Privacy Policy

Netdata, Inc. Privacy Policy

Updated Effective Date: July 20, 2020

1. Preamble

This Privacy Policy explains and describes the collection, use, processing, storage, and disclosure of personal information by Netdata, Inc (“Netdata”), a Delaware corporation with its principal place of business located at 548 Market St. #31942, San Francisco, CA 94104-5401.

This Privacy Policy is incorporated into and made part of the Netdata Terms of Use (“Terms”).

Our Privacy Policy applies to your use of all websites that Netdata operates. These include https://www.netdata.cloud/, and all other subdomains thereof, (collectively, the “Websites”).

Our Privacy Policy also applies to all products, information, and services provided through the Websites, including without limitation the Netdata Agent, the Netdata Registry, and the Netdata Cloud (referred hereafter as “Netdata Products” or “Products”).

By accessing or using any of the Netdata Products or the Websites, you are acknowledging, accepting and agreeing to the practices described in this Netdata Privacy Policy.

Please note that this Privacy Policy does not apply to any third-party websites, services, products, applications and the contents used within these third-party systems, even if these third-party websites are accessible through our Websites or Netdata Products. See Section 12 below for more information.

2. Our Principles

Netdata has designed this Privacy Policy to be consistent with our core company principles:

  • Privacy policies should be human readable and easy to find.
  • We believe that data collection, storage, and processing should be simplified as much as possible to enhance security, ensure consistency, and make our data processing and privacy practices easy for users to understand.
  • Data collection practices should always meet the reasonable expectations of users.
  • We always endeavor to collect the least amount of personal data and information possible.
  • We are complying with key data protection laws and privacy standards such as GDPR and CCPA.
  • We do not sell your personal data or information.
  • Any personal data or information we collect is protected using best practice security measures.

Our core “Opt-Out” practices are described here:

https://learn.netdata.cloud/docs/agent/anonymous-statistics#opt-out

3. What personal information do we collect?

We collect any personal information that you give us.

In this Privacy Policy, we use the terms “personal data” and “personal information” interchangeably. Under CCPA, “personal information” means information that can identify, relate to, describe, be associated with, or be reasonably capable of being associated with a particular consumer or household. In GDPR, “personal data” means any information relating to an identified or identifiable natural person.

For example, we collect personal information about you when you:

  • sign up or register for one of our products or services;
  • create an account;
  • utilize interactive features of our Website or Products;
  • fill out a Website form;
  • give us feedback, ideas or submissions about any of our Products;
  • communicate with us through third-party social media sites;
  • request technical support;
  • register for white papers, web seminars, and other events hosted by us, or
  • otherwise communicate with us by way of our Websites, Netdata Products, or any other means.

4. How do we collect and use your personal information?

Netdata collects and uses personal information in the following ways:

Website and Analytics: When you visit our Websites or use our Products, Netdata collects some information about your activities through certain website analytics tools. The type of information that we collect includes general information such as the country or city where you are located, the pages visited, time spent on pages, heat-map of visitors’ activity on the Website, and information about the browser you are using. Netdata collects and uses this information to pursue to our legitimate interest of enhancing the security and utility of our Website and Products.

Information from Cookies: We and our service providers may collect information using cookies or similar technologies for any of the legitimate data collection purposes described in this Privacy Policy. Cookies are pieces of information that are stored by your browser on the hard drive or memory of your computer or other Internet access devices. Cookies may enable us to personalize your experience on the Website, maintain a persistent session, passively collect demographic information about your computer, and monitor advertisements and other activities. The Websites may use different kinds of cookies and other types of local storage (such as browser-based or plugin-based local storage). For further information about how cookies work, please visit allaboutcookies.org.

