In case of processing of the above listed Personal Information, the legal basis for such processing is our legitimate interest in improvements of our services based on the received Personal Information about your usage of our products or services, always to the extent such processing does not conflict with the applicable data privacy laws or your prevailing legitimate interests.
When the telemetry is turned off, the software will provide Mirantis only with personal information that is necessary to provide the selected services, including updates or upgrades of the software.
If you use our software product as a member of an organization (e.g. as an employee of a company for which you word), the decision about the telemetry usage is upon such organization. Please consult the settings of telemetry with your organization.
7. Third Party Recipients of Personal Information
The Personal Information that Mirantis collects and processes may be shared with third party recipients in certain situations, which include sharing with:
the affiliated companies of Mirantis which are involved by Mirantis in certain joint activities;
third parties providing services to Mirantis, such as cloud-based services, providers of telecommunication services or to our financial, legal or other advisors;
third parties that might have legitimate interest in knowing your Personal Information in case of merger, acquisition, reorganizations, sale of part of our business or other corporate change of Mirantis (such as companies acquiring part of our business);
In case of organizing event or webinar with another company on which you participate also with such another company.
8.Security and Retention of the Personal Information
We use industry-standard methods of securing electronic databases of personal information. Except as provided elsewhere in this Privacy Notice, we limit access to personal information in electronic databases to those persons in our organization who have a business need for such access. However, you should know that no website operator, including Mirantis, can fully eliminate security risks associated with Personal Information.
Your privacy is very important to us. However, due to factors beyond our control, we cannot fully ensure that your Personal Information will not be disclosed to third parties other than those mentioned above. For example, we may be legally required to disclose information to the government or third parties under certain circumstances, or third parties may unlawfully intercept or access transmissions or private communications.
We retain the Personal Information of individuals for a commercially reasonable time, whose length depends on the period required by the applicable laws (if any) and the purpose for which the data was collected – for example if you create an account at Mirantis website, we will process your Personal Information until you request deletion of the account or until the account is otherwise deactivated. For more details about retention period in specific case when your Personal Information is processed, please contact us on one of the designated contacts in section 11.
9.EEA and UK Residents – Additional Information
The following section is designed for individuals whose Personal Information is protected by the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”) or the Data Protection, Privacy and Electronic Communications (Amendments etc.) (EU Exit) Regulations 2019 (“UK GDPR).
9.1. Processing outside EEA and UK. Mirantis is a company headquartered in the United States and some of the third parties with which the Personal Information may be shared (as per section 6) operate in countries outside the European Economic Area (EEA) and UK. For this reason, your Personal Information will be processed also in countries that are not subject to an adequacy decision of the European Commission. When we export Personal Information to such countries, we rely on one or more of the available legal instruments such as EU Standard Contractual Clauses or Binding Corporate Rules guaranteed by the company to which the Personal Information is exported in order to ensure adequate level of protection for your Personal Information. For more details about the safeguards in specific case when your Personal Information is processed, please contact us on one of the designated contacts in section 11.
9.2. Your Rights. When GDPR or UK GDPR is applicable, you, as a data subject, have certain rights which include:
right of access to Personal Information processed by us (right of access); right to request rectification of inaccurate Personal Information to have incomplete personal data completed (right to rectification);
right to erasure of your Personal Information in cases specified by the applicable law (right of erasure / right to be forgotten);
right to restriction of processing in cases specified by the applicable law;
right to transfer your Personal Information to you or to another entity (right to data portability);
right to object processing based on automated decision making.
If you wish to exercise any of your rights, please use one of the designated contacts in section 11.