Last Updated: September 6, 2021
When You access the Platform or to avail certain Services, such as registration and setting up an account with PingSafe, etc. we may ask You to provide Personal Information about yourself for the purposes that are set out in the table below:
For onboarding the members onto the Platform’s systems
For onboarding the members onto the Platform’s systems and to authenticate users during registration or logging in
While most information we collect can be shared at the discretion of the Users, some Personal Information (an indicative list of which is set out above) is required to be shared to enable the User to access certain Services provided on the Platforms. If You do not provide the information required by PingSafe to provide you with a specific service or feature, You may not be able to access such service or feature of the Platforms. We also collect information like your company’s name and email address to register for our Services and send OTPs for verification purposes.
If You send us personal correspondence, such as emails or letters, or if other Users or third parties send us correspondence about Your activities on the Platform, we may collect such information into a file specific to you.
Upon contacting PingSafe, We may also use Your contact information to send you updates regarding our products and inform you about alterations or upgrades to our Services, features, software, other marketing content and functionalities offered by Us, via the Platform. You may opt out of receiving any non-essential communications from us by contacting Our Grievance Officer ( defined below ).
We are committed to keeping all such Sensitive Personal Data or Information safe at all times and ensure that such data/information is only stored in secure servers are digitally encrypted, and provide the highest possible degree of care available under the technology presently in use. PingSafe will not use Your Sensitive Personal Data or Information for any purpose other than for such specific purposes as you have expressly consented to its use.
Apart from the information You provide to us, we may also collect information related to your cloud environment read-only key, Slack access tokens, JIRA access tokens, PagerDuty access tokens, GitHub access tokens, device type, device location browser, internet protocol address, demographic information, SMS read permissions, websites You visit before or after accessing Our Platform and Your activity trends when using the Platform. We use this information for sending alerts and notifications and figuring out data leaks, and to understand Users’ demographics, interests, and behaviour to better understand, protect and serve our users and create anonymous user personas. This information is compiled and analyzed on an aggregated basis.
All information provided by You is stored and retained on secure cloud storage servers and systems of AWS, GCP located in Mumbai region. PingSafe maintains managerial, technical, operational, and physical security practices and procedures to protect data from misuse and unauthorized access, and maintain the accuracy of data ( “Security Practices” ).
Such Security Practices include measures including, but not limited to (i) HTTPS and HSTS for secure connections, (ii) encryption of sensitive data and communication e.g secret keys of a customer (iii) vulnerability disclosure and reward program for external researchers to report security vulnerabilities, that are commensurate to the sensitivity of the information shared by the Users to guard against unauthorized access to the server and systems and information residing on such server and systems. PingSafe’s Security Practice protects against unauthorized access to, or unauthorized alteration, disclosure or destruction of the information. PingSafe’s Security Practices are commensurate to the information assets being protected and with the nature of the business. By using the Platforms, you accept and proceed to use the Platform on the understanding that the Security Practice and procedures as mentioned above, which are designed to protect the information provided by You, are reasonable.
PingSafe has deployed appropriate physical, electronic, and managerial procedures required under the Information Technology (Reasonable security practices and procedures and sensitive personal data or information) Rules, 2011, with a view to safeguard your information and help prevent (i) unauthorized access, (ii) maintain data security and (iii) avoid loss of User information. However, transacting over the internet has inherent risks and absolute security of data when transmitting data online, cannot be guaranteed, therefore, we do not assume any responsibility for any transmission of Your information that is at Your own risk and/or for the disclosure of Your information due to errors in transmission and/or unauthorized acts of third parties.
We will not disclose or transfer any of Your Personal Information or Sensitive Personal Data or Information to any third parties except as explicitly provided in this Policy or where we have Your consent to do so. We will only share Your Personal Information or Sensitive Personal Data or Information with third parties with your consent, and where expressly identified, such in the following circumstances:
We do not keep Your data for longer than is necessary unless we are required to do so under applicable law. We will use Your Personal Information only for so long as is necessary:
You can review, modify, and delete the information You have provided to us at any time by accessing the Platform and/or withdraw Your consent from allowing us to collect, process or transfer Your information by contacting Our Grievance Officer ( See Section VII below ). Please note that if You withdraw Your consent, we may be constrained to withdraw those features, functionalities, services etc. which cannot be provided, without the information You seek to withdraw consent for, or delete from our records. Please note that your requests with respect to your data shall not be complied with if it adversely affects another user, or prejudices such user’s rights.
Your right to withdraw consent relates to any further collection or processing, of your Sensitive Data, however such withdrawal of consent shall not: (i) be retrospective or require the deletion of records required for statutory purposes; or (ii) operate where required for the discharge of ongoing contractual obligations unless the contract under which the Sensitive Data is required to be collected is also terminated with the request for withdrawal of consent to collect such Sensitive Data.
Your data will be erased/deleted when it has served the purpose for which it was being collected and is no longer necessary, where consent has been withdrawn, or where retention of such data is contrary to or prohibited by applicable law.
You have the right to data portability, i.e., you have the right to receive a copy of your personal data in a commonly used and structured, machine-readable format and have it transferred to another service provider or third party after paying us a fee which shall be communicated upon your request.
Our Grievance Officer is accessible between 10AM to 5PM on weekdays (except public holidays) and will address Your queries or grievances within one month from the date of receipt of such queries or grievances.
To the extent You are exercising any of Your rights under applicable law, we will respond as soon as possible, and in any event within 30 days or in accordance with the timeframe permitted under applicable law. You have the right to file a complaint with the Data Protection Authority once constituted, against the refusal to hear a complaint or dissatisfaction in the manner in which the complaint was resolved. We may seek certain information from You (such as Your name and registered contact number or email address) during the grievance redressal or feedback process in order to verify Your identity and establish secure modes of correspondence.
Kindly note that in such the event that you wish to withdraw your consent for us to collect, retain, use, or process your Collected Information, You may not be able to take full advantage of the entire scope of features and Services offered to You which rely on such Collected Information, and we reserve the right not to provide such Services that require the Collected Information to be supplied to us.