Please note that California residents can receive additional specific information in accordance with the California Consumer Privacy Act of 2018 (the “CCPA”), in our California Privacy Notice, found at the end of this policy.
Information We Collect
When you interact with us through the Services, we may collect the following types of information from you, as further described below:
When you interact with Dremio through the Services, we receive and store certain un-identified and non-identifiable information pertaining to a User (“Non-Personal Information”). Dremio may store such information itself or such information may be included in databases owned and maintained by Dremio affiliates, agents or service providers. The Services may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of visitors to each page of our Site, and the domain names of our visitors’ Internet service providers.
When you use the Application, we automatically record information about how you use the Application (“Usage Data”). Usage Data includes information like browser type, operating system, the pages or features of the Application accessed or used by you and the time spent on those pages or features, actions taken when using the Application, and other statistical information. If we associate Non-personal Information with Personal Information (as defined below), we will treat such information as Personal Information.
“Personal Information” is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual.
Personal Data that we collect through the Site:
- Data submitted when interacting with the Site: if you request a demo, fill in the “contact us” form or sign up for a webinar or a conference, we may collect your full name, email address and phone number and all other information, which you may voluntarily provide as part of your interaction with the Site or in later communications with us.
- Device information: we may also collect Personal Information from your device, such as IP address and other online identifiers.
Personal Data of job applicants
- If you apply for a position with Dremio, we may collect additional information as part of the recruitment process, such as right to work documentation, references and other information included in your CV or cover letter or as part of the application process, such as past employment records, job titles, training records, professional certifications
- We may also collect, store, use and process “special categories” of more sensitive Personal Data, such as information regarding your health or information on criminal convictions and offences. Such information is only processed and used in accordance with applicable laws and will be solely used to assess your candidacy or to satisfy any legal requirement we are subject to.
- We may also collect information from third parties, including former employers, credit reference agencies or other background check agencies or publicly available resources (such as social networks).
Personal Data that we collect through the Application:
- When you sign up to use the Application, we will collect your full name and email address.
- When you use the Application, we may also collect your IP address.
Integrating Social Networking Services:
You may also have the option of posting your Services activities to Social Networking Services when you access content through the Services (for example, you may post to Facebook that you performed an activity on the Service); you acknowledge that if you choose to use this feature, your friends, followers and subscribers on any Social Networking Services you have enabled will be able to view such activity.
Legal Basis for Processing
Processing of your Personal Information is necessary for the performance of our contractual obligations towards you and providing you with our services, to protect our legitimate interests and to comply with our legal obligations. In specific cases, we may also process your information based on your consent.
Our Use of Your Personal Data and Other Information
Our Disclosure of Your Personal Data and Other Information
Dremio is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:
Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.
Agents, Consultants and Related Third Parties: Dremio, like many businesses, sometimes hires others to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments. When we employ another entity to perform a function of this nature, we only provide them with the information that they need to perform their specific function and in accordance with applicable data sharing agreements.
In some cases, we may offer you the option to share your information with our business partners (such as conference sponsors), in order to help you keep in touch and receive offers which may be of interest to you. We will only share such information with third parties for this purpose based on your consent.
Legal Requirements: Dremio may disclose your Personal Data if required to do so by law, or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Dremio, (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.
In any case, we will conclude that disclosure of Personal Information is necessary; we will only disclose that portion of the Personal Information that is required in order to satisfy the basis for disclosure. We will share the Personal Information under appropriate safeguards.
For EU Residents: Certain third parties may be located in jurisdictions outside of the EEA. If we share your personal information with such third parties, we will ensure that the transfer is done only to such countries as approved by the European Commission as providing adequate level of data protection, or otherwise ensure that the transfer is done in accordance with an approved legal mechanism under the applicable privacy legislation (including without limitation the GDPR).
User Rights (For EU Users)
You may request to
- Receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data, together with certain supplementary information.
- Receive Personal Data you directly volunteer to us in a structured, commonly used and machine-readable format.
- Request rectification of your Personal Data that is in our control.
- Request erasure of your Personal Data.
- Object to the processing of Personal Data by us.
- Request to restrict processing of your Personal Data by us.
- Lodge a complaint with a supervisory authority.
However, please note that these rights are not absolute and may be subjected to our own legitimate interests and regulatory requirements. If you ever decide to exercise any of the above rights, you may do so by contacting us at: firstname.lastname@example.org
We will retain your Personal Data for as long as necessary to provide our Services. We will retain and use your data as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods shall be determined taking into account the type of information collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.
Links to Other Web Sites
Dremio takes reasonable steps to protect the Personal Data provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any Personal Data to Dremio via the Internet.