We ask you when you use and access the Website or the Netdata Cloud Product to accept our Cookie policy. You may be asked to accept our Cookie policy on both our Website and the Cloud Product. Most often once we identify your use of either the Website or Netdata Cloud Product, your acceptance of the Cookie policy will apply to your use of both of these two Netdata systems. When you accept our Cookie policy, you are also consenting to Netdata’s collection of relevant information and data about your computer or device which may be considered “personal information”. You can set your browser not to accept cookies, and the allaboutcookies.org website tells you how to remove cookies from your browser. However, in a few cases, the Netdata Products may not work as a result. In addition, Websites’ features may not function efficiently or correctly.

Netdata Registry: The Netdata Registry collects anonymous statistics about user visits to the Netdata user interface, counting both individual machines and the number of users associated with each machine. If providing us this type of information is against your policies, you can run your own registry.

Netdata Cloud: When you sign up for a user account via the ‘Sign in’ link on the Netdata Agent user interface, Netdata is granted access to personal information in the user profile of the authentication provider you choose (e.g. GitHub or Google). Netdata collects and uses this personal information pursuant to its legitimate interest in setting up and maintaining your account, and providing you with the features we provide all other registered users of the Netdata Cloud Product. We may use your email address to contact you regarding changes to this Privacy Policy or to our Terms of Use. The profile login name or email address may be used to connect and associate you with any Content you submit to our Websites, or to your use of our Websites or products.

By using the Netdata Cloud Products, you are agreeing to allow Netdata to send you communications about our Products, but you will have the ability to opt-out of receiving marketing emails. See: https://app.netdata.cloud/sign-in?cloudRoute=/spaces.

Anonymous Usage Statistics: On certain versions of Netdata Products every time our daemon (which is a computer program that runs as a background process, rather than being under the direct control of an interactive user) is started or stopped and every time a fatal condition is encountered, Netdata collects system information and sends this information to our Website analytics tools by way of an HTTP call. The types information collected for all of these events is:

  • Netdata version
  • OS name, version, id, id_like
  • Kernel name, version, architecture
  • Virtualization technology; and
  • Containerization technology

Furthermore, we collect information about any fatal events detected by the Agent, including Netdata process and thread information, along with the relevant file, function and line entry describing the fatal error.

The statistics calculated from this information we collect are used for:

  • Quality assurance, to help us better understand if Netdata Products are behaving as expected and help us identify repeating issues for certain distributions or environments.
  • Usage statistics, to help us focus on the parts of Netdata Products that are used most often, or help us identify the extent to which our development decisions influence our user community.

To opt-out from this automated anonymous statistics feature, you can create a file called .opt-out-from-anonymous-statistics under the user configuration directory (usually /etc/netdata).

You can learn more about this opt-out function by reviewing the information on our Website here: https://learn.netdata.cloud/docs/agent/anonymous-statistics#opt-out

Emails and Newsletters: When you sign up to receive Product updates from Netdata, sign up for the Netdata Cloud Product, or otherwise voluntarily subscribe to one of our mailing lists, you will be asked to provide some very limited personal information. Netdata collects and uses this personal information for the sole purpose of providing you relevant Product news and updates. All bulk email communications from Netdata include links to unsubscribe from our mailing lists. If you opt out and continue to use Netdata Products, we may still send you non-promotional communications, including those relating to your current Netdata accounts or your use of the Netdata Products.

Email Analytics: When you receive communications from Netdata after signing up for and consenting to receiving the Netdata newsletter, campaign updates, or other ongoing email communications from Netdata, we may use analytics to track whether you open the mail, click on the links, and otherwise interact with the materials we send you. You may opt out of this tracking by indicating that you no longer wish to receive newsletter, campaign updates, or other ongoing email communications from Netdata and using this link: https://u8647778.ct.sendgrid.net/asm/unsubscribe/. Netdata collects and uses this personal information pursuant to its legitimate interest to understand the interests of its users, supporters and volunteer community in order to provide more relevant news and updates.

Opting-out of Netdata marketing communications does not mean we will discontinue sending you Netdata Product related emails, which include information about updates, new releases, support and other relevant information for Netdata Product users.

