Last Updated: March 6, 2020
Effective Date: March 6, 2020
Etix Everywhere is now part of the Vantage group of companies. This policy explains more about how Etix Everywhere and the Vantage group of companies make use of personal information.
1. Who We Are
Vantage Data Centers Management Company, LLC is a limited liability company formed in the State of Delaware with registered offices in Santa Clara, California (“Vantage Americas”). Vantage Data Centers Luxembourg Holding Company SARL is a Luxembourg based company (“Vantage Europe”), which now owns Etix Everywhere SA and its subsidiaries. Vantage Americas and Vantage Europe make up a larger group of companies (together, the “Affiliates”) operating worldwide in the Americas, EMEA and APAC (collectively, “Vantage”, or “we”, “us”, “our”).
2. This Policy at a Glance
Please read carefully through the information in this Policy and do not hesitate to contact us with any inquiries. Please see Section 15 “Contact Us” which explains how to get in contact with us.
This Policy covers each of the following topics as it relates to your privacy:
- Who We Are
- This Policy at a Glance
- Categories of Information We Collect
- How We Collect Your Information
- How We Use Your Information
- Legal Basis for Use
- Your Rights
- How We Protect Your Information
- Where Your Information Is Stored
- Storage Period
- Links to Other Websites
- Sharing of Your Information
- International Transfers
- Automated Decision-making
- Contact Us
3. Categories of Information We Collect
We may collect information that relates directly or indirectly to you, including the following categories of personal information:
- personal identifiers like your name, contact details, or IP address;
- communications preferences, including by email;
- commercial information and customer history like the services you purchased;
- biometric information to ensure secure access to our data centers;
- data center access logs (including date, time, location, and badge details) and CCTV footage;
- internet or other similar network activity like your browsing history; and
- location based on your IP address.
4. How We Collect Your Information
We may collect information related to you from your interactions with our Website, or as a customer, service provider or third party in relation to the services we provide. In particular, we may collect information in the following ways:
Through our Website
Our web servers collect our visitors’ domain names and IP addresses. Certain technologies we use (including cookies) may also collect your browser type and version, browser plug-in types and versions, operating system and platform, information about your visit, interfaces you viewed, information you searched for, and length of visits to certain pages. Similarly, we may collect this information from customers through our customer portals hosted by the same domain.
We may also collect certain information on our Website when you fill out a form, communicate with us through our Website or send email messages generated through our Website, such as your name, company name, email address, telephone number and questions, comments, suggestions and any other information provided by you.
Through website cookies
A “cookie” is a small file that may be stored on browsers or devices by websites or placed on your computer’s hard drive. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We may use traffic log cookies to identify which pages are being used and let us know when you visit a page of our Website. This helps us analyze data about web page traffic and improve our Website to tailor it to our clients’ needs. We use this information for statistical analysis purposes. Overall, cookies help us provide you with a better Website, by enabling us to monitor which pages you find useful and which you do not.
Through website tagging
We may also use internet beacons (also known as “tags”) and other tracking technology and use them with third-party service providers in web analysis which may be in a foreign country (meaning information may be stored in a foreign country including your IP address, please see Section 13 “International Transfers” below).
These tags can be placed in online adverts, which allow users to access the Website and also on the pages contained within these links. This technology allows Vantage to evaluate the responses of Website visitors and the efficacy of its service (for example, the number of times a page is visited, and the information consulted), as well as collect Website usage information that corresponds to you.
The service provider will be able to collect information of the Website visitors, as well as that of other sites visited, using these tags, as well as create reports on Website activity for us, and supply other services relative to the Website.
Through providing our services to you
You may give us information when you request or use our services, including by your using our information and communications systems (e.g. filling in sign-up forms), when you correspond with us by phone, email or otherwise, and when you report a problem with our services.
