NOTE: This content was last updated on February 6th, 2020.
When a visitor or users visit our Site or use the Services, we may collect the following information:
- Registration and Billing Information: When a visitor to the Site registers to become a user of the Services or requests more information about the Services, we require that the visitor or user provide contact information such as their name, e-mail address and company name and, when applicable, billing information such as billing address and credit card number. We may also ask visitors, users, or prospective users of the Services for additional personal information such as their professional background, technical expertise and plans for using the Service. Users and visitors can choose not to provide this additional information by not entering it when asked.
Log Data and Activity Tracking: Pantheon collects certain information automatically from visitors to the Site and users of the Services, such as Internet addresses, browser types, referring domains, timestamps (time page accessed as well as time spent per web page), as well as the specific pages the visitor has requested. This information is logged to help deliver a better user experience (for example, by displaying personalized content to you based on your interactions with the Site or Services), to diagnose technical problems, to support marketing activities and so that we may better administer the Site and the Services in order to constantly improve the quality of the Site and Services.
In addition to the uses of information already described above, we may also use the information provided to contact users and visitors to further discuss their interest in the Site and the Services, or to send users and visitors information regarding Pantheon or its partners, such as new features, promotions, and events. Any such communications will be sent in accordance with users' and visitors' marketing preferences. Visitors and users can opt-out of receiving such information at any time, by following the instruction to unsubscribe that is included in every communication. We may also email users with service-related information concerning the Services or the Site.
All financial and billing information collected through the Site is used solely to check the qualifications of prospective users and to bill for the Services. This billing information is not used by Pantheon for marketing or promotional purposes.
Data Processed on behalf of Users
Sharing of Information
Pantheon may share users' and visitors' information in the following ways:
- Credit card processing: Pantheon uses a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain, or use Billing Information except for the sole purpose of credit card processing on Pantheon's behalf.
- Third-party services: Pantheon may partner with other parties to provide specific services. If a user registers for these services, we will share names or other contact information that is necessary for the third party to provide these services. These third parties are not allowed to use personal information except for the purpose of providing these services.
- Service providers: From time to time, we may disclose your personal information to organizations that perform services for Pantheon, for example, to host web sites, provide customer support, and similar services. We will share with these companies only the personal information they need to provide the Services. These organizations will be required to agree to use such information solely for the purpose of providing services to Pantheon, under our instructions and to keep that information secure.
- Law enforcement: We may be required under circumstances, to disclose personal information in response to a lawful request by public authorities, the courts, law enforcement, and national security requirements.
- Consent: We may disclose users' and visitors' personal information with third parties where we have consent to do so.
Pantheon uses appropriate administrative, technical, organizational, and physical security measures to protect our users' and visitors' information and data against accidental or unlawful destruction, loss, and alteration, and against unauthorized disclosure and access. We use standard industry practices to protect visitor and user information, including firewalls, SSL encryption, limiting the storage of financial information to a PCI compliant third-party provider, system redundancies, and co-location at a 24/7 secured, controlled environment.
Unfortunately, no data transmission or storage can be guaranteed to be 100% secure. While we strive to protect your personal information, we cannot guarantee the security of the information you transmit to us or host with us using our Services.
Unsubscribe from Marketing
If you receive marketing e-mail messages from us and wish to opt-out of receiving such messages, then you may simply follow the opt-out procedure specified in such e-mail.
Accessing and Updating Contact Information
We encourage our visitors and users to access, update and edit their contact information and keep it current. Users can easily access, correct or update their contact information at any time by logging into the Service and visiting the “account” tab on the dashboard.
Your Data Protection Rights
You have the following data protection rights:
- You have the right to access, correct, update or request deletion of the personal information we collect about you. Please send such requests to firstname.lastname@example.org. You can also make changes to your Pantheon personal or professional profile at any time by logging into the Service – see the heading "Accessing and Updating Contact Information" above.
- You have the right to opt-out of marketing communications we send you at any time. See the heading "Unsubscribe from Marketing" above.
We will acknowledge and respond to all access, correction, update, opt-out and deletion requests within 30-days of receipt. We will respond to all requests from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
In addition, if you reside in the European Economic Area or Switzerland, you also have the following rights:
- You have the right to object to the processing of your personal information, ask us to restrict the processing of your personal information or request portability of your personal information. You can exercise these rights by contacting us at email@example.com.
- If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to the data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available here http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm).
Notice of Changes
International Data Transfers
Visitors' and users' information may be transferred to and processed in, countries other than the country in which they reside. Specifically, Pantheon's Site and Services are hosted on servers located in the United States of America, and our group companies and third-party service providers and partners may operate around the world. This means that when Pantheon collects visitors' and users' information, such information may be processed in any of these countries. For more information about how we transfer visitors' and users' information, please contact firstname.lastname@example.org.
You may direct inquiries or complaints concerning Pantheon's processing of personal information under the Privacy Shield to email@example.com. Pantheon will respond within 30 days. If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request. If you believe that your complaint wasn't resolved by any of these options, you may also have the possibility to engage in binding arbitration through the Privacy Shield Panel. Pantheon is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
In accordance with the Privacy Shield Principles, Pantheon remains liable for any processing of personal data from the EEA or Switzerland by third-party agents acting on our behalf where such processing is inconsistent with the Privacy Shield Principles, unless Pantheon was not responsible for the event giving rise to any alleged damage.
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with the Service you have requested or to comply with applicable legal, tax or accounting requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Legal basis for processing personal information (EEA visitors only)
If you are a visitor from the European Economic Area, Pantheon Systems, Inc. is the controller of your personal information and our legal basis for collecting and using your personal information will depend on the personal information concerned and the specific context in which we collected it.
However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests and fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need personal information to protect your vital interests or those of another.
If we ask you to provide personal information to comply with a legal requirement or to contact you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us at firstname.lastname@example.org.