PRIVACY POLICY

  1. INTRODUCTION.

SOS Online Backup (as defined below and also referred to herein as “we,” “us”, “our”) is committed to protecting your privacy.  This Privacy Policy describes our privacy practices and procedures relating to the Backup Data and Service Data we collect and process in connection with our website, the data backup, archiving, and failover services and products we provide, and our related business practices (collectively referred to as the “Service Offerings”).

“Backup Data” refers to the data processed, stored, and/or hosted by our customers using SOS Online Backup Service Offerings for data backup, archiving, and/or failover purposes. “Service Data” refers to the personal information we collect or generate during the provision and administration of the Service Offerings, excluding any Backup Data.  

“Service Data” also includes the personal information we collect in connection with (i) our website, (ii) offline collection methods such as events offered by Infrascale, Inc. (referred to herein as ”SOS Online Backup”), surveys, questionnaires, and the like, (iii) third-party sources, including business partners, ad networks, vendors, and other third-party sources, and (iv) your communications with us, including without limitation as a website visitor, customer, vendor, or prospective employment candidate. This Privacy Policy summarizes the types of information we collect, how we process it, the circumstances in which we will disclose it, how we safeguard it, gaining access to it, updating or correcting it, and resolving disputes relating to our privacy practices concerning it.

  1. INFORMATION SOS ONLINE BACKUP COLLECTS OR PROCESSES.

SOS Online Backup provides its customers with data backup, archiving, and failover solutions that include hardware, software and cloud-hosted functionality. Our solutions help customers maintain business continuity while actively managing the efficiency of data storage. Our Service Offerings are software-as-a-service solutions tied to SOS Online Backup-hosted cloud facilities.  Some are sold as software-only and work on private or public cloud resources. SOS Online Backup collects and/or processes two categories of information:
    1. Backup Data. SOS Online Backup processes Backup Data provided by or on behalf of our customers when using the Service Offerings for the purpose of delivering data backup, archiving, and/or failover services and functionality to our customers. If a customer is using SOS Online Backup’s cloud, we also store and host this Backup Data.
    2. Service Data. SOS Online Backup collects Service Data through our interactions with you and through the SOS Online Backup Service Offerings. You provide some of this Service Data directly and we obtain some from other sources, including by collecting data about your interactions, use, and experiences with the Service Offerings.  Service Data includes:
      • Your communications with us. SOS Online Backup maintains records of your communications and interactions with us, including your contact information. Your interactions may include account and product-related communications, web forms you submit to us, online chats with our support representatives, and inquiries or submissions regarding employment opportunities with us. We also collect and maintain information for processing payments for the Service Offerings and we keep reasonable business records related to billing and payments.
      • Technical and Operational Details. We automatically collect and store certain types of information about your use of and interaction with the Service Offerings and your opening of emails or clicking on links in emails from us. Like many websites, we use "cookies" and other unique identifiers, and we obtain certain types of information when your web browser or device accesses the Service Offerings. Examples of the type of information we automatically collect include Internet protocol (IP) address, device and computer/browser information, the location of your device or computer, and identifiers and information contained in cookies. See Section 3 for more information on cookies.
      • Information from Other Sources. We might receive information about you from other sources, including service providers, partners, third-party databases, and publicly available sources. Examples of information we receive from other sources include marketing, sales demand generation, and recruitment information, including your name, email address, mailing address, phone number, and other contact information; credit history information from credit bureaus; and subscription, support, or other information regarding your use of and interactions with the Service Offerings.

  1. COOKIES.

Our website uses cookies and other standard web technology (collectively, “Cookies”) to recognize your browser or device, learn more about your interests, enable the Service Offerings to work, recognize you when you sign in to use the Service Offerings, conduct research and diagnostics to improve our offerings, prevent fraudulent activity and improve security, and keep track of your preferences (such as your language and configuration preferences). 

 A “Cookie” is a small data file that we store on your computer. We may use session Cookies (which expire once you close your browser) or persistent Cookies (which remain on your computer for an extended period of time). We set a persistent Cookie on your computer if you choose “remember me”, so you don’t have to log in to the website each time you visit. In addition, the Service Offerings may cause or allow Cookies from third party sites or applications to be saved on your browser or device. Our Privacy Policy does not cover these third party Cookies because we do not have any control over them. Finally, we may partner with third parties to manage our advertising on other sites or to analyze the use of the Service Offerings. More specifically, we may use Google, Microsoft, Facebook, or other providers to place advertisements on different sites across the Internet or to provide analytical data on how you and other users are using the Service Offerings. Such third parties may use technologies such as Cookies to gather such information on the other sites you visit in order to provide you advertising based upon your browsing activities and interests as well as to inform us about how, how often, and to what extent the Service Offerings are being used. Our Privacy Policy does not address these third party Cookies designed for advertising and analytics. Most web browsers accept Cookies by default but allow users to reject Cookies by changing the browser preferences. If you have set up your browser to reject all Cookies, the Service Offerings will not work properly. 

