LEGAL
Read this first
This Privacy Policy sets out how NodeRelate collects, discloses, and uses personal information about you and how you can exercise your privacy rights. This Privacy Policy applies to personal information that we collect when you visit our website at NodeRelate.com (“Site”), use our products and services (“Service”), or otherwise interact with us (e.g., by attending an event or communicating with us). If you do not agree with this policy, please do not access or use our Site or Service or interact with any other aspect of our business.
This Privacy Policy does not apply to data submitted to the Service (“Customer Data”). A separate agreement (“Customer Agreement”) governs delivery, access, and use of the Service, including the processing of Customer Data. With respect to any personal information included in Customer Data, the organization (e.g., your employer or another entity or person) that entered into the Customer Agreement (“Customer”) controls its instance of the Service and any associated Customer Data. If you have any questions about a Customer’s instance of the Service and any associated Customer Data, please contact the Customer.
We recommend that you read this Privacy Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Privacy Policy, then you can click on the relevant link below to jump to that section.
This policy was last updated on 2023-06-12
What does NodeRelate do?
NodeRelate offers a data governance platform designed to increase data quality and statutory and regulatory compliance for data-driven organizations.
For more information about NodeRelate, please see our Site at https://www.noderelate.com
What personal information does NodeRelate collect?
The personal information that we may collect about you broadly falls into the following categories:
a) Information that you provide. We collect information about you when you input it into our Site or the Service or otherwise provide it directly to us.
b) Sign in via other platforms. You log in via your account with another platform (currently Azure). We will not collect the password that you use for the relevant platform, but we may collect details from your account with the platform, such as username and email address.
c) Requests and inquiries. You may choose to provide us with information when you contact us about our Service or otherwise interact with us. For example, you may choose to submit information regarding a problem you are experiencing with our Service and send us screenshots to help in resolving the problem. You may submit your contact information to register for our events, to subscribe to receive marketing communications from us, or to make an inquiry through our Site. You may also provide content to us when you participate in a survey, contest, promotion, sweepstake, activity, or event, including via social media and other content platforms.
d) Information that we collect from your device and usage. We may collect certain information about your device and how you and your device interact with us and our Site or Service. In some countries, including countries in the European Economic Area and the United Kingdom (together, ”Europe”), this information may be considered personal data under applicable data protection laws. Specifically, the information we collect may include information such as your IP address, device type, unique device identification numbers, browser-type, operating system, software installed on your device, product keys, general location information (such as inferred from an IP address), and referring URL. We also may collect information about how you and your device have interacted with our Site or Service or with us via email, including the pages you accessed, features you used, Service you purchased, links you clicked, and when you accessed and for how long. Some of this information is collected using cookies and similar tracking technology, as explained further under the heading “Cookies and similar tracking technology” below.
e) Information that we obtain from third-party sources. From time to time, we receive personal information about you from third-party sources (including social media and other content platforms, public databases, and from our business and channel partners and service providers). The types of information we collect from third parties include name, email addresses, job titles, and social media profiles. We may combine this information with information we collect through other means described above. This helps us to maintain and improve the accuracy of our records, identify new customers, deliver personalized communications, and suggest services that may be of interest to you.
What does NodeRelate use my personal information for?
We use your information for business and commercial purposes, such as to:
a) Provide, maintain, and improve the Site and Service, including system administration, system security, and adding new features or capabilities;
b) Manage your account and send you related information, including confirmations, updates, technical notices, security alerts, and support and administrative messages;
c) Respond to your comments, questions, and requests, and provide customer care and support services;
d) Communicate with you about the Service, products, offers, surveys, events, content, and other news and information we think may be of interest to you;
e) Monitor and analyse trends, usage, and activities in connection with the Site and Service and our communications to you;
f) Detect, investigate, and prevent fraudulent transactions and other illegal activities, protect the rights and property of NodeRelate and others, and comply with legal requirements;
g) Personalize and improve the Site and Service and provide advertisements, content, and features that match your profile and interests, and remember information about your preferences for the Site and Service;
h) Administer surveys, contests, promotions, sweepstakes, and other activities; and
i) Carry out any other purpose for which the information was collected.
Legal basis for processing personal information
If you are based in Europe, we collect and process information about you only where we have a legal basis for doing so under applicable European laws. This means we collect and process your information only where:
a) We need it to provide the Site or Service, including to register you as a new user, operate the Site or Service, provide technical support, and to protect the safety and security of the Site or Service;
b) It satisfies our legitimate interests, such as to market and promote the Service and to protect our legal rights and interests, which are not overridden by your own interests, rights, and freedoms;
c) It is necessary to comply with a legal obligation or in connection with a legal claim, such as to respond to judicial orders or subpoenas; or
d) You provide consent for a specific purpose, such as for marketing communications (where consent is required under applicable marketing laws).
