Quantifai, Inc. dba Metaplane ("Company") is committed to protecting the privacy of visitors of the Metaplane website(s), individuals who register to use the products and services, individuals who register to attend the Company's corporate or other events, and business partners. This Privacy Notice ("Privacy Notice" or "Notice") describes our privacy practices in relation to the use of Metaplane websites (including any customer portal or interactive customer website), its software, services, solutions, tools, and related applications, services, and programs, including attendance of corporate events and research and marketing activities, offered by Metaplane (the "Services") as well as your choices regarding use, access and correction of personal data.
This Privacy Notice is meant to help you understand, among other things, what personal data we collect, why we collect it, and what we do with it.
Metaplane has complied with the EU-US and Swiss-US Privacy Shield Framework; as part of this, we have certified to the US Department of Commerce that we adhere to the Privacy Shield principles of: Notice; Choice; Accountability for Onward Transfer; Security; Data Integrity and Purpose Limitation; Access; and Recourse, Enforcement, and Liability (the "Principles"), with respect to personal data that we process on behalf of our Customers established in the European Union and Switzerland. For more information about our Privacy Shield commitment, refer to the Privacy Shield section below.
You can learn more about Privacy Shield at https://www.privacyshield.gov and see our Privacy Shield self-certification at https://www.privacyshield.gov/list. Metaplane's self-certification to the Privacy Shield is subject to the investigatory and enforcement authority of the Federal Trade Commission.
We collect information from you when you register on our site or fill out a form. Any data we request that is not required will be specified as voluntary or optional. When registering on our site, as appropriate, you may be asked to enter your: name, e-mail address, mailing address or credit card information. You may, however, visit our site anonymously.
The information we may collect includes, without limitation:
Any of the information we collect from you may be used in one of the following ways:
Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow it) that enables the sites or service provider's systems to recognize your browser and capture and remember certain information. If you turn off cookies, you may still access the metaplane.dev site and learn about the product, but using the Metaplane app requires cookies in order to access workflow administration.
For individuals in the European Union, our processing (i.e. use) of your personal data is justified on the following legal bases:
In all cases where legitimate interests is relied upon as a lawful basis, we take steps to ensure that our legitimate interests are not outweighed by any prejudice to your rights and freedoms. This is achieved in a number of ways, including through the application of principles of data minimization and security, and by taking steps to ensure that personal data is only collected or otherwise obtained where it is relevant to the lawful business activities, and where using personal data is reasonably necessary for those activities.
We do not sell, trade, or otherwise transfer your personal information except in accordance with this policy. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
We use sub-processors to provide us with some services that are necessary to provide the features of our website. Those subprocessors and the services they provide are listed below:
If personal data is transferred outside the EU to other Metaplane group companies or to third party service providers, we will take steps to ensure that your personal data receives the same level of protection as if it remained within the EU, including by entering into data transfer agreements, using the European Commission approved Standard Contractual Clauses, or by relying on certification schemes such as the EU - US Privacy Shield. For transfers to other Metaplane group companies in the United States (a country that has not received a decision from the European Commission determining that the United States provides adequate protection to personal data), we have put in place European Commission approved Standard Contractual Clauses, which protect personal data transferred between Metaplane entities. You have a right to obtain details of the mechanism under which your personal data is transferred outside of the EU by contacting firstname.lastname@example.org
Individuals have the right to access the personal data processed about them, subject to applicable law; individuals may request to access their personal data processed by us by emailing us at email@example.com
Subject to applicable law, you may also have some or all of the following rights available to you in respect of your personal data:
In addition to the above rights, under EU data protection law, applicable individuals have the right to object, on grounds relating to your particular situation, at any time to any processing of your personal data for which we have justified on the basis of a legitimate interest, including profiling (as opposed to your consent) or to perform a contract with you. You also have the right to object at any time to any processing of your personal data for direct marketing purposes, including profiling for marketing purposes.
You also have the right to lodge a complaint with your local supervisory authority for data protection.
In relation to all of these rights, please contact us at firstname.lastname@example.org. Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, especially if your request is manifestly unfounded or excessive. We will endeavor to respond to your request within all applicable timeframes.
If you contact us regarding Customer Data for which we are a data processor, we will attempt to refer your request to the relevant Customer, and data controller for your personal data.
We retain your Personal Information for as long as we need to fulfill our Services. In addition, we retain Personal Information after we cease providing Services to you, to the extent necessary to comply with our legal obligations. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.
If you are an EU citizen and you have the following data protection rights:
If you wish to be informed what Personal Data we hold about you, rectify it, or want it to be removed from our systems, please email us at email@example.com.
Because we value your privacy we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act (CalOPPA).
According to CalOPPA we agree to the following:
We encourage EU and Swiss individuals who have questions or complaints about how we process their personal data under Privacy Shield to contact us at firstname.lastname@example.org. We will work to resolve your issue as quickly as possible, but in any event, within 45 days of receipt.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.
If you are an EU or Swiss individual and unable to resolve any complaints through any of the above methods, you may be able to invoke binding arbitration through a Privacy Shield panel, in accordance with the Privacy Shield Framework.
Metaplane processes personal data only on documented instructions from the controller, including with regard to transfers of personal data to a third country or an international organization, unless required to do so by Union or Member State law to which the processor is subject; in such a case, the processor shall inform the controller of that legal requirement before processing, unless that law prohibits such information on important grounds of public interest;
Metaplane ensures that persons authorized to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality;
Metaplane takes Technical and Organizational measures in accordance with Article 32 of the GDPR;
Metaplane respects the conditions referred to in paragraphs 2 and 4 of Article 28.3 of the GDPR for engaging another processor;
Metaplane will use commercially reasonable efforts, insofar as this is possible, for the fulfilment of the controller's obligation to respond to requests for exercising the data subject's rights laid down in Chapter III of the GPDR;
Metaplane assists the controller in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the GDPR taking into account the nature of processing and the information available to the processor;
Metaplane will, at the choice of the controller, which should be exercised via the Service or by emailing the choice to email@example.com, delete or return all the personal data to the controller after the end of the provision of services relating to processing, and will delete existing copies unless Union or Member State law requires storage of the personal data;
Metaplane will make available to the controller all information necessary to demonstrate compliance with the obligations laid down in Article 28.3 of the GDPR and allow for and contribute to audits, including inspections, conducted by the controller or another auditor mandated by the controller.
Law Enforcement or National Security. In accordance with our legal obligations, we may also transfer Customer Data, subject to a lawful request, to public authorities for law enforcement or national security purposes.
Additional Disclosures. We may also disclose Customer Data (including any personal data), where otherwise required by law.
Business Transfers. We may share personal data with third parties in connection with potential or actual sale of our company or any of our assets, or those of any affiliated company, in which case personal data held by us about our users may be one of the transferred assets. Metaplane recognizes potential liability in cases of onward transfer to third parties. Metaplane will not transfer any personal information to a third-party without first ensuring that the third-party adheres to the Privacy Shield principles.
Just-in-Time Disclosures. Additional disclosures or information about processing of personal data related to specific websites, mobile applications, products, services, or programs may be provided to you. These may supplement and/or clarify Metaplane's privacy practices in specific circumstances and provide you with additional choices as to how Metaplane may process your personal data.