 Our emails to you use email beacons or tracking pixels. Email beacons and tracking pixels are small electronic images that tell us if an email has been opened and acted upon.

  1. SOS ONLINE BACKUP’S ROLE AS A DATA PROCESSOR.

If a customer uploads Backup Data containing Personally Identifiable Information (as defined below) to the Service Offerings, it is the customer that is the data controller with respect to such Personally Identifiable Information. That is, the customer has the direct contact with the individuals whose Personally Identifiable Information was uploaded to the applicable Service Offering.  Customers, as opposed to SOS Online Backup, collect the Personally Identifiable Information from their customers, personnel, or other data subjects. For purposes of this policy, “Personally Identifiable Information” means information that can be used to distinguish or trace an individual's identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual.

We may process any Personally Identifiable Information contained within the Backup Data, among other Backup Data, when customers use the Service Offerings for data backup, archiving, and/or failover purposes. When providing the Service Offerings, SOS Online Backup processes Backup Data strictly in accordance with the actions or instructions of the applicable customer or as required by law.

As a data processor, with certain exceptions, SOS Online Backup may have an obligation under its agreement with the customer not to disclose or otherwise transfer Backup Data to a third party except to provide the Service Offerings or pursuant to the customer’s instructions to us to disclose or transfer such information. Except as set forth herein, SOS Online Backup processes Backup Data solely for the purpose of providing Service Offerings to customers.  SOS Online Backup may use third party data processors to assist it in providing the Service Offerings to its customers.

  1. USE OF BACKUP DATA AND SERVICE DATA.

We use your Backup Data and Service Data for lawful purposes to operate, provide, develop, and/or improve the Service Offerings while also respecting your privacy.

Backup Data. We process Backup Data provided by or on behalf of our customers for the purpose of providing data backup, archiving, and/or failover services and functionality to our customers.  Our systems process Backup Data to perform these functions based on the actions and instructions of our customers.  If a customer is using SOS Online Backup’s cloud, we also store and host the Backup Data.

Service Data. We use your Service Data to operate, provide, develop, and improve SOS Online Backup Service Offerings.  Our purposes for using Service Data include:

    1. Communicate with You. We use your Service Data to communicate with you regarding SOS Online Backup Service Offerings, including via email, online chat, and phone, to provide assistance to you, and in the case of employment candidates, to communicate regarding possible employment opportunities with us.
    2. Provide SOS Online Backup Service Offerings. We use your Service Data to provide and deliver SOS Online Backup Service Offerings and process transactions in connection with Service Offerings, including subscriptions, purchases, and payments.
    3. Maintain and Improve SOS Online Backup Service Offerings. We use your Service Data to analyze the performance of, correct errors in, provide support for, develop, and improve SOS Online Backup Service Offerings.
    4. Personalization. We use your Service Data to personalize your experience with our website and Service Offerings and to identify your preferences.
    5. Comply with Legal Obligations or Satisfy Requirements. In certain circumstances, we may be legally required to collect, use, disclose, or retain your Service Data when we’re responding to legal process or an enforceable governmental request, or to meet our regulatory, legal, insurance, or financial record-keeping obligations.
    6. Marketing. We use your Service Data to market and promote SOS Online Backup Service Offerings, provide you with ongoing news, publications, and information, better tailor our marketing activities, and implement and maintain loyalty programs.
    7. Fraud and Abuse Prevention. We use your Service Data to detect, prevent, and respond to fraud, abuse, and technical issues and to protect the security of SOS Online Backup, our users, and others.
    8. With Your Consent or as Required or Permitted by Law. We may ask for your consent to use your Service Data for other purposes not covered in this Privacy Policy. We may also use your Service Data as required or permitted by law.