The legal bases depend on the type of information and the purpose for our processing. In some contexts, more than one legal basis applies. When we process your information based on your consent, you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on such consent before it is withdrawn. To exercise your rights, see “Your data protection rights” below. Where we are using your information because we or a third party (e.g., your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Service.
Who does NodeRelate disCloSe my personal information to?
We disclose your personal information to the following categories of recipients:
a) Affiliate companies who help operate and improve our Site and Service (including to support the delivery of, provide functionality on, or help to enhance the security of our Site and Service), offer other NodeRelate affiliated services to you, or who otherwise process personal information for the purposes described in this policy. The protections of this policy apply to the information we disclose in these circumstances.
b) Third-party services providers who provide hosting, storage, support, payment processing, billing, communication, analysis, and other services to us, which may require them to access or use information about you. If a service provider needs to access or use information about you to perform services on our behalf, they do so under appropriate security and confidentiality procedures designed to protect your information.
c) Third-party go-to-market partners who provide referral, sale, resale, or similar go-to-market services. We may disclose your information, like your name, email address, and job title, in connection with their services. We may also disclose information to these third parties where you have agreed to that disclosure.
d) Third-party advertising and analytics partners to serve advertisements on our behalf across the Internet and to provide analytics services. These entities may use Cookies in the same way we do, to among other things, track and analyze data, deliver advertising and content targeted to your interests, and better understand your online activity.
e) Third-party platforms when you, your administrator or other Service users choose to install or enable third-party apps, add-ons or other platforms for use with the Service. Doing so may give the providers of those platforms access to your account and information about you, like your name and email address, and any content you choose to connect with those platforms. Please note that when you use third-party platforms, your use will be governed by their own terms and privacy policies.
f) Any competent law enforcement body, regulatory, government agency, court or other third party where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person.
g) An actual or potential buyer (and its agents and advisers) in connection with any actual or proposed purchase, merger, or acquisition of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this policy.
h) Any other person with your consent to the disclosure.
Cookies and Similar Technology
We use cookies and similar tracking technology (collectively, “Cookies”) to collect and use personal information about you, including to understand and save your preferences, and to compile aggregate data about Site and Service interaction.
We may also allow certain third parties (e.g., ad networks and ad servers such as Google Ads) to serve tailored marketing to you and to access their own cookies or other tracking technologies on your computer, mobile phone, or other device you use to access the Site or Service. Cookies may be associated with de-identified data linked to or derived from data you voluntarily have submitted to us (e.g., your email address) that we may share with a service provider in hashed, non-human-readable form.
You may refuse to accept Cookies by activating the setting on your browser that allows you to refuse the setting of Cookies and choosing not to opt into Cookies via the banner displayed upon your first visit to our Site. You can find information on popular browsers and how to adjust your Cookie preferences at the browser provider’s websites. You can choose to disable Cookies, but if you do, your ability to use or access all or certain parts of our Site and Service may be affected.
If you are interested in more information about tailored browser advertising and how you can generally control Cookies from being put on your device to deliver tailored marketing, you may visit the Network Advertising Initiative’s (“NAI”) Consumer Opt-Out Link and the Digital Advertising Alliance’s (“DAA”) Consumer Opt-Out Link to opt-out of receiving tailored advertising from companies that participate in those programs. Please note that to the extent advertising technology is integrated into the Site or Service, you may still receive advertising content even if you opt out of tailored advertising. In that case, the advertising content will just not be tailored to your interests. Also, we do not control any of the NAI or DAA opt-out links and are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms. If your browsers are configured to reject Cookies when you visit this opt-out page, or you subsequently erase your Cookies, use a different computer or change web browsers, your NAI or DAA opt-out may no longer be effective. Additional information is available on NAI’s and DAA’s websites, accessible by the above links.
We do not recognize or respond to browser-initiated Do Not Track signals.
We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioural metrics, heatmaps, and session replay to improve our Site and market our products / services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products / services and online activity. Additionally, we use this information for site optimization, fraud / security purposes, advertising, and all other purposes noted in Section 3 above. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
How does NodeRelate keep my personal information secure?
We use appropriate technical and organizational measures to protect the personal information that we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. However, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that information, during transmission through the Internet, or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. In particular, email sent to or from NodeRelate may not be secure, and you should therefore take special care in deciding what information you send to us via email.
International Data Transfers
In some cases your personal information is transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different from the laws of your country (and, in some cases, may not be as protective).
Specifically, our Site is hosted in a location dependent on your location. We manage and host our site using Framer, which uses AWS' global network via its CloudFront service and multiple global, load balanced front-ends with large in-memory caches. The main document of a Framer site is served from either the United States, Ireland, or Singapore. For example, if an end-user is located in the European Union, it is most likely (but not 100% guaranteed) that the site's main document is being served from Ireland, and that the assets are being served from a CDN edge location within the European Union. Our Service is hosted by Azure in one or more locations at the discretion of a given Customer, and may include any of the following countries: Australia, Brazil, Canada, France, Germany, India, Japan, Ireland, Netherlands, Norway, Poland, Singapore, South Africa, South Korea, Sweden, Switzerland, the United Kingdom, the United States. Our affiliate companies and third-party service providers operate around the world, including but not limited to the United States, Canada and Europe. This means that when we collect your personal information, we may process it in any of these countries.
