalf, including policies and practices related to privacy and security, data collection, processing, use, storage, and disclosure. This includes any third party operating any site or service to which our Products link. Infrascale’s provision of a link to a third- party website or service does not imply endorsement of the linked site or service by us.

  1. HOW INFRASCALE SAFEGUARDS BACKUP DATA AND SERVICE DATA.

We work hard to protect you and Infrascale from unauthorized access, alteration, disclosure, or destruction of information we hold, which includes the following practices:

    • We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and use of Backup Data and Service Data.
    • We restrict access to Backup Data to authorized Infrascale employees, independent contractors, and service providers who perform functions on our behalf or provide services to us in connection with our business operations, information technology, or professional services. The individuals to whom access is granted are required to keep that information confidential and not use it for any other purpose.
    • We restrict access to Service Data to authorized Infrascale employees, agents, representatives, advisors, affiliates, independent contractors, and service providers who perform functions on our behalf or provide services to us in connection with our business operations, sales and marketing, information technology, or professional services. The individuals to whom access is granted are required to keep that information confidential and not use it for any other purpose.
    • We use third party providers for credit card transactions who follow the Payment Card Industry Data Security Standard (PCI DSS) when handling credit card data.
    • Our security procedures mean that we may ask to verify your identity before we disclose Service Data to you.

However, no security procedures or protocols are ever guaranteed to be 100% secure and so we encourage you to take care when disclosing Service Data online and to use readily available tools, such as Internet firewalls, anti-virus and anti-spyware software, and similar technologies to protect yourself online.

  1. YOUR CHOICES REGARDING SERVICE DATA.

We offer you choices regarding the collection, use, and sharing of your Service Data. Depending on your data choices, certain Products may be limited or unavailable.

    • You can opt-out of receiving informational emails (such as newsletters or special offers) by clicking the opt-out or unsubscribe link on any of the communications we send you. As long as you use the Products or remain a customer, you may receive transactional emails (e.g., notices of material changes to this Privacy Policy).
    • You can manage your browser’s Cookies using the tools your browser provides, and you can opt-out of third-party vendor’s use of cookies (including advertising networks like Google and Bing) by visiting the Network Advertising Initiative opt-out page.
    • You may add, update, or delete the information you submitted when registering for or using the Products by contacting our support team using the contact information on the Infrascale Support page. When you update or delete any information, we may keep a copy of the prior version for our records.
    • To the extent required by applicable law, you may have the right to request access to or deletion of your Service Data. Please see Section 11 of this Privacy Policy for more information.
  1. YOUR RIGHT TO ACCESS BACKUP DATA AND SERVICE DATA AND TO MAKE CHANGES.

Backup Data. Infrascale Products provide functionality that allows customers to access and update the Backup Data uploaded by or on behalf of such customers.  Using our Products, customers can view, update, append, correct, and delete Backup Data hosted using Infrascale’s cloud or their own public or private cloud solutions.  Customers requiring assistance accessing and changing such Backup Data via the Products can contact our support team using the contact information on the Infrascale Support page.

Service Data. To the extent required by applicable law, you may have the right to (i) know what Service Data about you is included in our databases and to ensure that such Service Data is accurate and relevant for the purposes for which we collected it, and/or (ii) delete your Service Data.  If you wish to do either of these things, you may do so on our website by completing and submitting the online form at https://infrascale.com/legal/exercise-your-privacy-rights/.  Optionally, you may also email privacy@infrascale.com. Please note that we may be required (by law or otherwise) to keep certain Service Data and not delete it or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements.

Requests for Backup Data or Service Data. We will track each of the following and will provide notice to the appropriate parties under law and contract when either of the following circumstances arises: (i) we receive a legally binding request for disclosure of Backup Data or Service Data by a law enforcement authority unless prohibited by law or regulation, or (ii) we receive a request from you. If we receive a request for access to your Backup Data or Service Data from a third party other than a law enforcement authority, then, unless otherwise required under law or by contract with such third party (and in compliance with this policy), we will not provide any Backup Data or Service Data but will refer you to the third party.

Satisfying Requests for Access, Modifications, and Corrections. Subject to applicable law, we will endeavor to respond in a timely manner to all reasonable written requests to view, modify, or delete Service Data.