We may also collect your information as part of our continued efforts to keep our facilities secure and ensure your safety. All staff, customers and visitors seeking access to our premises must comply with our Access and Badge Policy and complete our Badge Access-Request Form to access our facilities. This form requests certain personal information, including your name, title, badge ID number, contact information and signature, so that we can verify your identity and ensure appropriate access to our facilities. We may also collect information regarding your access authorization level as well as certain biometric data (such as fingerprint scans and optical scans) depending upon the location of the data center. All biometric data collected by Vantage is stored in an encrypted format. We provide a copy of our Access and Badge Policy to individuals requiring secure badge access and who complete our Badge Access Request Form.
In addition to the types of information above, in the course of carrying out the above purposes we might also gather:
- business contact information, including business name, employee name, office location, business position and role function;
- a record of any correspondence between you and us;
- details of your usage of our systems and data centers, and the resources that you access;
- in respect of services you may request we provide, security safeguards at our data centers, including use of CCTV footage (as to which see more details below), access log records, video and tele-conferencing, fingerprint scans, and use of optical scanners which may collect data on your smartphone screens (e.g. QR codes);
- information we may require from you when you report an issue on a data center or on our systems; and
- a record of any access requests you have made on our systems.
Where information is required for us to provide you a service or enter into a contract, failure to provide such information, provision of inaccurate information, or requests to delete your information may result in us being unable to provide the service to you.
Vantage services are not designed for or directed to children under the age of 16, and we will not intentionally collect or maintain information about anyone under the age of 16.
Through CCTV surveillance of our data centers
We prioritize the physical security of our data centers and undertake various safeguards to ensure the safety of our staff, customer and visitors and the security of our facilities, including by maintaining closed-circuit television (“CCTV”) or video surveillance systems on-site at each of our data centers.
These CCTV recordings may contain video footage and images recorded on camera at our premises. The CCTV cameras are installed at the entrances to our facilities including external cameras and interior cameras in the lobby or reception area. The CCTV system captures video footage of entry and exit points of our buildings, entry and exit points inside the building, including internal corridors and entry points to secure areas within the building, delivery areas, any garage or parking areas and outer areas adjacent to the building. CCTV cameras are placed and focused on people intending to access or accessing our premises or adjacent facilities, such as parking.
Our CCTV systems help us to:
- control access to our data centers;
- secure property and information located or stored on our premises;
- ensure the safety of our staff, customers and visitors; and
- prevent, detect, deter and investigate (if needed) any unauthorized physical access to our premises, any theft of equipment, assets or property of Vantage or its staff, customers, or visitors, or any threats to the safety of our staff, customers or visitors while on our premises.
5. How We Use Your Information
The information that we collect from you may be used in one or more of the following ways:
- To personalize your experience: Your information helps us to better respond to your individual needs, including to facilitate navigation of our Website and the management and monitoring of services offered to you.
- To discuss the provision of, or provide you with our products and services: We retain your information to continue to provide you with our products and services, including retaining commercial information regarding your prior transactions.
- To improve our Website: We continually strive to improve our Website based on the information and feedback we receive from you. This information is used to diagnose problems with our server, to measure the number of visits and number of pages viewed and to register methods by which our Website was directed to and methods used for viewing our Website. We will also use this information to evaluate how you use our Website and how we can improve the content of our Website.
- To improve our products and services: We also continually strive to improve our products and services based on the information and feedback we receive from you, including any optional customer satisfaction surveys.
- To improve client service: Your information helps us to respond more effectively to your client service requests and support needs.
- To improve security: Your information can help us to prevent and combat online fraud, such as site use and IP address information. It will also help us maintain security at our data centers, and CCTV recorded footage and images may be used for incident report substantiation. CCTV recorded footage can only be accessed by security staff with certain authorizations and such access is highly limited.
- To send periodic emails: With your consent, the email address you provide may also be used to send you information and updates pertaining to your services, in addition to receiving occasional company news, updates, related product or service information. Please note you may have your name removed from our direct email marketing lists by contacting us at any time by sending an email to [email protected]. Please enter your email address and type “Please remove me from all email lists.”
