InfluxData Privacy Notice

At InfluxData Inc., including InfluxData Operations UK LTD and InfluxData Operations Canada Limited, (“InfluxData”, “we”, “us” or “our”), we care about your privacy. This Privacy Notice sets out how we may collect, use or disclose your information in connection with your use of our websites, mobile applications, or any of our products, services, webinars, trade shows or other events that reference this Privacy Notice (collectively “the Services”).:

Please note that this Privacy Notice does not apply in the following circumstances:

Third-party sites: The Services may include links or references to websites, services or materials that are not controlled by us (collectively “Third-Party Sites”). This Privacy Notice does not apply to Third-Party Sites, which are subject to their own privacy notices.

Existing Customers and Users: When we provide most of our products and services, we access or use your information on behalf of your organization who is our customer. In such cases, we will treat your information in accordance with the respective agreements between us and your organization, rather than as described in this Privacy Notice. Please reach out to your organization for more information or if you would like to exercise any of your data subject rights in connection with our use of your information in these instances.

InfluxData staff and employees, candidates: If you are an employee, candidate or other staff working for InfluxData, InfluxData’s employee or candidate privacy notices will take precedence over this Privacy Notice. Please contact [email protected] with any questions.

Specific notices:

We adhere to the principles of the EU-U.S. Data Protection Framework (DPF), the Swiss-U.S. DPF, and the UK extension to the EU-U.S. DPF. To learn more, click here.

California consumers can find specific disclosures, including “Notice at Collection” details, by clicking here.

1. INFORMATION WE COLLECT ABOUT YOU.

We will only collect your personal data (or “information”) about you in accordance with applicable law. The information we collect depends on the context of your interactions with us and the choices you make, including your own privacy settings and the specific Services you use.

In general, however, we collect the following categories of information about you:

• personal identifiers and contact details (such as real name, alias, postal address, unique personal identifier, online identifier internet protocol address, email address, account name, or other similar identifiers);
• commercial information (such as products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies, or financial information in connection with your purchases);
• internet or other electronic network activity information and other usage data (such as browsing history, search history, and information regarding a consumer’s interaction with an internet website, application, connected product or advertisement);
• Identifiers and device information (such as your Internet Protocol (IP) address and information about your device, including device identifiers (such as MAC address), device type and operating system, browser, and other software including type, version, language, settings, and configuration, cookie identifiers, mobile IDs, and other data). See our Cookie Notice for more information.
• geolocation information;
• audio/visual information;
• professional, educational or employment related information;
• any other information you communicate to us directly (including any content or communications you provide or upload to our Services); and
• inferences drawn from the foregoing.

2. SOURCES OF INFORMATION.

We collect your information directly from you, from third-parties or automatically through the use of cookies or automated technologies, in each case as detailed below. We may collect such information both online (for example, through your use of our websites and products) and offline (for example, at events) and we may combine information collected from disparate sources or create new information based on the information we have collected.

Information you provide directly. Most of the information we collect about you is provided directly by you to us.

For example, we receive and store the information you voluntarily enter on our Services or otherwise provide to us (e.g., when you register for an event with us or when you have a direct communication with us). Such information typically includes personal identifiers and contact details, commercial information, protected classification information and professional or educational information.

If you do not want to provide us with your information you may decide at any time not to visit our sites, install our apps, or provide information directly to us. However, if you choose not to provide us with certain information, we may not be able to provide certain Services to you.

Information we obtain from third-parties. Where permitted by law, we may also collect information about you from various third-parties, including your company, marketers, partners, data brokers, researchers, our customers or vendors, suppliers or from public online sources.

Such information typically includes personal identifiers and contact details, commercial information, identifiers and device information and professional or educational information.

Information we collect automatically. In some cases, we may also passively collect information about you and your use of our Services through the use of cookies, server logs, web beacons, navigational data collection (clickstream, log files, server logs, etc.) and related technologies.

Such information typically includes personal identifiers and contact details, internet or other electronic network activity information, identifiers and device information, and geolocation information.