Other Voluntarily Provided Information: When you provide feedback to Netdata or otherwise submit personal information to Netdata, Netdata collects and uses this personal information pursuant to its legitimate interest to better understand our user community and in furtherance of the particular program or activity to which you provided your feedback or other input.

Third Party Sources. We may obtain personal information about you from other sources, and combine that with information we collect through your access and use of our Websites and Products. For example, if you create or log into your account through a site like Google.com or GitHub.com, we may have access to certain information about you from those sites, such as your name, log-in credentials, account information and other information in accordance with the authorization procedures and privacy policies determined by those third-party websites. We may add this information to the information we have already collected from you by way of our Website in order to improve the products and services we provide you and our user community. Through GitHub (https://github.com/netdata) in particular, we collect information provided by the GitHub API about people who have starred, follow or comment on our open source products.

5. How do we store your personal information?

We collect, process and store personal information (including user email addresses provided when you access the Netdata Cloud Product or when you provide us personal information on our Website) in secure systems hosted by reputable third parties that provide cloud services to Netdata, subject to specific written data processing obligations that are consistent with applicable regulations and law. These data processing obligations expressly prevent these third parties from using personal information we lawfully collect, process and store except to provide Netdata services we have requested, and for no other purpose.

Netdata stores this personal information in secure third-party cloud environments pursuant to its legitimate interest in being able to identify you when we provide you access to our Products and Website, and to enhance the security of the personal information we collect.

6. Access to Your Personal Information

You are generally entitled to access personal information that Netdata holds and to have inaccurate data corrected or removed to the extent Netdata still maintains it. In certain circumstances, you also may have the right to object for legitimate reasons to the processing or transfer of personal information. If you wish to exercise any of these rights, please write to privacy@netdata.cloud explaining your request.

See Sections 14 and 15 below entitled “CCPA Practices” and “GDPR Practices” respectively for additional information about exercising your rights to control your personal information and data.

7. Disclosure of Your Personal Information

Netdata does not disclose personal information to third parties except as such disclosure is reasonably necessary to (a) provide you the full functionality of Netdata Products; (b) secure personal information we collect; (c) take action regarding suspected illegal activities; (d) enforce or apply our Terms and this Privacy Policy; (e) enforce our Acceptable Use Policy, including our Code of Conduct, or (f) comply with legal process, such as a search warrant, subpoena, statute, or court order (including Compelled Disclosure, see below).

Compelled Disclosures: We may disclose your personal information to government or law enforcement officials or to private parties as we, in our sole discretion, believe necessary or appropriate to:

  • respond to claims and/or legal process (including subpoenas);
  • to protect the property and/or rights of Netdata or any third party;
  • to protect the safety of the public or any person;
  • to prevent or stop any illegal, unethical, or legally actionable activity;
  • to comply with applicable law or regulation; or
  • in response to any lawful request by public authorities, including, without limitation, to meet national security or law enforcement requirements.

Finally, we may share personal information with your consent or at your direction, including if we notify you through any of our Website or Products that the information you provide will be shared in a particular manner, and you choose to provide such information.

8. How we secure your personal information.

Netdata has implemented reasonable physical, technical, and organizational security measures to protect and safeguard personal information that Netdata processes against accidental or unlawful destruction, or accidental loss, alteration, unauthorized disclosure or access, in compliance with applicable law. However, no product or service can fully eliminate security risks. If any data breach occurs, we will post a reasonably prominent notice to the Websites and comply with all other applicable data privacy requirements including, when required, personal notice to you if you have provided and we have maintained an email address for you.

Our Security Practices: Netdata maintains information security policies, procedures, and controls governing the processing, storage, transmission, and security of personal information processed by our Website and Netdata Products. Netdata has also implemented and will maintain appropriate technical security measures, internal controls, and information security routines designed to protect personal information processed by our Website and Netdata Products against unauthorized access, acquisition, use, disclosure, or destruction. Netdata has further implemented and will maintain appropriate physical security measures designed to protect the tangible items that comprise physical computer systems and networks that store and process personal data through our Website and Netdata Products, including servers and devices. Netdata has additionally implemented and will maintain appropriate organizational security measures designed to protect personal data processed by our Website and Netdata Products against unauthorized access, acquisition, use, disclosure, or destruction.