  1. RETENTION.

We keep your Backup Data and Service Data to enable your continued use of Products for as long as it is required to fulfill the relevant purposes described in this Privacy Policy, or as may be required by law (including for tax and accounting purposes) or as otherwise communicated to you. Except as expressly provided in this policy, your Backup Data is deleted in accordance with the agreement(s) that govern your use of our Products and Service Data is deleted or anonymized once it is no longer needed. Our retention of Service Data varies depending on the type of information it is and the purpose for its use. Sometimes we need to retain certain information for an extended period for legitimate business or legal purposes. For example, when Infrascale processes your payment, we’ll retain data about the transaction as required for tax or accounting purposes. Other legitimate business or legal purposes that may require us to retain data include security, fraud and abuse prevention, ensuring continuity of our Products, and complying with legal or regulatory requirements.

  1. REGARDING CHILDREN.

Our Products are not directed to individuals under 13 and we do not knowingly collect Service Data from children under 13.

If you become aware that a child has provided us with Service Data, please contact us at privacy@infrascale.com.

If we become aware that a child under 13 has provided us with Service Data, we will take steps to delete such information immediately.

  1. DO NOT TRACK COMPLIANCE.

Our website does not respond to Do Not Track (“DNT”) signals.

We do not track the users of our website across third party websites to provide targeted advertising directly to those websites.

  1. CONTACT INFORMATION AND RESOLVING DISPUTES.

If you would like to discuss this Privacy Policy or provide us with feedback, questions, or concerns regarding our privacy practices, please contact us at privacy@infrascale.com. You may also contact us by writing to:

Infrascale, Inc.
12110 Sunset Hills Road, Suite 600
Reston, VA 20190
United States of America
Attn:  Privacy

If you have a complaint about our privacy practices, you may submit a complaint to us at the above contact information. Our privacy team will investigate your complaint and provide a response.  You will need to provide sufficient information for us to evaluate your complaint and we may ask you to provide additional information as a condition of evaluating your complaint.

If you would like to file a formal request related to erasure or deletion of your Service Data, you can do so on our website by completing and submitting the online form at https://infrascale.com/legal/exercise-your-privacy-rights/.  Optionally, you may also email privacy@infrascale.com.

If you are an individual in the European Union, United Kingdom, Gibraltar and/or Switzerland and have inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), UK Extension to the EU-U.S. DPF (“UK Extension”), and/or Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as applicable (together, “DPF”), please see Section 16 for further options available.

  1. EU-U.S. DPF, UK EXTENSION AND SWISS-U.S. DPF CERTIFICATION.

This Section 16 applies where we process personal data in reliance on the DPF. If there is any conflict between this Section 16 and the remainder of this Privacy Policy, this Section 16 shall govern in respect of personal data processed in reliance on the DPF.

Infrascale complies with the EU-U.S. DPF, the UK Extension, and the Swiss-U.S. DPF as set forth by the U.S. Department of Commerce. Infrascale has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF Principles regarding the processing of personal data received from the EU in reliance on the EU-U.S. DPF and from the UK (and Gibraltar) in reliance on the UK Extension. Infrascale has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. DPF Principles regarding the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Privacy Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, as applicable (together, the “Principles”), the Principles shall govern. To learn more about the DPF program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Our accountability for personal data received from the EU, the UK (and Gibraltar), and/or Switzerland and subsequently transferred to a third party is consistent with the Principles. In particular, we remain responsible for any of your personal data that is shared under the Onward Transfer Principle with third parties for external processing on our behalf, as described elsewhere in this Privacy Policy.

In terms of the Choice Principle specifically:

  • We will only process your personal data in ways that are compatible with the purpose that we collected it for (as set out in the remainder of this Privacy Policy), or for purposes you later authorize. Before we use your personal data for a purpose that is materially different than (i.e. incompatible with) the purpose we collected it for or that you later authorize, we will provide you with the opportunity to opt-out.
  • Where we are controllers of your personal data and transfer your personal data to unaffiliated third-party data controllers that do not act as our agents or service providers and are not performing functions on our behalf, we will do so for the purposes described in this Privacy Policy, and before we do so we will provide you with the opportunity to opt-out.