6. Legal Basis for Use
To collect, use, store, process or share your personal information, we rely on a legal basis under the Data Protection Legislation for doing so, which generally includes one of the following grounds:
Performance of a contract:
Where the information collected from you is required to fulfil a contract with or to provide a service to you, the processing of the information is lawful. This will often be the case where the contract cannot be entered into or completed without the information in question.
Compliance with legal obligations
Information may also be required for us to meet our legal or regulatory responsibilities, such as disclosures to relevant governmental authorities or regulators.
If consent is the legal basis, Vantage will always obtain explicit consent from you to collect and process your information. Transparent information about our usage of your information will be provided to you at the time that consent is obtained and your rights with regard to that information explained. This includes your right to withdraw such consent to processing at any time by getting in contact with us (please see Section 15 “Contact Us” below). This information will be provided in an accessible form, written in clear language and free of charge.
If the processing of specific personal information is in our legitimate interests and that outweighs any effect on your rights and freedoms, then this legitimate interest will be the lawful reason for our processing. Our main legitimate interest is to continue to develop our business and improve the performance of Vantage. For example:
- to prevent fraud or other criminal activities;
- to carry out our contractual obligations with other customers or suppliers e.g. information included in purchase orders, quality documentation, email correspondence and contracts between us and our customers;
- to provide you with a more personalized service, including tailoring content and resources to your preference and in a format most effect for your device;
- to meet our legal and regulatory requirements;
- assurance of network and information security, including access management to prevent unauthorized access to our systems and preventing malicious software distribution;
- assurance of the safety and security of employees and other visitors to our data centers;
- assurance of the security of our facilities and assets, and personal belongings (where relevant);
- to benefit from cost-effective services (e.g. we may opt to use certain IT platforms offered by service providers);
- to create aggregated and anonymized information and other research and development purposes to improve the performance of Vantage;
- to exercise our rights under Articles 16 and 17 of the Charter of Fundamental Rights in the EU, including our freedom to conduct a business and right to property;
- to enable employees to interact with one another; and
- to meet our corporate and social responsibility objectives.
To the extent applicable, we may also rely on the following grounds to process your information: if it is necessary to protect your or another person’s vital interests or safety; or if it is widely considered to be in the public interest.
7. Your Rights
You may have specific rights under the Data Protection Legislation depending on where you reside.
If you reside in the European Union or the GDPR otherwise applies, you have, in relation to your information, the following rights to:
- request access to your personal information. This enables you to receive a copy of the personal information we hold about you;
- request correction of your personal information. This enables you to have any incomplete or inaccurate information we hold about you corrected;
- request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to use it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below);
- request the restriction of collecting and using your personal information. This enables you to ask us to suspend the usage of personal information about you, for example if you want us to establish its accuracy or the reason for processing it;
- request the data portability of your personal information to another party;
- withdraw consent. Where consent is the legal basis for our processing, you can withdraw your consent for such processing at any time by getting in contact with us (please see Section 15 “Contact Us” below);
- object to processing of your personal information. Where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation you may bring this to our attention if you want to object to processing; and
- specify guidelines regarding the use of your information after your death.
To meet your request, we may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
8. How We Protect Your Information
We are committed to protecting your personal information from unauthorized access, use or disclosure. We use various security measures and procedures to protect the information we collect from you, including firewalls, cyber defense such as anti-spamware and anti-malware tools, encryption and limited access controls.
9. Where Your Information Is Stored
We store information you provide to us on computer systems located in a controlled facility based in the European Union and the United States, which has limited access.
The information you provide in relation to services we offer are primarily stored on servers within the premises of the relevant data center. For remote access by customers, we have developed a cloud platform on which a partial copy of the data is pushed from the local data center servers when required. The cloud platform is hosted on its own servers located in data centers in France, the USA and Canada, with a back-up servers in the USA and Luxembourg.
10. Storage Period
We only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for (see Section 5), including for the purposes of satisfying any business, legal, accounting, or reporting requirements.