Netdata informs its employees about relevant security procedures and their respective roles, including an annual mandatory security awareness training that addresses such employees’ rights to access personal information (if any), and informing such employees of their obligations and the consequences of violating such obligations.

9. Children

Our Websites and Netdata Products are not designed for use by or directed at children under the age of 13. Consistent with the U.S. Children’s Online Privacy Protection Act of 1998 (“COPPA”), we will never knowingly request personal information from anyone under the age of 13 without requiring parental consent. Our Terms specifically prohibit anyone using the Netdata Products or Websites from submitting any personally identifiable information about persons under 13 years of age.

Any person who provides their personal information to Netdata through the Netdata Products and Services represents that they are 13 years of age or older.

If you are under 13, please do not attempt to use the Netdata Products or Websites or send any personal information about yourself to us. If we learn that we have collected personal information from a child under age 13, we will delete that information as quickly as possible.

10. Third Party Service Providers

Netdata uses a number of third party service providers in connection with our Website and Products, including website cloud hosting services, database management, and others. Some of these service providers may place session cookies on your computer, and they may collect and store your personal information on our behalf in accordance with the data practices and purposes explained in this Privacy Policy.

11. Third Party Sites

Our Websites or our Products may provide links to a wide variety of third party websites. You should consult and review the respective privacy policies of these third-party websites. This Privacy Policy does not apply to, and we cannot control the activities of, such other websites. This Privacy Policy does not apply to the privacy practices of any companies we don’t own or control, any persons we don’t manage, or any third-party website, software, or service that we don’t control (including, with respect to our extensions and integrations, the underlying third-party software).

If you choose to visit another website by clicking on a hyperlink or otherwise, you will be directed to that third party’s website. The fact that we link to a website is not an endorsement, authorization or representation of our affiliation with that third party. We do not exercise control over third-party websites. These other websites may place their cookies or other files on your computer, collect your data, or solicit personal information from you. This Privacy Policy only addresses the use and disclosure of information that we collect from you through our Websites and Products. Other websites may follow different rules regarding the use or disclosure of the information you submit to them. We encourage you to read the privacy policies or statements of other websites you visit, before providing your information to them.

12. Transferring Data to Other Countries

If you are accessing or using the Websites or our Products in regions with laws governing data collection, processing, transfer and use, please note that when we use and share your data as specified in this Privacy Policy, we may transfer your personal information to recipients in countries other than the country in which the personal information was originally collected. Those countries may not have the same data protection laws as the country in which you initially provided the information.

Personal data transferred from the EEA (including the European Union) to the United States or outside the European Union to locations that are not deemed to have maintained adequate levels of data protection, will be made on the grounds of a data processing agreement based on the EU Standard Contractual Clauses which are approved of by the European Commission, consistent with applicable data privacy requirements.

13. Changes to this Privacy Policy

We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of this Privacy Policy, adding a statement to our homepage, by sending you an email, and/or by some other means. Please note that if you’ve opted not to receive legal notice emails from us (or you haven’t provided us with your email address), those legal notices will still govern your use of our Website and Products, and you are still responsible for reading and understanding them. If you use our Website and Products after any changes to the Privacy Policy have been posted, that means you agree to all of the changes. We encourage you to review this Privacy Policy periodically to stay informed about our practices.

Under CCPA, we are obligated to review and update our Privacy Policy annually, and we intend to comply with that requirement.

14. CCPA Practices

These additional disclosures for California residents (e.g. “consumers”) apply only to individuals who reside in California. The California Consumer Privacy Act of 2018 (“CCPA”) provides additional rights to know, delete and opt out, and requires business collecting or disclosing Personal Information to provide notice of rights California residents have and can exercise.

