Privacy Policy

Security and Privacy

Privacy Policy

Download the full privacy policy as a pdf.

Last Updated: 12/9/2019

We created this Privacy Policy because we highly VALUE your Personal Data and information.

Please read it as it includes important information REGARDING your Personal Data and information.

  1. Privacy Statement

AllCloud companies, AllCloud BSD Ltd., AllCloud Platforms Ltd., AllCloud Business Applications Ltd., AllCloud (RO), AllCloud (DE), AllCloud USA LLC (US) (all together hereinafter: “AllCloud” and/or “We”) are   leading global Cloud Solutions Providers with expertise across the cloud stack, infrastructure, Platform, and Software-as-a-Service.   AllCloud headquarters based in Israel country.

AllCloud provides cloud consulting, cloud management and reselling services (all together hereinafter: “The Services”). AllCloud develops and operates the AllCloud’s Website: www.allcloud.io  (hereinafter: “The Website”).

This Privacy Policy refers to the Services and the Website, AllCloud’s customers or potential customers, customers’ end-users, AllCloud’s employees and service providers, and the users of the Website.

This Privacy Policy sets forth our policy with respect to information that can be associated with or which relates to a person and/or could be used to identify a person, such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person, all as defined by the General Data Protection Regulation (GDPR) (EU) 2016/679  (“Personal Data”).

“Non-Personal Data,” as used in this Privacy Policy, is therefore any information that does not relate to a person and/or cannot be used to identify a person.

We may also use Non-Personal Data. The limitations and requirements in this Privacy Policy on how we gather, use, disclose, transfer, and store/retain Personal Data do not apply to Non-Personal Data.

2.     Data that we use, receive, collect, process or store and how we use it.

  • Information relating to Customers or Potential Customers, Service Providers, Employees or Candidates, Service Users, etc.:
    • AllCloud uses, receives, collects, processes or stores only that Information which is necessary to provide its services and operate its business.

We might use, receive, collect, process or store Information on potential customers, customers, employees, service providers, users of the Website etc.  This Information may include Personal data such as.: Name, Phone, Email address, Personal address, representative personal contact details, financial information (i.e. billing information, bank account information, credit card information), Social network contact accounts, employee’s health information, employee’s biometric information (i.e. finger print), employee’s and candidate CVs etc.

  • This Information provided to us voluntarily and/or through the data owner’s consent to collect and process it, and/or the processing thereof is necessary to meet contractual obligations entered into by the data owner and AllCloud, and/or the processing thereof is necessary for AllCloud to comply with its legal obligations, and/or the processing thereof is for the purposes of legitimate interests pursued by AllCloud.
  • We use this Personal Data in a manner that is consistent with this Privacy Policy and applicable laws and regulations. We may use the Personal Data as follows: 
    • Processing and Analyzing: In order to provide AllCloud’s services and operate its business, AllCloud may use the Personal Data for processing and analyzing purposes.
    • Specific Purpose: If you provide Personal Data for a specific purpose, AllCloud may use said Personal Data in connection with the purpose for which it was provided. For instance, if you contact AllCloud by email, we will use the Personal Data you provide to answer your question or resolve your problem and will respond to the email address used to contact us.
    • Internal Business: We may use your Personal Data for internal business purposes, including, without limitation, to help us improve Website content and functionality to better understand our Customers and Users, to improve our Services, to protect against, identify or address wrongdoing, to enforce our Contracts and this Privacy Policy, to provide you with customer service, and to generally manage and operate our business (e.g., pay salaries and make considerations).
    • Marketing: We may use any Personal Data you provide us with to contact you in the future for our marketing and advertising purposes, including, without limitation, to inform you about new services we believe might be of interest to you, and to develop promotional or marketing materials and provide those materials to you. If you receive direct marketing BY MISTAKE OR without your specific consent and/or YOU wish to opt-out, you ARE required to contact us at Dpo@allcloud.io .
    • Statistics: We may use any Personal Data you provide us with to generate statistical reports containing aggregated information.
    • Security and Dispute Resolution: We may use Personal Data to protect the security of our Website and Services, to detect and prevent cyberattacks, fraud, phishing, identity theft, and data leaks, to verify genuine software licenses, to resolve disputes, and to enforce our agreements.
    • Data Retention, Archives: We retain and archive Personal Data so long as it necessary to operate our business and maintain our Services, meet contractual obligations, laws and regulations, and subject to our retention policies and this Privacy Policy.
    • Transfer/Share/Disclose Data: We may share your Personal Data with our Partner, contractors and service providers who process Personal Data on behalf of the Company to perform certain business-related functions. We may provide them with information, including Personal Data, in connection with their performance of such functions. While we do so, we make sure that they are bound to maintain said Personal Data in accordance with this Privacy Policy.
    • Cloud Services: We may need to share Personal Data with our cloud service. For example, assist in protecting and securing our Website or Services the cloud service admin may need access to Personal Data to provide those functions. In such cases, the cloud service provider must abide by our data privacy and security requirements and is not allowed to use Personal Data they receive from us for any other purpose.
    • Development and Customer Service: For example, to provide customer service and support or assist in protecting and securing our systems and services our development and customer service team may require access to Personal Data. In such cases, our personnel must abide by our data privacy and security requirements and policy and are not allowed to use Personal Data for any other purpose.
    • Corporate Sale, Merger, Reorganization, Dissolution or Similar Event: Personal Data may be part of the transferred assets. You acknowledge and agree that any successor to or acquirer of AllCloud (or its assets) will continue to have the right to use your Personal Data and other information in accordance with the terms of this Privacy Policy.
    • Law Enforcement: In order to, for example, respond to a subpoena or request from law enforcement, a court or a government agency (including in response to public authorities to meet national security or law enforcement requirements), or in the good faith belief that such action is necessary to (a) comply with a legal obligation, (b) protect or defend our rights, interests or property or that of third parties, (c) prevent or investigate possible wrongdoing in connection with the Services, (d) act in urgent circumstances to protect the personal safety of Users of the Website and Services or the public, or (e) protect against legal liability.
    • Other Purposes: If we intend to use any Personal Data in any manner not consistent with this Privacy Policy, you will be informed of such anticipated use prior to or at the time the Personal Data is processed.