In particular, we will keep your contact details:
- when you are one of our customers, for as long as we continue to provide the service to you and for a reasonable time period thereafter; and
- in relation to CCTV recorded footage, for as long as permitted and/or required by applicable laws in the location of the premises (for example, in the European Union, CCTV recorded footage is retained for up to 30 days, and in the United States, it is retained for up to 90 days). After that time period, any CCTV recorded footage is automatically deleted unless it is evidence in an ongoing investigation or otherwise required to be retained by law.
12. Sharing of Your Information
Sharing with our Affiliates
We share your personal information with our Affiliates as part of our regular reporting activities on company performance, supervision and oversight of our business, in the context of a business re-organization or restructuring exercise, for system maintenance support and for hosting of data.
Sharing with governmental authorities or insurance companies
We share your personal information with different governmental authorities, institutions or agencies (or similar) where necessary in order to comply with the law, or otherwise desirable, for the purpose of their regulatory tasks. We also may disclose your personal information with insurers as part of our, others legitimate, insurance arrangements. In particular, as access control and CCTV footage are a core aspect of the security measures that support our services and help to deter and investigate any threats or unauthorized access to the data center infrastructure, we may need to disclose such information. We may also need to share your personal information with a regulator or to otherwise comply with the law.
Sharing with other third parties
We may share your personal information with third-party service providers which carry out services on behalf of Vantage (such as third-party marketing service providers). In such cases, we still control your personal information and will take steps designed to ensure it is properly safeguarded by committing the service providers to process your information for specified purposes and in accordance with our instructions, and to apply appropriate security measures to protect your personal information in line with our policies.
The categories of the third-party service providers who handle personal information on our behalf, and the nature of the work that the provider carries out for us, include marketing services such as mailing support and analytics providers, third-party security services (providing on premises staff to physically patrol sites and review CCTV footage, badge access and similar measures to ensure physical security) and website hosting and cloud services. A more detailed list of service providers that process customer personal data can be found by accessing our customer portal.
We may share your personal information with other third parties and their advisers in the context of the possible sale, merger or restructuring of our business.
13. International Transfers
We may share your personal information internationally for the purposes set out in this notice. We may do so to our headquarters in the USA and to our Affiliates in, Belgium, Brazil, Canada, Colombia, France, Germany, Ghana, Iceland, Italy, Morocco Poland, Sweden, Switzerland and the United Kingdom. Any data transfers of your personally identifiable information outside of the European Union are subject to appropriate safeguards that Vantage has in place.
Where we share information between Affiliates, we do so using a set of standard contractual clauses approved by the European Commission. A copy of those clauses is available here: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc_en.
14. Automated Decision-making
You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making. There will always be human intervention into decisions based on automated processing, including automated analytics, testing, profiling. However, if this position changes, or there is a need and lawful base to do so, we will update this Policy accordingly.
15. Contact Us
If you would like a copy of the information held on you, to exercise any of your other rights, or if you have any questions about this Policy, please feel free to contact us at:
Vantage Data Centers Luxembourg Holding Company SARL
2 rue Peternelchen
Attention: Chief Information Security Officer
Email: [email protected]
Vantage Data Centers Management Company, LLC
2820 Northwestern Parkway
Attention: Chief Information Security Officer
Email: [email protected]
If you believe that we have operated in a manner inconsistent with or in violation of this Policy, please write to or email us at the above address.
If we do not remedy an inconsistency or problem to your satisfaction, you have a right to lodge a complaint with a supervisory authority in your place of residence or work, or the place where the problem occurred. An up-to-date list of supervisory authorities can be found on the European Data Protection Board (EDPB) website here: https://edpb.europa.eu/about-edpb/board/members_en.
For example, for Luxembourg, this is the Commission Nationale pour la Protection des Données (CNPD), and for France, this is the Commission Nationale de l’Informatique et des Libertés (CNIL).
We may revise this Policy from time to time. Updates to the Policy will be posted on our Website and will be posted at least 30 days before coming into effect.
We will also take steps to provide you with notice when we make any updates to this Policy which might have an adverse effect on you. We will communicate these in the usual way that we communicate with you.