  • Under certain circumstances, we may be required to disclose your personal data in response to valid requests by public authorities, including to meet national security or law enforcement requirements, or otherwise as required by applicable law. We will only do so in accordance with the DPF Principles.

In compliance with the DPF, we commit to resolve Principles-related complaints about our collection and use of your personal information. EU, UK (and Gibraltar) and/or Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the DPF should first contact us via the details set out in Section 15 above. We also commit to refer unresolved complaints concerning our handling of personal data received in reliance on the DPF to the International Centre for Dispute Resolution (ICDR) of the American Arbitration Association (ICDR-AAA), an alternative dispute resolution provider that Infrascale has designated as its independent recourse mechanism for its DPF participation. The ICDR-AAA is in the United States of America and is used for disputes regarding transfers from the EU, transfers from the UK, and transfers from Switzerland. If you do not receive timely acknowledgment of your complaint from us, or if your complaint is not addressed to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of ICDR-AAA are provided at no cost to you.

In respect of human resources data received in reliance on the DPF in the context of the employment relationship, we commit to cooperate with EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO), the Gibraltar Regulatory Authority (GRA) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and to comply with the advice given by such authorities with regard to unresolved complaints regarding our handing of such human resources data.

You may have the possibility, under certain conditions, to invoke binding arbitration for residual DPF complaints not resolved by any of the other DPF mechanisms. For more information about binding arbitration, please visit https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction.

We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC) in respect of our DPF compliance.

  1. UPDATES TO THE PRIVACY POLICY.

Infrascale may update this Privacy Policy from time to time, so it accurately reflects our practices, our Products, and applicable legal requirements. The “Revision Date” section at the end of this policy states when this Privacy Policy was last amended, and we update this date each time a revision is posted. Any changes to this Privacy Policy will become effective when the updated Privacy Policy is posted. You should check our website regularly to stay informed of our privacy practices. When we change this policy in a material way, a notice will be posted on our website along with the updated Privacy Policy. We will also attempt to contact you via your contact information on file, for example by email, your account dashboard, or some other equivalent method.

  1. NOTICE TO NEVADA RESIDENTS.

Under Nevada SB 220, Nevada residents have the right to opt-out of the sale of their Covered Information (as such term is defined under Nevada law).  As noted above, Infrascale does not sell your information.  However, if you are a Nevada resident, you may submit a request to opt-out of future sales by us by writing to us at privacy@infrascale.com.  We will retain your request in the unlikely event our practices change in the future.  Should your email address change, please submit a new request to privacy@infrascale.com with your new email address.  We reserve the right to take reasonable steps to verify your identity and the authenticity of any request.

  1. NOTICE TO CANADIAN RESIDENTS.

Subject to applicable law, you have the right to:

    • ask whether we hold Service Data about you and request copies of such Service Data and for information about how it is processed;
    • request that inaccurate Service Data is corrected;
    • request deletion of Service Data that is no longer necessary for the purposes underlying the processing, processed based on withdrawn consent, or processed in non-compliance with applicable legal requirements; and
    • lodge a complaint with us regarding our practices related to your Service Data.

If you wish to take any of the above actions, you may complete and submit the online form at https://infrascale.com/legal/exercise-your-privacy-rights/. Optionally, you may also email privacy@infrascale.com.

  1. NOTICE TO AUSTRALIAN RESIDENTS.

The Privacy Act 1988 (Cth) (Privacy Act), which includes the Australian Privacy Principles (APPs), regulates how individuals’ personal information is collected, held, used, and disclosed. The Act provides individuals the right to know why their personal information is being collected, how it will be used, and to whom it will be disclosed, and to ask for access to, or correction of, this information. Infrascale customers are responsible for ensuring that they comply with their obligations under the Privacy Act (including the APPs). If you wish to take any of the above actions, you may complete and submit the online form at https://infrascale.com/legal/exercise-your-privacy-rights/.  Optionally, you may also email privacy@infrascale.com.


Revision Date

Last revised 27 August 2024
© 2021-2024 Infrascale, Inc. All Rights Reserved.

Scroll to Top