If you have a reasonable basis to assume or you know that any of the above mentioned is not met, you ARE required to PROMPTLY inform us, without delay, by sendING us AN email to: Dpo@allcloud.io .

  • Non-Personal Data: Since Non-Personal Data cannot be used to identify you in person, we may use such data in any way permitted by law

3.     How We Store and Transfer Information.

  • In order to provide our Services, manage and operate our business, we use third parties cloud services such as:
  • the Amazon Cloud Services which comply with the GDPR and is ISO 27001, 27017,27018 certified (for AWS full statement see https://aws.amazon.com/blogs/security/all-aws-services-gdpr-ready/. AllCloud stores some of its Information, which may contain Personal Data, at AWS cloud services in Ireland region (eu-west-1).
  • The Google’s G-suit services & Google Cloud Platform which are committed to GDPR compliance. (For Google Cloud full statement see https://cloud.google.com/security/gdpr/ .
  • Salesforce cloud services which will comply with the GDPR in the delivery of their services, certify compliance with the EU-U.S. Privacy Shield Framework and is ISO 27001, 27017,27018 certified (for Salesforce full statement see https://www.salesforce.com/eu/campaign/gdpr/ ).
  • In order to deliver our services and/or operate our business, Information, which may include Personal Data, may be processed by our third parties service providers (“Suppliers”). We transfer only the minimum data that is necessary for conducting our services. The data is transferred only to suppliers approved by us that allow compliance with GDPR.
  • Personal data may be transferred, stored, and processed in countries outside the EU or European Economic Area (EEA). Such transfer to third countries may include countries that do not ensure an adequate level of data protection as required by EU privacy laws. We implement high levels of information security techniques & technical measures and/or third parties contractual obligations to maintain their Information security level adequate to AllCloud level.
  • We may transfer Personal data to Israel country where we maintain our headquarters facilities. Israel is considered by the EU as having adequate data protection law.
  • See our Privacy Shield statements (section 6 and 7 below) for information on our practices with regard to data transferred from the EU to AllCloud USA LLC.

4.      Personal Data Security

  • We are strongly committed to protecting your Personal Data and information, and we will take reasonable technical steps, accepted in our industry, to keep your Information secure and protect it against loss, misuse or modification. However, no network, server, database or Internet or email transmission is ever fully secure or error-free. Therefore, you should take special care in deciding what information you disclose.
  • If you notice any security risks or violations, we advise you to report them to us at Dpo@allcloud.io so that we may resolve them as soon as possible.
  • We recommend that you use, disclose and share your Personal Data and information with caution and do not give out Personal Data and information unless it is necessary, as we cannot guarantee the security of data over the internet and cannot control the actions of other users of the Services with whom you choose to share Personal Data and information.
  • AllCloud implements legal, technical and organizational information security measures based on the ISO certification mechanisms specified in ISO 27001:2013 – Information Security Management Systems, ISO 27017:2015 – Information Security Controls for Cloud Services, and ISO 27018:2014 – Code of Practice for Protection of Personally Identifiable Information (PII) in Public Clouds Acting as PII Processors. AllCloud is ISO 27001, 27017 certified.