See our Cookie Notice for more information, including information about your choices to control or opt-out of these technologies.

Information we create or generate. We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we infer your general geographic location (such as city, state, and country) based on your IP address.

3. HOW WE USE YOUR INFORMATION.

In general, and in accordance with applicable laws and regulations, we use the information outlined above for the following purposes. We may also use your information as otherwise disclosed to you.

Product and service delivery. To provide and deliver our Services, including troubleshooting, improving, and personalizing those Services.

Business operations. To operate our business, such as billing, accounting, improving our internal operations, securing our systems, detecting fraudulent or inappropriate use of our Services or illegal activity, and meeting our legal obligations.

Product improvement, development, and research. To develop new services or features, and conduct research.

Personalization. To understand you and your preferences in order to enhance your experience and enjoyment using our Services.

Customer support. To provide customer support and respond to your questions.

Communications. To send you information, including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages.

Marketing. Where permitted by applicable law (and with your prior consent where so required by applicable law) for marketing purposes and to provide you with promotional updates and communications about new services, offers, promotions, rewards, contests, upcoming events, and other information about our Services and those of our selected partners (see the “Choice and Control over your Personal Data” section of this statement for information about how to opt-out of marketing or change your preferences for promotional communications).

Advertising. To display advertising to you (see our Cookie Notice for more information about personalized advertising and your advertising choices).

From time to time, electronic communications we provide may contain codes that enable our database to understand whether the communication was opened and/or what links (if any) you have clicked. We may combine such information with other information we have about you and may use this information to improve your experience with our Services and/or provide customized communications to you.

4. WHEN WE SHARE YOUR INFORMATION WITH OTHERS.

We share your information with third-parties solely as permitted by law and only as described in this Privacy Notice or otherwise disclosed to you.

Any third-parties that we may share your information with are obliged to keep your information confidential, secure and protected in a manner no less protective of your information than this Privacy Notice.

We disclose each of the categories of information described above, to the types of third parties, and for the purposes, described below:

Affiliates and subsidiaries. We enable access to your information across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access helps us to provide our services and operate our business.

Vendors. We may disclose your information to our consultants, service providers, contractors or agents that we use to facilitate the Services and our business operations. These parties provide services directly to us such as payment services, fulfillment services, technical support, advertising support, public relations, media and marketing services, legal services, call-in centers, e-commerce and other web-related services such as web hosting and web monitoring services.

Third party analytics and advertising companies, acting on our behalf as our service providers, collect information through our website and apps including identifiers and device information (such as cookie IDs, device IDs, and IP address), geolocation data, usage data, and inferences based on and associated with that data. See our Cookie Notice for more information.

All such parties are under contractual obligations to safeguard your information and are not permitted to use your information for their own purposes.

Public disclosure. You may select options available through certain services of ours (for example, if you join the InfluxData Community Forums) to publicly display and disclose your name and/or username and certain other information, such as your profile, demographic data, content and files, or geolocation data. For more information see the “Public Forums” section of this privacy notice.

Legal and law enforcement. We may disclose your information if required to do so by law or if we have a good faith belief that such disclosure is necessary to comply with the law or to bring or defend against a legal action or to respond to governmental and/or law enforcement requests.

To other third-parties in connection with corporate transactions. We may disclose your information if we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider. Your information may be sold or transferred as part of such a transaction, as permitted by law and/or contract.

To other third-parties for the purpose of security, safety and protecting rights. We will disclose your information if we believe it is necessary to:

• protect our customers or others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
• operate and maintain the security of our Services, including to prevent or stop an attack on our computer systems or networks; or
• protect the rights or property of ourselves or others, including enforcing our agreements, terms, and policies.

Third-party sites and services. Again, note that some of our services also include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide your information to any of those third parties, or allow us to share your information with them, that data is governed by their privacy statements.

Finally, we may disclose de-identified information in accordance with applicable law.