  1. HOW SOS ONLINE BACKUP SHARES BACKUP DATA AND SERVICE DATA.

We do not sell or rent Backup Data or Service Data to anyone. Nonetheless, we may sell, transfer, or otherwise share some or all of the assets comprising our business in connection with a merger, acquisition, reorganization, or sale of assets of our business, or in the event of bankruptcy.  These assets may include Backup Data or Service Data as described in this Privacy Policy.

Service Data may be disclosed to (i) our employees, agents, representatives, advisors, affiliates, and independent contractors, in connection with their performance of services for or on behalf of our customers or website visitors, and (ii) service providers who perform functions on our behalf or provide services to us in connection with our business operations, sales and marketing, information technology, or professional services.  The individuals and entities described in (i) and (ii) above have access to Service Data needed to perform their functions and are not permitted to use it for other purposes.

We may disclose Backup Data or Service Data when required by a subpoena, court order, search warrant, other legal process, legally binding requests by law enforcement agencies, or applicable law. Moreover, we may disclose Service Data to the extent necessary to maintain the security of our websites or Service Offerings; resolve disputes; enforce or apply our Terms of Use and other agreements; protect the rights, property or safety of SOS Online Backup, our users, or others, or investigate possible misconduct. Other than as described above, you will receive notice when Service Data about you might be shared with third parties and you will have an opportunity to choose whether to share the information.

  1. THIRD PARTY HOSTING OF BACKUP DATA AND SERVICE DATA.

We use certain third party service providers to host and maintain Backup Data that we may receive from you. For example, we may use Amazon Web Services, Google Cloud Platform, and other cloud platform providers to host the SOS Online Backup cloud solutions and to collect and maintain Backup Data processed by the Service Offerings.  In addition, we upload certain account-related Service Data to third party service providers to maintain and analyze information about our relationships with our customers and others, undertake SOS Online Backup marketing campaigns, facilitate sales-related activities, and provide customer and technical support.

We enter into agreements with third parties hosting Backup Data and Service Data. These agreements bind such third parties to confidentiality restrictions requiring them to use Backup Data and Service Data only for purposes of delivering their services to us, not to disclose Backup Data without authorization, and to adhere to the kinds of privacy practices summarized in this Privacy Policy.

  1. THIRD PARTY WEBSITES AND SERVICES.

This Privacy Policy does not address, and we are not responsible for, the policies and practices of third parties or other organizations that are not operating on our behalf, including policies and practices related to privacy and security, data collection, processing, use, storage, and disclosure. This includes any third party operating any site or service to which the Service Offerings link. SOS Online Backup’s provision of a link to a third party website or service does not imply endorsement of the linked site or service by us.

  1. HOW SOS ONLINE BACKUP SAFEGUARDS BACKUP DATA AND SERVICE DATA.

We work hard to protect you and SOS Online Backup from unauthorized access, alteration, disclosure, or destruction of information we hold, which includes the following practices:
    1. We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and use of Backup Data and Service Data.
    2. We restrict access to Backup Data to our authorized employees, independent contractors, and service providers who perform functions on our behalf or provide services to us in connection with our business operations, information technology, or professional services. The individuals to whom access is granted are required to keep that information confidential and not use it for any other purpose.
    3. We restrict access to Service Data to our authorized employees, agents, representatives, advisors, affiliates, independent contractors, and service providers who perform functions on our behalf or provide services to us in connection with our business operations, sales and marketing, information technology, or professional services. The individuals to whom access is granted are required to keep that information confidential and not use it for any other purpose.
    4. We use third party providers for credit card transactions who follow the Payment Card Industry Data Security Standard (PCI DSS) when handling credit card data.
    5. Our security procedures mean that we may ask to verify your identity before we disclose Service Data to you.
However, no security procedures or protocols are ever guaranteed to be 100% secure so we encourage you to take care when disclosing Service Data online and to use readily available tools, such as Internet firewalls, anti-virus and anti-spyware software, and similar technologies to protect yourself online.

  1. YOUR CHOICES REGARDING SERVICE DATA.

We offer you choices regarding the collection, use, and sharing of your Service Data. Depending on your data choices, certain Service Offerings may be limited or unavailable.
    1. You can opt-out of receiving informational emails (such as newsletters or special offers) by clicking the opt-out or unsubscribe link on any of the communications we send you. As long as you use the Service Offerings or remain a customer, you may receive transactional emails (e.g., notices of material changes to this Privacy Policy).
    2. You can manage your browser’s Cookies using the tools your browser provides, and you can opt-out of third-party vendor’s use of cookies (including advertising networks like Google and Bing) by visiting the Network Advertising Initiative opt-out page.
    3. You may add, update, or delete the information you submitted when registering for or using the Service Offerings by contacting our support team using the contact information on the SOS Online Backup Support page. When you update or delete any information, we may keep a copy of the prior version for our records.
    4. To the extent required by applicable law, you may have the right to request access to or deletion of your Service Data. Please see Section 11 of this Privacy Policy for more information.

