Privacy Policy

Table of Contents

1. Information We Collect
2. How We Use Your Information
3. Disclosure of Your Information
4. Security of Your Information
5. Data Retention
6. Your Data Protection Rights
7. Cookies and Similar Technologies
8. Third-Party Websites
9. Children's Privacy
10. International Data Transfers
11. Changes to This Privacy Policy
12. Contact Us

1. Information We Collect

Personal Data

We may collect personal data that you voluntarily provide to us when you:

• Register for an account
• Submit a contact or request form
• Subscribe to our newsletter
• Request customer support
• Use the interactive features of our website or services

The personal data we collect may include:

• Name
• Email address
• Phone number
• Company name and job title
• Billing information
• IP address and device information

Service Data

When you use our sandbox environment services, we collect certain technical and usage data, including:

• Environment configuration details
• Resource usage metrics
• API access logs
• User activity logs within the platform
• Performance and error data

Automatically Collected Information

When you visit our website or use our services, we automatically collect certain information about your device and browsing actions, including:

• IP address
• Browser type and version
• Operating system
• Referring website
• Pages visited and time spent
• Device information (type, ID, screen size)
• Geographic location (country and city level only)

We collect this information using cookies, web beacons, and similar tracking technologies. For more information, please see our Cookie Policy.

2. How We Use Your Information

We use your personal data for the following purposes and based on the following legal grounds:

Contractual Necessity

• To provide and maintain our services
• To process and complete transactions
• To fulfill our contractual obligations
• To provide customer support and respond to inquiries
• To send service-related communications

Legitimate Interests

• To improve and optimize our website and services
• To analyze usage patterns and trends
• To detect, prevent, and address technical issues
• To protect the security and integrity of our services
• To develop new products, services, and features

Consent

• To send marketing communications
• To provide personalized content and recommendations
• To conduct surveys and collect feedback

Legal Obligation

• To comply with applicable laws and regulations
• To respond to legal requests and prevent harm
• To fulfill tax and accounting obligations

We will not use your personal data for purposes other than those for which it was collected, unless we reasonably consider that we need it for another purpose that is compatible with the original purpose, or we have your consent, or we are required or permitted by law.

3. Disclosure of Your Information

We may share your personal data with the following categories of recipients:

Service Providers

We may share your information with third-party service providers who perform services on our behalf, such as:

• Cloud infrastructure providers
• Payment processors
• Customer support tools
• Analytics providers
• Marketing and communication platforms

These service providers are contractually bound to use personal data only for the purposes of providing services to us and in compliance with applicable data protection laws.

Business Partners

We may share your information with our business partners to offer you certain products, services, or promotions that may be of interest to you. These partners are contractually prohibited from using your personal data for any purpose other than the specific partnership with VaultSandbox.

Corporate Transactions

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of company assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal data.

Legal Requirements

We may disclose your information where we are legally required to do so to comply with applicable law, governmental requests, judicial proceedings, court orders, or legal processes, such as in response to a court order or a subpoena.

Protection of Rights

We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, or as evidence in litigation.

Important Note About Customer Data in Sandbox Environments

The data you store or process within your sandbox environments is considered your data. We do not access, use, or share the content of your sandbox environments except:

• As necessary to provide and maintain the service
• When explicitly requested by you for support purposes
• When required by law
• As specified in our Terms of Service

4. Security of Your Information

We implement appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing, accidental loss, destruction, or damage. These measures include:

• Encryption of data in transit and at rest
• Access controls and authentication mechanisms
• Regular security assessments and penetration testing
• Secure development practices
• Employee training on data protection
• Physical and environmental security controls
• Business continuity and disaster recovery plans

While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security of your data.

If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately using the information provided in the "Contact Us" section.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider:

• The amount, nature, and sensitivity of the personal data
• The potential risk of harm from unauthorized use or disclosure
• The purposes for which we process the data
• Whether we can achieve those purposes through other means
• The applicable legal, regulatory, tax, accounting, or other requirements

In general, we retain customer account data for as long as your account remains active, plus a reasonable period thereafter to handle any follow-up questions or legal obligations. For prospective customers, we retain contact information for up to 24 months from the last interaction.

When personal data is no longer needed, we will securely delete or anonymize it. If this is not possible (for example, because your personal data has been stored in backup archives), we will securely store your personal data and isolate it from any further processing until deletion is possible.

6. Your Data Protection Rights

Under the GDPR and other applicable data protection laws, you have certain rights regarding your personal data. These rights include:

Right to Access

You have the right to request copies of your personal data. We may charge a reasonable fee for additional copies.

Right to Rectification

You have the right to request that we correct any information you believe is inaccurate or incomplete.

Right to Erasure

You have the right to request that we erase your personal data, under certain conditions. This is also known as the "right to be forgotten."

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

Right to Object to Processing

You have the right to object to our processing of your personal data, under certain conditions, particularly for direct marketing purposes.

Right to Data Portability

You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions.

Right to Withdraw Consent

If we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.

To exercise any of these rights, please contact us using the information provided in the "Contact Us" section. We will respond to your request within 30 days. In certain circumstances, we may need to extend this period or charge a reasonable fee based on administrative costs, and we will notify you if this is the case.

You also have the right to lodge a complaint with a supervisory authority. In Latvia, the supervisory authority is the Data State Inspectorate (Datu valsts inspekcija).

7. Cookies and Similar Technologies

We use cookies and similar tracking technologies to track activity on our website and store certain information. Cookies are small data files that are placed on your device when you visit a website.

We use the following types of cookies:

• Necessary cookies: These cookies are essential for the website to function properly and cannot be disabled in our systems.
• Functional cookies: These cookies enable personalized features and functionality.
• Analytics cookies: These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously.
• Marketing cookies: These cookies are used to track visitors across websites to display relevant advertisements.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. However, if you disable or refuse cookies, please note that some parts of our website may become inaccessible or not function properly.

For more information about the cookies we use, please see our Cookie Policy.

8. Third-Party Websites

Our website and services may contain links to third-party websites, plugins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.

We encourage you to read the privacy policy of every website you visit when you leave our website or services.

9. Children's Privacy

Our services are not intended for children under the age of 16, and we do not knowingly collect personal data from children under 16. If we learn that we have collected personal data from a child under 16, we will take steps to delete that information as quickly as possible.

If you believe that we might have any information from or about a child under 16, please contact us using the information provided in the "Contact Us" section.

10. International Data Transfers

We are based in Latvia, a member state of the European Union. However, to provide our services, we may transfer, process, and store your personal data in other countries, including countries outside the European Economic Area (EEA).

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards, including:

• Transferring to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission
• Using specific contracts approved by the European Commission (Standard Contractual Clauses) that give personal data the same protection it has in Europe
• Transferring to providers in the US who are certified under the EU-US Data Privacy Framework

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time in response to changing legal, technical, or business developments. When we update our Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make.

We will obtain your consent to any material changes if and where this is required by applicable data protection laws.

You can see when this Privacy Policy was last updated by checking the "Last updated" date at the top of this page.

12. Contact Us

If you have any questions about this Privacy Policy, our data practices, or your interactions with our website or services, please contact us at:

Our Data Protection Officer can be contacted at dpo@livoniadatalab.com.