5. INTERNATIONAL TRANSFER OF YOUR INFORMATION.

We may process your information in the United States or any other country in which we (or our service providers) have a presence or data processing facility. Similarly, we may transfer information from the country in which you are located to the United States or any other country in which we (or our service providers) have a presence or data processing facility.

We will comply with all applicable laws relating to the processing and transfer of your information. Where applicable law requires consent for such international processing or transfer, we will seek consent from you independent of this Privacy Notice. We take steps to process and protect your information as described in this statement wherever the data is located, however, some countries where we store data may have laws that offer a different level of data protection than the country in which you reside.

Location of Processing European Personal Data. We transfer personal data from the European Economic Area (EEA), United Kingdom (UK), and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use legal mechanisms, including contracts, to help ensure your rights and protections. To learn more about the European Commission’s decisions on the adequacy of personal data protections, please visit: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en.

EU-U.S. / Swiss-U.S. Data Protection Framework. InfluxData complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce.  InfluxData has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  InfluxData has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this privacy statement and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the Data Privacy Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the Data Privacy Frameworks, should direct their query to [email protected]. If requested to remove data, we will respond within a reasonable timeframe. 

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to [email protected].  

In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

If third-party agents process personal data on our behalf in a manner inconsistent with the DPF Principles, we remain liable unless we prove we are not responsible for the event giving rise to any damages.

In compliance with the Data Privacy Framework Principles, InfluxData commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the Data Privacy Frameworks. European Union, United Kingdom, and Swiss individuals with DPF inquiries or complaints should first contact InfluxData by email at [email protected].

For any complaints related to the DPF that cannot be resolved with us directly, you may refer the matter to the BBB NATIONAL PROGRAMS, an independent dispute resolution body. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

Finally, under limited circumstances and after other available dispute resolution mechanisms have been exhausted, binding arbitration is available to address certain residual complaints under the DPF not resolved by other means (for more detail, see https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf for details).

6. CHOICE AND CONTROL OVER YOUR PERSONAL DATA.

We provide a variety of ways for you to control the information we hold about you, including choices about how we use that data.

Marketing opt-outs. You can unsubscribe from marketing at any time by selecting the “unsubscribe” link at the end of the marketing and promotional update communications to you, or by submitting your request to [email protected]. If you receive a sales call from us, you can ask to be placed on our do-not-call list.

Please keep in mind that if you unsubscribe from our marketing communications, we may still contact you for other legitimate reasons (e.g. in relation to an order you placed, an inquiry you made, a membership you undertook, an event for which you registered, a legally required notice, etc.).

Access, portability, correction, deletion and other consumer rights. In some jurisdictions, you may have the right to request information about and access to or correction or erasure of your information. You may also have the right to object to certain types of processing or request that a copy of your information be provided to you in a readily useable format. In particular, see below for more information about your individual rights under California and European privacy laws.

To make a consumer rights request or to obtain more information about exercising your rights please contact us at: [email protected] or call us toll-free at 1-800-701-0356.

Please be advised that upon receipt of your request, we may ask you to provide additional information so that we can verify your identity and process your request. To the extent permitted by applicable law, we may also charge a fee or decline requests in certain cases. For example, we may decline requests where granting the request would be prohibited by law, could adversely affect the privacy or other rights of another person, would reveal a trade secret or other confidential information, or would interfere with a legal or business obligation that requires retention or use of the data. Further, we may decline a request where we are unable to authenticate you as the person to whom the data relates, the request is unreasonable or excessive, or where otherwise permitted by applicable law.

If you receive a response from us informing you that we have declined your request, in whole or in part, you may appeal that decision by submitting your appeal using the contact method described at the bottom of this privacy statement.

You may also designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized them to act on your behalf, and we may need you to verify your identity directly with us.

