Dremio Jekyll

Privacy Policy

This Privacy Policy was last updated on February 25, 2021.


Our Policy

This Privacy Policy sets out Dremio Corporation’s (“Dremio,” “we,” “us” or “our”) privacy practices with regards to its website(s) (the “Site”) and its software application (the “Application” and collectively with the Site - the “Services”). This Site is operated by Dremio and has been created to provide information about our company and our data analytics services, and related services to our visitors and users (“you”, “your”).

Please note that California residents can receive additional specific information in accordance with the California Consumer Privacy Act of 2018 (the “CCPA”), in our California Privacy Notice, found at the end of this policy.


Information We Collect

When you interact with us through the Services, we may collect the following types of information from you, as further described below:

Non-Personal Information

When you interact with Dremio through the Services, we receive and store certain un-identified and non-identifiable information pertaining to a User (“Non-Personal Information”). Dremio may store such information itself or such information may be included in databases owned and maintained by Dremio affiliates, agents or service providers. The Services may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of visitors to each page of our Site, and the domain names of our visitors’ Internet service providers.

When you use the Application, we automatically record information about how you use the Application (“Usage Data”). Usage Data includes information like browser type, operating system, the pages or features of the Application accessed or used by you and the time spent on those pages or features, actions taken when using the Application, and other statistical information. If we associate Non-personal Information with Personal Information (as defined below), we will treat such information as Personal Information.

Personal Information

Personal Information” is individually identifiable information, namely information that identifies an individual or may with reasonable effort identify an individual.

Personal Data that we collect through the Site:

  • Data submitted when interacting with the Site: if you request a demo, fill in the “contact us” form or sign up for a webinar or a conference, we may collect your full name, email address and phone number and all other information, which you may voluntarily provide as part of your interaction with the Site or in later communications with us.
  • Device information: we may also collect Personal Information from your device, such as IP address and other online identifiers.

Personal Data of job applicants

  • If you apply for a position with Dremio, we may collect additional information as part of the recruitment process, such as right to work documentation, references and other information included in your CV or cover letter or as part of the application process, such as past employment records, job titles, training records, professional certifications
  • We may also collect, store, use and process “special categories” of more sensitive Personal Data, such as information regarding your health or information on criminal convictions and offences. Such information is only processed and used in accordance with applicable laws and will be solely used to assess your candidacy or to satisfy any legal requirement we are subject to.
  • We may also collect information from third parties, including former employers, credit reference agencies or other background check agencies or publicly available resources (such as social networks).

Personal Data that we collect through the Application:

  • When you sign up to use the Application, we will collect your full name and email address.
  • When you use the Application, we may also collect your IP address.

Integrating Social Networking Services:

One of the special features of the Service is that it allows you to enable or log in to the Services via various social networking services like Gmail, Facebook or Twitter(“Social Networking Service(s)”). By directly integrating these services, we make your online experiences richer and more personalized. To take advantage of this feature, we will ask you to log into or grant us permission via the relevant Social Networking Service. When you add a Social Networking Services account to the Service or log into the Service using your Social Networking Services account, we will collect relevant information necessary to enable the Service to access that Social Networking Service and your data contained within that Social Networking Service. As part of such integration, the Social Networking Service will provide us with access to certain information that you have provided to the Social Networking Service, and we will use, store and disclose such information in accordance with this Privacy Policy. However, please remember that the manner in which Social Networking Services use, store and disclose your information is governed by the policies of such third parties, and Dremio shall have no liability or responsibility for the privacy practices or other actions of any Social Networking Services that may be enabled within the Service.

You may also have the option of posting your Services activities to Social Networking Services when you access content through the Services (for example, you may post to Facebook that you performed an activity on the Service); you acknowledge that if you choose to use this feature, your friends, followers and subscribers on any Social Networking Services you have enabled will be able to view such activity.


Legal Basis for Processing

Processing of your Personal Information is necessary for the performance of our contractual obligations towards you and providing you with our services, to protect our legitimate interests and to comply with our legal obligations. In specific cases, we may also process your information based on your consent.


Our Use of Your Personal Data and Other Information

Dremio uses the Personal Data you provide in a manner that is consistent with this Privacy Policy. If you provide Personal Data for a certain reason, we may use the Personal Data only in connection with the reason for which it was provided. For instance, if you contact us by email, we will use the Personal Data you provide to answer your question or resolve your problem. Also, if you provide Personal Data in order to obtain access to the Services, we will use your Personal Data to provide you with access to such services and to monitor your use of such services. Job applicants’ information will be used to make a decision regarding recruitment. Dremio and its subsidiaries and affiliates (the “Related Companies”) may also use your Personal Data and other personally non-identifiable information collected through the Services to help us improve the content and functionality of the Services, to better understand our users and to improve the Services. Dremio and its affiliates may use this information to contact you in the future to offer you guidance regarding the Services or tell you about services we believe will be of interest to you. If we do so, each marketing communication we send you will contain instructions permitting you to “opt-out” of receiving future marketing communications. In addition, if at any time, you wish not to receive any future marketing communications or you wish to have your name deleted from our mailing lists, please contact us as indicated below. The Application may also offer an option to opt out of receiving additional messages.