Access to Information; Contacting Dremio
To keep your Personal Data accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct Personal Data in our possession that you have previously submitted via the Services.
You may also contact us as follows:
Physical address – 3970 Freedom Circle, #110, Santa Clara CA 95054, USA
Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Dremio has appointed European Data Protection Office (EDPO) as its GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:
- by using EDPO’s online request form: https://edpo.com/gdpr-data-request/
- by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium
Pursuant to the UK GDPR, Dremio has appointed EDPO UK Ltd. as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:
- by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/
- by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom
Privacy Notice For California Residents
This notice addresses the specific disclosure requirements under the California Consumer Privacy Act of 2018 (Cal. Civ. §§ 1798.100–1798.199) and the California Consumer Privacy Act Regulations by the Attorney General (collectively, “CCPA”).
What Categories of Data do we Process
In the 12 preceding months, we have collected and disclosed the following categories of Personal Information:
|Category of Personal Information Collected||Personal Information Collected||Categories of service providers to whom Personal Information was disclosed|
|A. Identifiers||Full name, email address, device identifiers, including certain software and hardware information (e.g. IP address, internet service provider, domain server, type of computer, browser type and language and operating system).||Cloud services
|B. Personal Information Categories listed in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e))||Address, telephone number, financial information (e.g. credit card number).||Cloud services
|C. Commercial Information||Feedback of users.||Cloud services
|D. Internet or Other Electronic Network Activity Information||Information regarding the user’s interaction with the website.||Cloud services
|E. Geolocation Data||Geolocation data based on device identifiers.||Cloud services
|F. Professional or Employment-related Information||Current or past job history.||Cloud services
We do not sell (as this term is defined under the CCPA) any Personal Information.
We may share or transfer Personal Information to third parties as assets that are part of a merger, acquisition, bankruptcy or other transaction in which the third party assumes control of all or part of the Company. Such transfer will be handled according to the requirement of the CCPA and shall not be regarded as a sale of Personal Information under the CCPA.
Sources of Personal Information
In the 12 preceding months, we have collected the above-mentioned categories of Personal Information from the following categories of sources:
- Consumers directly, through the Services;
- Operating systems.
User Rights under the CCPA
Access to Personal Information
You may request, up to two times each year, that we disclose to you the categories and specific pieces of Personal Information that we have collected about you, the categories of sources from which your Personal Information is collected, the business or commercial purpose for collecting your Personal Information, the categories of Personal Information that we disclosed for a business purpose, any categories of Personal Information about you that we sold, the categories of third-parties with whom we have shared your Personal Information, and the business or commercial purpose for selling your Personal Information, if applicable.
You have the right to request that we delete any Personal Information collected from you and retained, unless an exception applies.
Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers, subcontractors, and consultants to delete) your Personal Information, unless an exception applies.
Exercising Your Rights
You can exercise your rights (such as access and deletion) by submitting a verifiable consumer request to our email address: email@example.com or by the Contact Us page at https://www.dremio.com/contact/. You can also send us a mail to our physical address specified in the Contacting Dremio section.
Only you or a person authorized to act on your behalf may make a consumer request related to your Personal Information.
The request must:
- Provide sufficient information to allow us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
- Describe your request with sufficient details to allow us to properly understand, evaluate, and respond to it.
- We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
You may only request a copy of your data twice within a 12-month period.
If you have any general questions about the Personal Information that we collect about you how we use it, please contact us at firstname.lastname@example.org.
Response Timing and Format
Our goal is to respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and extension period in writing within the first 45 days period. We will deliver our written response, by mail or electronically, at your option. Any disclosures we provide will cover only the 12-month period preceding the request. If reasonably possible, we will provide your Personal Information in a format that is readily useable and should allow you to transmit the information without hindrance.
We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
In case of rejection, the response we provide will explain the reasons for which we cannot comply with your request.
Please note that these CCPA rights are not absolute and requests are subject to any applicable legal requirements, including legal and ethical reporting or document retention obligations.
You can designate an authorized agent to make a request under the CCPA on your behalf if:
- The authorized agent is a natural person or a business entity registered with the Secretary of State of California; and
- You sign a written declaration that you authorize the authorized agent to act on your behalf.
If you use an authorized agent to submit a request to exercise your right to know or your right to request deletion, please mail a certified copy of your written declaration authorizing the authorized agent to act on your behalf using the contact information below.
If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA.
We will not discriminate against you if you exercise any of your privacy rights as a California Consumer. Unless permitted by the CCPA, we will not:
- Deny you goods or services.
- Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Provide you a different level or quality of goods or services.
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.