  1. YOUR RIGHT TO ACCESS BACKUP DATA AND SERVICE DATA AND TO MAKE CHANGES.

Backup Data. SOS Online Backup Service Offerings provide functionality that allows customers to access and update the Backup Data uploaded by or on behalf of such customers.  Using the Service Offerings, customers can view, update, append, correct, and delete Backup Data hosted using SOS Online Backup’s cloud or their own public or private cloud solutions.  Customers requiring assistance accessing and changing such Backup Data via the Service Offerings can contact our support team using the contact information on the SOS Online Backup Support page.

Service Data. To the extent required by applicable law, you may have the right to (i) know what Service Data about you is included in our databases and to ensure that such Service Data is accurate and relevant for the purposes for which we collected it, and/or (ii) delete your Service Data.  If you wish to do either of these things, you may submit a request by emailing privacy@sosonlinebackup.com. Please note that we may be required (by law or otherwise) to keep certain Service Data and not delete it or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements.

Requests for Backup Data or Service Data. We will track each of the following and will provide notice to the appropriate parties under law and contract when either of the following circumstances arises: (i) we receive a legally binding request for disclosure of Backup Data or Service Data by a law enforcement authority unless prohibited by law or regulation, or (ii) we receive a request from you. If we receive a request for access to your Backup Data or Service Data from a third party other than a law enforcement authority, then, unless otherwise required under law or by contract with such third party (and in compliance with this policy), we will not provide any Backup Data or Service Data but will refer you to the third party.

Satisfying Requests for Access, Modifications, and Corrections. Subject to applicable law, we will endeavor to respond in a timely manner to all reasonable written requests to view, modify, or delete Service Data.

  1. RETENTION.

We keep your Backup Data and Service Data to enable your continued use of Service Offerings for as long as it is required in order to fulfill the relevant purposes described in this Privacy Policy, or as may be required by law (including for tax and accounting purposes) or as otherwise communicated to you. Except as expressly provided in this policy, your Backup Data is deleted in accordance with the agreement(s) that govern your use of the Service Offerings and Service Data is deleted or anonymized once it is no longer needed. Our retention of Service Data varies depending on the type of information it is and the purpose for its use. Sometimes we need to retain certain information for an extended period of time for legitimate business or legal purposes. For example, when we process your payment, we’ll retain data about the transaction as required for tax or accounting purposes. Other legitimate business or legal purposes that may require us to retain data include security, fraud and abuse prevention, ensuring continuity of the Service Offerings, and complying with legal or regulatory requirements.

  1. REGARDING CHILDREN.

The Service Offerings are not directed to individuals under 13 and we do not knowingly collect Service Data from children under 13.

If you become aware that a child has provided us with Service Data, please contact us at privacy@sosonlinebackup.com.

If we become aware that a child under 13 has provided us with Service Data, we will take steps to delete such information immediately.

  1. DO NOT TRACK COMPLIANCE.

Our website does not respond to Do Not Track (“DNT”) signals.

We do not track the users of our website across third party websites to provide targeted advertising directly to those websites.

  1. CONTACT INFORMATION AND RESOLVING DISPUTES.

If you would like to discuss this Privacy Policy or provide us with feedback, questions, or concerns regarding our privacy practices, please contact us at privacy@sosonlinebackup.com. You may also contact us by writing to:

SOS Online Backup
12110 Sunset Hills Road, Suite 600
Reston, VA 20190
United States of America
Attn:  Privacy

If you have a complaint about our privacy practices, you may submit a complaint to us at the above contact information. Our privacy team will look into your complaint and provide a response.  You will need to provide sufficient information for us to evaluate your complaint and we may ask you to provide additional information as a condition of evaluating your complaint.

If you would like to file a formal request related to erasure or deletion of your Service Data, you may do so by emailing privacy@sosonlinebackup.com.