Our Disclosure of Your Personal Data and Other Information

Dremio is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your Personal Data with certain third parties without further notice to you, as set forth below:

Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.

Related Companies: We may also share your Personal Data with our Related Companies for purposes consistent with this Privacy Policy.

Agents, Consultants and Related Third Parties: Dremio, like many businesses, sometimes hires others to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments. When we employ another entity to perform a function of this nature, we only provide them with the information that they need to perform their specific function and in accordance with applicable data sharing agreements.

In some cases, we may offer you the option to share your information with our business partners (such as conference sponsors), in order to help you keep in touch and receive offers which may be of interest to you. We will only share such information with third parties for this purpose based on your consent.

Legal Requirements: Dremio may disclose your Personal Data if required to do so by law, or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Dremio, (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.

In any case, we will conclude that disclosure of Personal Information is necessary; we will only disclose that portion of the Personal Information that is required in order to satisfy the basis for disclosure. We will share the Personal Information under appropriate safeguards.

For EU Residents: Certain third parties may be located in jurisdictions outside of the EEA. If we share your personal information with such third parties, we will ensure that the transfer is done only to such countries as approved by the European Commission as providing adequate level of data protection, or otherwise ensure that the transfer is done in accordance with an approved legal mechanism under the applicable privacy legislation (including without limitation the GDPR).


Children's Information

Dremio does not knowingly collect Personal Data from children under the age of 13. If you are under the age of 13, please do not submit any Personal Data through the Services. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce our Privacy Policy by instructing their children never to provide Personal Data on the Services without their permission. If you have reason to believe that a child under the age of 13 has provided Personal Data to Dremio through the Services, please contact us, and we will endeavor to delete that information from our databases.


User Rights (For EU Users)

You may request to

  • Receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data, together with certain supplementary information.
  • Receive Personal Data you directly volunteer to us in a structured, commonly used and machine-readable format.
  • Request rectification of your Personal Data that is in our control.
  • Request erasure of your Personal Data.
  • Object to the processing of Personal Data by us.
  • Request to restrict processing of your Personal Data by us.
  • Lodge a complaint with a supervisory authority.

However, please note that these rights are not absolute and may be subjected to our own legitimate interests and regulatory requirements. If you ever decide to exercise any of the above rights, you may do so by contacting us at: compliance@dremio.com


Retention Period

We will retain your Personal Data for as long as necessary to provide our Services. We will retain and use your data as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods shall be determined taking into account the type of information collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.


Links to Other Web Sites

This Privacy Policy applies only to the Services. The Services may contain links to other web sites not operated or controlled by Dremio (the “Third Party Sites”). The policies and procedures we described here do not apply to the Third Party Sites. The links from the Services do not imply that Dremio endorses or has reviewed the Third Party Sites. We suggest contacting those sites directly for information on their privacy policies.


Security

Dremio takes reasonable steps to protect the Personal Data provided via the Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Services may not be secure. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any Personal Data to Dremio via the Internet.


Changes to Dremio’s Privacy Policy

The Services and our business may change from time to time. As a result, at times it may be necessary for Dremio to make changes to this Privacy Policy. Dremio reserves the right to update or modify this Privacy Policy at any time and from time to time without prior notice. Please review this policy periodically, and especially before you provide any Personal Data. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services after any changes or revisions to this Privacy Policy shall indicate your agreement with the terms of such revised Privacy Policy.


Access to Information; Contacting Dremio

To keep your Personal Data accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update or correct Personal Data in our possession that you have previously submitted via the Services.

Please also feel free to contact us via compliance@dremio.com if you have any questions about Dremio’s Privacy Policy or the information practices of the Services.

You may also contact us as follows:

Physical address – 3970 Freedom Circle, #110, Santa Clara CA 95054, USA

Pursuant to Article 27 of the General Data Protection Regulation (GDPR), Dremio has appointed European Data Protection Office (EDPO) as its GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR:

- by using EDPO’s online request form: https://edpo.com/gdpr-data-request/

- by writing to EDPO at Avenue Huart Hamoir 71, 1030 Brussels, Belgium

Pursuant to the UK GDPR, Dremio has appointed EDPO UK Ltd. as its UK GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR:

- by using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/

- by writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY, United Kingdom


Privacy Notice For California Residents

This notice addresses the specific disclosure requirements under the California Consumer Privacy Act of 2018 (Cal. Civ. §§ 1798.100–1798.199) and the California Consumer Privacy Act Regulations by the Attorney General (collectively, “CCPA”).

