Updated September 7th, 2021
This Website is owned and operated by, or on behalf of, Svix Inc. (“Svix”, “we”, “our” or “us”). We are the data controller in respect of personal information of our users based in the European Union. In the case of the private information processed by Svix during the use of the service (“Customer PI”), we are a data processor.
When you access or use the Services we automatically collect information about you, including:
We may also obtain information from other sources and combine that with information we collect through our Services for purposes of advertising and user authentication. For example, if you create or log into your Svix account using your Google Apps credentials via single sign-on, we will have access to certain information such as your name and email address as authorized in your Google Apps profile settings.
We may use information about you to:
We may also share aggregated or de-identified information, which cannot reasonably be used to identify you.
In addition, your data may be processed by some third parties that are required for the normal operation of the business. This includes, but is not limited to, service providers acting as processors based inside and outside the EU, who provide IT, system administration and secure cloud-based information services, as well as professional advisers acting as a as processors or joint controllers including lawyers, bankers, auditors and insurers based inside and outside the EU, including in the United Kingdom, who provide consultancy, banking, legal, insurance and accounting services.
Such providers include: Amazon Web Services, Auth0, Stripe, Google Apps, Slack, Mailgun, DocuSign, Close.
We are required to state the lawful basis under which we process the personal data of our users from the European Union. Accordingly, the lawful bases upon which we process your personal information are as follows:
The Website may, from time to time, contain links to external sites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. We are not responsible for the privacy policies or the content of such sites.
In the case of personal information we handle or receive on behalf of a customer in connection with their access to, and use of, our Platform (“Customer PI”), we have no direct relationship with the customer’s employees or other individuals with whom that customer may interact with respect to the Platform. If you are such an employee or individual and are seeking access to, or would like to correct, amend or delete, Customer PI, you should direct your query to the applicable customer. We will respond within a reasonable timeframe to a customer’s request to remove Customer PI. Please note that the foregoing will not limit EU individuals from making certain requests relating to their personal data as provided in Your Rights below.
We will not use Customer PI except for the purpose of providing and supporting the Services for the applicable customer. Customer PI will be retained for as long as needed for that purpose and as necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
We take reasonable steps, including physical, technical and organisational measures, to protect your personal information from unauthorised access and against unlawful processing, accidental loss, destruction and damage. Unfortunately, transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information submitted to us.
Your personal information will be retained by Svix for the duration of your account and may be retained for a period after this time as necessary and relevant to our legitimate interests, our terms of agreement with you and in accordance with applicable legal obligations. This may include retention necessary to meet our tax reporting requirements as well as time required to enforce the relevant terms of agreement or to identify, issue or resolve legal proceedings.
We may retain a record of your stated objection to the processing of your data, including in respect of an objection to receiving marketing communications, for the sole legitimate purpose of ensuring that we can continue to respect your wishes and not contact you further, during the term of your objection.
Some of our External Third Parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
EU individuals have rights in relation to their personal data which is processed by Svix. If you are an EU data subject, you may, by emailing us at email@example.com:
If the requested EU Data is Customer PI, please include the name of the applicable customer in your request; we will refer the request to that customer to respond directly to you and will support them as needed to respond to your request.
Our customers may access, update or change personal information they have provided by logging into the Services or emailing us at firstname.lastname@example.org.
Subject to the terms of their agreements with us, Customers may deactivate their accounts by emailing us at email@example.com, but note that we may retain certain personal information as necessary to comply with our legal obligations or for legitimate business purposes, such as to resolve disputes or enforce our agreements. We may also retain cached or archived copies of personal information for a certain period of time.
If you are an individual with whom one of our customers interacts with respect to the Services (e.g., an employee of a customer), as noted above, you should direct any requests regarding access, modification or deletion of personal information to the applicable customer.
You may opt out of receiving promotional emails from Svix by following the instructions in those emails or by emailing firstname.lastname@example.org. If you opt out, we may still send you non-promotional emails, such as those about your account or our ongoing business relations.