7. USERS IN THE EUROPEAN ECONOMIC AREA AND UNITED KINGDOM.

If you are located in the European Economic Area (EEA) or the United Kingdom, you may have certain rights with respect to your information, including the right to:

• to request access to your personal data;
• request correction of your personal data;
• request erasure of your personal data;
• object to, or obtain a restriction of, the processing of personal data under certain circumstances;
• withdraw consent for future processing where such processing is based on consent;
• request the transfer of your personal data to another party under certain circumstances; or
• (For residents of France) send us specific instructions regarding the use of your information after your death.

Additionally, you may have the right to file a complaint with your applicable supervisory authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.

Where we are acting as a data controller under EEA privacy laws, we process your personal data (i) where the processing is in our legitimate interests (which are not overridden by your data protection interests or fundamental rights and freedoms); (ii) where we need the information to perform a contract with you; or (iii) where we have collected your consent to do so. For the sake of clarity, where we are using your information based on the legal basis of consent, we will seek consent from you independent of this Privacy Notice. You can withdraw such consent at any time by contacting us at: [email protected].

We may also process your personal data in our role as a data processor when we provide certain Services on behalf of your organization. In such cases, your company is acting as the data controller, and we are processing your information on behalf of your organization. For more information, about how your information is processed and how to exercise your data subject rights in these instances, please reach out to your company.

8. CALIFORNIA RESIDENTS.

If you are a California consumer, you may have additional rights under the California Consumer Privacy Act (“CCPA”) regarding how we use and share your personal information, including:

Notice at Collection. At or before the time of collection, you have a right to receive notice of our practices, including the categories of personal information and sensitive personal information to be collected, the purposes for which such information is collected or used, whether such information is sold or shared, and how long such information is retained. You can find those details in this statement by clicking on the above links.

Right to Know. You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information. Note that we have provided much of this information in this privacy statement.

Rights to Request Correction or Deletion. You also have rights to request that we correct inaccurate personal information and delete personal information under certain circumstances and subject to a number of exceptions.

Right to Opt-Out / “Do Not Sell or Share My Personal Information.” You have a right to opt-out from future “sales” or “sharing” of personal information as those terms are defined by the CCPA. For the purposes of the CCPA, we do not sell or share your personal information and have not done so in the past 12 months.

Right to Limit Use and Disclosure of Sensitive Personal Information. You have a right to limit our use of sensitive personal information for any purposes other than to provide the services or goods you request or as otherwise permitted by law. Note that we do not use sensitive personal information for any such additional purposes.

Right not to be discriminated against. You have a right to not be discriminated against for exercising the rights set out in the CCPA.

9. SECURITY AND DATA RETENTION.

We follow generally accepted industry standards to protect your information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction, whether in transmission or storage.

We will retain your information in accordance with applicable law and, in general, for no longer than necessary for the purposes for which your information was processed by us. Because these purposes can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. Where there are technical limitations that prevent deletion or anonymization, we will safeguard and limit the use of information as required by applicable law.

10. PUBLIC FORUMS.

The Services may, from time to time, make public chat rooms, message boards, news groups and/or other public forums available to you. All information that is disclosed in these public forums becomes public information.

11. CHILDREN.

The Services are not intended for or directed to children, and we do not knowingly collect any information from children under 13 years of age through the Services. If we learn that we have collected information from children under 13, we will promptly take steps to delete such information.

12. CHANGES TO THIS PRIVACY NOTICE.

We recognize that privacy is an ongoing responsibility and we will update this Privacy Notice as we adopt new privacy practices or as otherwise required by applicable law. When we post changes to the statement, we will revise the “Last Updated” date at the top of the statement.

If we make any material changes to this Privacy Notice, we will notify you by email or by means of a notice on InfluxData.com. In addition, where so required by applicable law, we will provide additional notice or obtain consent for such material changes.

13. CONTACT US.

If you would like to make a consumer rights request or obtain more information about exercising your rights, or if you have questions, concerns or complaints for us, you may send us an email at: [email protected] or call us toll-free at 1-800-701-0356.

You may also contact us by mail at our primary place of business:

InfluxData Inc.
548 Market St
PMB 77953
San Francisco, California 94104
Attn: Privacy & Legal