Where we transfer your personal information to countries and territories outside of Europe, which have been formally recognised as providing an adequate level of protection for personal information, we rely on the relevant “adequacy decisions” from the European Commission and “adequacy regulations” from the Secretary of State in the United Kingdom.
Where the transfer is not subject to an adequacy decision or regulations, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this policy. The safeguards we use are the European Commission-approved standard contractual clauses, the UK International Data Transfer Agreement, and other appropriate legal mechanisms. This is how transfers of personal information between our group companies and with our third-party service providers will be safeguarded.
Privacy Shield / Data Privacy Framework
As NodeRelate was not previously self-certified under the EU-U.S. Privacy Shield Framework, we are not relying on this now-defunct framework for the transfer of personal data from the European Union or the United Kingdom to the U.S. However, we are eager for the European Union to adopt the draft decision on the adequacy of the EU-U.S. Data Privacy Framework. In the meantime, we rely upon this Privacy Policy to form the basis of our contract with your use of the Site, and we rely upon standard contract clauses in our Customer Agreement to govern the handling of personally identifying information managed in our Service by the Customer.
Data Retention
We retain the personal information we collect from you where we have an ongoing legitimate business need to do so (e.g., to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements). In certain circumstances, we will need to keep your information for legal reasons after our relationship has ended. For example, we may retain your data for longer than the usual retention period when we have a legal obligation to do such, to deal with and resolve requests and complaints, to protect an individual’s rights and property, and for litigation and regulatory matters. The specific retention periods depend on the nature of the information and why it is collected and processed and the nature of any legal requirement. The criteria we use to determine the retention period include:
a) How long is the personal information needed to provide the Service or operate our business? This includes such things as maintaining and improving the performance of the Service, keeping our systems secure, and maintaining appropriate business and financial records. This is the general rule that establishes the baseline for most data retention periods.
b) Is there an automated control, such as in your NodeRelate dashboard, that enables you to access and delete the personal information at any time? If there is not, a shortened data retention time will generally be adopted.
c) Is the personal information of a sensitive type? If so, a shortened retention time would generally be appropriate.
d) Has consent been provided for a longer retention period? If so, we will retain the data in accordance with your consent.
e) Is NodeRelate subject to a legal, contractual, or similar obligation to retain the data? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation, or data that must be retained for the purposes of litigation.
When we have no ongoing legitimate business need or legal reason to process your personal information, we will either delete or anonymise it or, if this is not possible (e.g., because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Your data protection rights
Depending on your location, you may have the following data protection rights. To exercise any of them see specific instructions below or contact us using the contact details provided under the “How to contact us” heading below.
a) You may access, correct, update or request deletion of your personal information by submitting a request to compliance@noderelate.com.
b) You can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information by submitting a request to compliance@noderelate.com.
c) You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you or otherwise following the directions in the emails. You can also make choices about your receipt of marketing communications through the subscription settings in your account.
d) If we have collected and processed your personal information with your consent, then you can withdraw your consent at any time by submitting a request to compliance@noderelate.com. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
e) You have the right to complain to a supervisory authority about our collection and use of your personal information. For more information, please contact your local supervisory authority. (Contact details for supervisory authorities in Europe are available here.) Certain supervisory authorities may require that you exhaust our own internal complaints process before looking into your complaint.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Children's Privacy
NodeRelate’s Site and Service are not directed to children under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information without parental consent, please contact us using the contact details provided under the “How to contact us” heading below. If we become aware that a child under 16 has provided us with personal information without parental consent, we will take steps to remove such information and terminate the child’s account.
If you are 16 or older, but have not reached your jurisdiction’s age of majority (such that you are able to enter a contract), you should only use the Service with permission from your parent or guardian.
Third-party Websites
NodeRelate’s Site and Service are not directed to children under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal information without parental consent, please contact us using the contact details provided under the “How to contact us” heading below. If we become aware that a child under 16 has provided us with personal information without parental consent, we will take steps to remove such information and terminate the child’s account.
If you are 16 or older, but have not reached your jurisdiction’s age of majority (such that you are able to enter a contract), you should only use the Service with permission from your parent or guardian.
Updates to this Privacy Policy
We may update this policy from time to time in response to changing legal, regulatory, technical, or business developments. When we update this policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will obtain your consent to any material changes to this policy if, and where, required by applicable data protection laws.
You can see when this policy was last updated by checking the date displayed at the top of this policy.
How to Contact Us
If you have any questions or concerns about our use of your personal information, please contact by sending us an email at compliance@noderelate.com.
The data controller of your personal information is NodeRelate. Our address is <address>.
Supplemental Notice for California Residents
The Supplemental notice for California residents can be found here.