California Notice of Collection. We have collected Personal Information corresponding to the following categories of information enumerated in the CCPA.

  • Identifiers, including name, address, email address, account name, IP address – and an ID number assigned to Your account.
  • Analytics and Advertising, including engagements with our Website and Products.
  • Internet activity, including history of visiting and interacting with our Website and Products, browser type, browser language and other information collected automatically.
  • Geolocation data, including location enabled services such as WiFi and GPS.

For more information on what we collect, please review Section 3 above. We collect and use these categories of Personal Information for the business purposes described in Section 4 above.

We do not sell information as the term “sell” is traditionally understood. However, to the extent “sale” under the CCPA is interpreted to include advertising technology activities such as those disclosed in Section 4 entitled “How do we collect and use your personal information?”, we will comply with applicable law as to such activities.

Netdata discloses the following categories of personal information for commercial purposes to its service providers and partners:

  • Commercial Information;
  • User Records;
  • Demographic Data;
  • Location Data;
  • Identifiers;
  • Inferences; and
  • Internet activity.

We use and partner with different types of entities to assist with our daily operations and manage the Netdata Products and Website. Please review Sections 4, 10 and 11 for more detail about the parties with whom we share information.

Right to Know and Delete. If You are a California resident, you have the right to know certain information about our data practices in the preceding 12 months. In particular, you have the right to request the following from us:

  • The categories of Personal Information we have collected about you;
  • The categories of sources from which the Personal Information was collected;
  • The categories of Personal Information about you that we disclosed for a business purpose or sold;
  • The categories of third parties to whom the Personal Information was disclosed for a business person or sold;
  • The business or commercial purpose for collecting or selling the Personal Information; and
  • The specific pieces of Personal Information we have collected about you.

In addition, you have the right to delete the Personal Information we have collected from You. However, this is not an absolute right and we may have legal grounds for keeping such data.

To exercise any of these rights, please submit a request to privacy@netdata.cloud.

In the request, please specify which right you are seeking to exercise and the scope of the request. We will confirm receipt of your request within 10 days. We may require specific information from you to help us verify your identity and process your request. If we are unable to verify your identity, we may deny your requests to know or delete.

Authorized Agent. You can designate an authorized agent to submit requests on Your behalf. However, we will require written proof of the agent’s permission to do so and verify your identity directly.

Right to Non-Discrimination. You have the right to non-discriminatory treatment by Netdata, should you exercise any of Your rights.

15. GDPR Practices

Data Sub-processor. If You are a Netdata Website or Cloud Product user, Netdata and Third Party Service Providers act as your data sub-processors. Netdata primarily processes and stores your personal data, on servers located and operated within the United States. If You reside or are located outside of the U.S., we may send to and store your personal data in the United States in order to provide and operate the Netdata Cloud platform. If Your personal data that is being processed by Netdata is subject to the EU General Data Protection Regulation (“GDPR”), we shall maintain an adequate level of protection of the personal data transferred outside the EEA, either by us and/or Third Party Service Providers, in accordance with applicable laws, in particular by way executed Standard Contractual Clauses approved by the European Commission.

If You wish to exercise any of your privacy rights under GDPR, or if You need further information regarding those privacy rights, please contact us at privacy@netdata.cloud.

Data Controller. In limited circumstances, where Netdata processes your personal information as a data controller, you are entitled to exercise certain privacy rights under specific circumstances. These rights include:

  • Right of access
  • Right to rectification
  • Right to erasure (Right to be forgotten)
  • Right of restriction of processing
  • Right to data portability
  • Right to object
  • Automated individual decision-making, including profiling

16. Notices

All notices under this Privacy Policy shall be sent to the following Netdata contacts:

legal@netdata.cloud

privacy@netdata.cloud

Netdata, Inc., 548 Market St. #31942, San Francisco, CA 94104-5401