If you have a disability, you may access this Privacy Policy in an alternative format by contacting contact@dremio.com

What Categories of Data do we Process

In the 12 preceding months, we have collected and disclosed the following categories of Personal Information:

Category of Personal Information Collected Personal Information Collected Categories of service providers to whom Personal Information was disclosed
A. Identifiers Full name, email address, device identifiers, including certain software and hardware information (e.g. IP address, internet service provider, domain server, type of computer, browser type and language and operating system). Cloud services
Website analysis
Affiliated companies
B. Personal Information Categories listed in the California Customer Records Statute (Cal. Civ. Code § 1798.80(e)) Address, telephone number, financial information (e.g. credit card number). Cloud services
Affiliated companies
C. Commercial Information Feedback of users. Cloud services
Affiliated companies
D. Internet or Other Electronic Network Activity Information Information regarding the user’s interaction with the website. Cloud services
Website analysis
Affiliated companies
E. Geolocation Data Geolocation data based on device identifiers. Cloud services
Affiliated companies
F. Professional or Employment-related Information Current or past job history. Cloud services
Affiliated companies

We do not sell (as this term is defined under the CCPA) any Personal Information.

We may share or transfer Personal Information to third parties as assets that are part of a merger, acquisition, bankruptcy or other transaction in which the third party assumes control of all or part of the Company. Such transfer will be handled according to the requirement of the CCPA and shall not be regarded as a sale of Personal Information under the CCPA.

Sources of Personal Information

In the 12 preceding months, we have collected the above-mentioned categories of Personal Information from the following categories of sources:

  • Consumers directly, through the Services;
  • Operating systems.

User Rights under the CCPA

Access to Personal Information

You may request, up to two times each year, that we disclose to you the categories and specific pieces of Personal Information that we have collected about you, the categories of sources from which your Personal Information is collected, the business or commercial purpose for collecting your Personal Information, the categories of Personal Information that we disclosed for a business purpose, any categories of Personal Information about you that we sold, the categories of third-parties with whom we have shared your Personal Information, and the business or commercial purpose for selling your Personal Information, if applicable.

Deletion Requests

You have the right to request that we delete any Personal Information collected from you and retained, unless an exception applies.

Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers, subcontractors, and consultants to delete) your Personal Information, unless an exception applies.

Exercising Your Rights

You can exercise your rights (such as access and deletion) by submitting a verifiable consumer request to our email address: contact@dremio.com or by the Contact Us page at https://www.dremio.com/contact/. You can also send us a mail to our physical address specified in the Contacting Dremio section.

Only you or a person authorized to act on your behalf may make a consumer request related to your Personal Information.

The request must:

  • Provide sufficient information to allow us to reasonably verify you are the person about whom we collected Personal Information or an authorized representative.
  • Describe your request with sufficient details to allow us to properly understand, evaluate, and respond to it.
  • We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

You may only request a copy of your data twice within a 12-month period.

If you have any general questions about the Personal Information that we collect about you how we use it, please contact us at contact@dremio.com.

Response Timing and Format

Our goal is to respond to a verifiable consumer request within 45 days of its receipt. If we require more time, we will inform you of the reason and extension period in writing within the first 45 days period. We will deliver our written response, by mail or electronically, at your option. Any disclosures we provide will cover only the 12-month period preceding the request. If reasonably possible, we will provide your Personal Information in a format that is readily useable and should allow you to transmit the information without hindrance.

We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

In case of rejection, the response we provide will explain the reasons for which we cannot comply with your request.

Please note that these CCPA rights are not absolute and requests are subject to any applicable legal requirements, including legal and ethical reporting or document retention obligations.

Designating Agents

You can designate an authorized agent to make a request under the CCPA on your behalf if:

  • The authorized agent is a natural person or a business entity registered with the Secretary of State of California; and
  • You sign a written declaration that you authorize the authorized agent to act on your behalf.

If you use an authorized agent to submit a request to exercise your right to know or your right to request deletion, please mail a certified copy of your written declaration authorizing the authorized agent to act on your behalf using the contact information below.

If you provide an authorized agent with power of attorney pursuant to Probate Code sections 4000 to 4465, it may not be necessary to perform these steps and we will respond to any request from such authorized agent in accordance with the CCPA.

Non-Discrimination

We will not discriminate against you if you exercise any of your privacy rights as a California Consumer. Unless permitted by the CCPA, we will not:

  • Deny you goods or services.
  • Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
  • Provide you a different level or quality of goods or services.
  • Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.