Last updated: 27 October 2020
It is very important for us to state, right at the beginning, that we are committed to protecting the privacy of our users, and therefore we put much thought and effort into the design and architecture of our OS Products to ensure we collect only the most minimal amount of data with respect to use of our OS Products. We use this OS Product PP to provide our users with the highest level of transparency and control over the use of their data.
We collect only technical information (e.g. operating system, architecture and error reports) which we do not consider to be personal data as it does not relate to an identified or identifiable natural person, but rather relates to our internally issued installation ID and workspace ID (as further detailed below). However, in some jurisdictions, this kind of consistent identifier, may be considered as Personal Data.
We use the information we collect, only for improving, maintaining, and securing our OS Products, which we consider to be our legitimate interest.
We do not sell or commercially distribute any collected data.
You may at any time disable any collection of data by us by setting the environment variable SALTO_TELEMETRY_DISABLE=1 or otherwise as specified at telemetry.md ("Opt-Out").
This OS Product PP applies only to the information we collect automatically in connection with your use of the OS Products. This information includes Product Data (defined below) and System Data (defined below), which are generally technical and aggregated but may include limited data sets, which in certain jurisdictions may be considered as Personal Data such as IP/MAC address of the user's device and Salto internally issued identifiers.
First - What is Personal Data? "Personal Data" is information that identifies an individual or may with reasonable efforts or together with additional information we have access to, enable the identification of an individual, or may be of a private or sensitive nature relating to an identified or identifiable natural person. Identification of an individual also includes the association of such individual with a persistent identifier such as a name, an identification number, persistent cookie identifier etc. Personal Data does not include information that has been anonymized or aggregated; provided, that, such information can no longer be used to identify a specific natural person. In the course of installing and running our OS Products, we automatically transmit the Product Data and the System Data. You may disable such transmission by setting the environment variable SALTO_TELEMETRY_DISABLE=1 or otherwise as specified at telemetry.md
a. The OS Product automatically transmits to Salto through an internet connection, the following categories of data:
b. The aforementioned categories of System Data and Product Data are processed in a completely anonymized and statistical manner, except that they are associated with the following internally issued identifiers:
Installation ID: this is an identifier issued internally by Salto to refer to your instance of installation of the OS Product. If you uninstall the OS Product and re-install, the new installation will receive a new value that cannot be associated with your previous use of the OS Product.
Workspace ID: this is an identifier issued by the Salto OS Product to refer to a certain set of files it manipulates.
Therefore, data associated with Installation IDs and/or Workspace IDs will be treated as Personal Data.
Legitimate interests : Our legal basis for processing such information with respect to users in the European Economic Area (EEA) is our legitimate interest in performing, improving, maintaining, and securing our OS Products, providing support for users of our OS Products, operating our business efficiently and appropriately and enforcing the OS Product license located at LICENSE hereinafter the "OS Product License Agreement");
Salto uses the Product Data and System Data it obtains from use of the OS Products to improve our Products, support our Customers, support business to business marketing and sales, comply with legal requirements, and for other legitimate business purposes. More information on each category follows:
We may share Product Data and System Data with third parties (or otherwise allow them access to it) only in the following manners and instances:
We do not use any behavioral monitoring and tracking technologies such as pixels, tags, webhooks, cookies, etc.
Product Data and System Data may be transferred to and processed in the USA and in Israel. Please note that USA and Israeli data and privacy laws may not be as comprehensive as those in your country. Residents of certain countries may be subject to additional protections as set forth in Sections 6.1 below.
This Section 6.1 applies only to natural persons residing in the European Economic Area (for the purpose of this section only, "you" or "your" shall be limited accordingly). It is Salto's policy to comply with the EEA's General Data Protection Regulation ("GDPR"). In accordance with the GDPR, we may transfer Product Data and System Data that is Personal Data from your home country to Israel, the U.S. and/or other countries, provided that the transferee has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available. Specifically, we may cause such transfer if we ensured that at least one of the following applies:
We have implemented administrative, technical, and physical safeguards to help prevent unauthorized access, use, or disclosure of your Personal Data. Your data is stored on secure servers and isn't publicly available. We limit access of your information only to those employees or partners on a "need to know" basis, in order to enable the carrying out of the agreement between us.
Despite these measures, Salto cannot eliminate security risks associated with Personal Data, and security breaches may happen. If there are any questions about security, please contact us at email@example.com .
We will retain Product Data and System Data only for as long as necessary to achieve the purposes for collection and processing set forth under section 3.2 above. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.
9.1. If applicable to you under your country's jurisdiction, you may have certain rights in connection with your Personal Data and how we handle it. You can exercise your rights at any time by contacting us via any of the methods set out in the CONTACT US section below. Those rights may include, but are not limited to, the following:
See our California Privacy Rights Statement for information about California Privacy Rights, and other required disclosures, if any.
You can control the Personal Data that we collect about you by:
a. setting the environment variable SALTO_TELEMETRY_DISABLE=1
b. Changing the OS Product configuration as described at - telemetry.md
You must be over the age of 18 to use the OS Products. We do not knowingly collect or solicit Personal Data from anyone under the age of 18. If you believe that we might have any information from or about a minor under the age of 18, please contact us at firstname.lastname@example.org .
If you wish to exercise any of the aforementioned rights, or receive more information, please contact us using the details provided below: