Last Updated: March 14, 2019

The General Data Protection Regulation (GDPR) is a European Union regulation which protects the rights of data subjects in the European Economic Area (EEA), with respect to the processing of their “personal data,” as such term is defined in the GDPR.

Table of contents:

Compliance

The Osano web site is purpose-built not to collect personal data of individuals. Here are some of the actions we’ve taken to ensure our compliance with GDPR:

  • We limit the personal data we collect to IP address, period
  • We have established a legal basis for the processing of that data
  • We only retain personal data for a period of 30 days, after which, the data is deleted

What Personal Data is Collected, How is it Collected and Who is It Shared With

Please see the Privacy Policy, which describes the categories of information we process, the purpose for which we process personal data and who it is shared with.

How Long is Personal Data Retained

The only personal data collected by the Osano web site is IP address. The IP address is stored in our log-files for a period of thirty (30) days. After 30 days, it is deleted from our system.

If you contact us directly using the contact information provided on this website, we will retain your contact information as long as necessary in order to respond to your inquiry. We may retain copies of these communications for a period of up to twelve months. After that, the communications will be deleted from our system, unless we are required by law to retain it longer.

Children’s Privacy

The Osano web site was not developed or intended for individuals that are deemed to be children under applicable data protection or privacy laws, nor do we knowingly collect information from children. The personal data collected when using the Osano web site is limited solely to IP address.

If you are a user of the Osano web site located in the EEA, we rely on legitimate interest as the legal basis for processing the limited personal data (i.e., limited to IP address) we collect via the web site.

Profiling & Direct Marketing

We do not use any personal data for any (i) automated processing, including profiling, or (ii) direct marketing.

International Data Transfers

If you are located within the EEA when you visit the Osano web site, we may transfer personal data (i.e., limited to IP address) about you outside of the EEA. When we do, we will ensure that an adequate level of protection is provided for the information by using industry standard encryption at rest and in transit. Visit our Security Statement to learn more about the technical and operational measures we implement.

Subprocessors

In connection with the operation of our web site, Osano may engage third parties (each a “Subprocessor”) to process your personal data. As a condition of permitting a Subprocessor to process your personal data, Osano will enter into a written agreement with each Subprocessor containing data protection obligations at least as protective as the technical and organizational measures Osano has put into place to protect your personal data from accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access.

Name Subprocessing Activity Country of Origin
Amazon Web Services, Inc. Cloud Service Provider United States

Access, Rectification, Suppression, and Erasure

Because the personal data we collect through the Osano web site is limited to IP address, we are not able to personally identify you or retrieve any information about you for purposes rectification or suppression, or erasure of such information. We will not request or seek to process any additional personal data from you.

How to Contact Us

If you have any questions about this GDPR Statement, you may contact us at this email address: help@osano.com, or you can send correspondence to the following address:

Osano, Inc., A Public Benefit Corporation
3800 North Lamar Blvd
Suite 200
Austin, TX 78756

If contacting us does not provide you with an adequate resolution and your inquiry is related to information collected about you in the European Union/European Economic Area, please contact the applicable EU Data Protection Authority.

Changes to this GDPR Statement

Please visit this page periodically to stay aware of any changes to this GDPR Statement, which we may update from time to time. If we modify this GDPR Statement, we will make the revised overview available at the URL of this page and indicate the date of the latest revision.