If you do not believe that your complaint or dispute has been resolved and you are a European or Swiss individual, you may contact the International Centre for Dispute Resolution (ICDR) of the American Arbitration Association (ICDR-AAA) at: http://go.adr.org/privacyshield.  As set forth above, SOS Online Backup has designated ICDR-AAA as its independent recourse mechanism for its participation in the EU-US and Swiss-US Privacy Shield Programs.  ICDR-AAA will provide independent dispute resolution services to resolve complaints or disputes about our privacy practices.  Procedures for contacting ICDR-AAA and filing a claim are linked to the website listed above.

  1. EU-US AND SWISS-US PRIVACY SHIELD CERTIFICATION.

While the EU-US and Swiss-US Privacy Shield Frameworks may no longer be used or relied upon for transfer of personal information, SOS Online Backup continues to comply with all EU-US Privacy Shield Framework and Swiss-US Privacy Shield Framework obligations. Doing so demonstrates our firm commitment to protect personal information in accordance with a set of privacy principles that offer meaningful privacy protections and recourse for EU individuals. We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability.

The Privacy Shield applies to all personal data that is subject to this Privacy Policy and received from the European Union, the United Kingdom, and Switzerland. We adhere to the Privacy Shield Principles in respect of such personal data. If there is any conflict between the policies in this Privacy Policy and the Privacy Shield Principles with respect to such personal data, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program and to view our registration, please visit https://www.privacyshield.gov/

Our accountability for personal data received from the European Union, the United Kingdom, or Switzerland and subsequently transferred to a third party is consistent with the Privacy Shield Principles. In particular, we remain responsible if third-party agents that we engage to process the personal data on our behalf do so in a manner inconsistent with the Principles, unless we prove that we are not responsible for the event giving rise to the damage.

We encourage European individuals (including Swiss individuals) to contact us should you have a Privacy Shield-related (or general privacy-related) complaint at privacy@sosonlinebackup.com. We have committed to refer unresolved privacy complaints under the EU-US Privacy Shield Principles or the Swiss-US Privacy Shield Principles to the International Centre for Dispute Resolution (ICDR) of the American Arbitration Association (ICDR-AAA). If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit http://go.adr.org/privacyshieldfor more information and to file a complaint. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. We are subject to the investigatory and enforcement powers of the US Federal Trade Commission (FTC).

Finally, we commit to cooperate with EU data protection authorities (DPAs), the UK authorities, and the Swiss Federal Data Protection and Information Commissioner (FDPIC) and to comply with the advice given by such authorities with regard to human resources data transferred from the EU, the UK, and Switzerland in the context of the employment relationship.

  1. UPDATES TO THE PRIVACY POLICY.

We may update this Privacy Policy from time to time so it accurately reflects our practices, the Service Offerings, and applicable legal requirements. The “Revision Date” section at the end of this policy states when this Privacy Policy was last amended and we update this date each time a revision is posted. Any changes to this Privacy Policy will become effective when the updated Privacy Policy is posted. You should check our website regularly to stay informed of our privacy practices. When we change this policy in a material way, a notice will be posted on our website along with the updated Privacy Policy. We will also attempt to contact you via your contact information on file, for example by email, your account dashboard, or some other equivalent method.

  1. NOTICE TO NEVADA RESIDENTS.

Under Nevada SB 220, Nevada residents have the right to opt-out of the sale of their Covered Information (as such term is defined under Nevada law).  As noted above, we do not sell your information.  However, if you are a Nevada resident, you may submit a request to opt-out of future sales by us by emailing privacy@sosonlinebackup.com.  We will maintain your request in the unlikely event our practices change in the future.  Should your email address change, please submit a new request to privacy@sosonlinebackup.com with your new email address.  We reserve the right to take reasonable steps to verify your identity and the authenticity of any request.

  1. NOTICE TO CANADIAN RESIDENTS.

Subject to applicable law, you have the right to: If you wish to take any of the above actions, you may submit a request by emailing privacy@sosonlinebackup.com.

  1. NOTICE TO AUSTRALIAN RESIDENTS.

The Privacy Act 1988 (Cth) (Privacy Act), which includes the Australian Privacy Principles (APPs), regulates how individuals’ personal information is collected, held, used, and disclosed. The Act provides individuals the right to know why their personal information is being collected, how it will be used, and to whom it will be disclosed, and to ask for access to, or correction of, this information. SOS Online Backup customers are responsible for ensuring that they comply with their obligations under the Privacy Act (including the APPs). If you wish to take any of the above actions, you may submit a request by emailing privacy@sosonlinebackup.com.

 

Revision Date Last revised January 24, 2022.
© SOS Online Backup.
All Rights Reserved.