5.     Accessing, Updating, Correcting, and Deleting Information, Restricting Information Processing.

  • You may have the right to request access to some of your Personal Data being stored by us. You can also ask to correct, update or delete any inaccurate Personal Data that we process about you. The foregoing is subject to our policies and the applicable laws and regulations. In order to exercise these rights, you can contact us at: dpo@allcloud.io.
  • We may retain your Personal Data for any period permitted or required under applicable laws. Even if we delete your Personal Data it may remain stored on backup or archival media for an additional period of time due to technical issues or for legal, tax or regulatory reasons, or for legitimate and lawful business purposes.
  • You may have the right to restrict processing if one of the following applies:
    • The accuracy of the Personal Data is contested by the data owner;
    • The processing is unlawful and the data owner objects to having their Personal Data erased, instead requesting that its use be restricted;
    • Your service provider no longer needs the Personal Data for the purposes of the original processing, but the data is required by the data owner for establishing, exercising or defending legal claims;
    • The data owner has objected to processing pending verification of whether the legitimate grounds of your service provider override those of the data owner.

If you wish to object to processing, you are required to contact us at  dpo@allcloud.io.

  1. EU-U.S. Privacy Shield Framework                                                                                           
    • ​AllCloud USA LLC complies with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries transferred to the United States pursuant to Privacy Shield. ​AllCloud USA LLC has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/
    • The types of data that we processed and may governed under the EU-US Privacy shield are Personal Data related to our business Customers/prospects such as: Name, Phone, Email address, Personal address, representative personal contact details, financial information (i.e. billing information, bank account information, credit card information), Social network contact accounts, etc.
    • We collect, store and use that data for the purpose of providing our services and operating our business. For example, we may use your contact details for sales, marketing, support, billing etc.
    • Your rights to access, to limit use, and to limit disclosure: EU individuals have rights to access personal data about them, and to limit use and disclosure of their personal data. With our Privacy Shield self-certification, AllCloud has committed to respect those rights. If you wish to request access, to limit use, or to limit disclosure, you are welcome to contact us by email at dpo@allcloud.io. We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to dpo@allcloud.io.
    • We may use third parties’ services or transfer data to our affiliate’s companies, business partners, advertisers, vendors etc. all for the purpose of providing our services and operating our business. A list of specific third parties and how we secure the transferred data can be found at sections 3&4 above. AllCloud USA’s accountability for personal data that it receives in the United States under the Privacy Shield and subsequently transfers to a third party is described in the Privacy Shield Principles. In particular, ​AllCloud USA remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the principles, unless ​AllCloud USA proves that it is not responsible for the event giving rise to the damage.
    • S. Federal Trade Commission enforcement: Our commitment under the Privacy Shield is subject to the investigatory and enforcement powers of the United States Federal Trade Commission.
    • Compelled disclosure: We may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
  1. Inquiries and complaints under the Privacy Shield:                                                                     
    • In compliance with the Privacy Shield Principles, ​AllCloud USA LLC. commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union individuals with Privacy Shield inquiries or complaints should first contact ​AllCloud USA LLC at: dpo@allcloud.io. We will respond within 45 days.
    • AllCloud USA LLC has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visitbbb.org/EU-privacy-shield/for-eu-consumers  for more information and to file a complaint. This service is provided free of charge to you.
    • If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.  See Privacy Shield Annex 1 athttps://www.privacyshield.gov/article?id=ANNEX-I-introduction.

8.     General

  • This Privacy Policy does not apply to any Personal Data that you provide to third-parties.
  • This Privacy Policy applies only to the Services and Website; it does not apply to third-party websites or services linked to by the Website or whose services we distribute. Links from the Website or the distributed third-parties’ services do not imply that we endorse or have reviewed said third-party websites or services. We suggest contacting these third-parties directly for information regarding their privacy policies.

9.     Change in Terms and Conditions

The Services and our business may change from time to time. As a result, at times it may be necessary for us to make changes to this Privacy Policy. We reserve the right, at our sole discretion, to update or modify this Privacy Policy at any time (collectively, “Modifications”). Modifications to this Privacy Policy will be posted on the Website with a revised ‘Last Updated’ date at the top of this Privacy Policy.

Please review this Privacy Policy periodically, and especially before you provide any Personal Data or information. This Privacy Policy was last updated on the date indicated above. Your continued use of the Services following the implementation of any Modifications to this Privacy Policy constitutes acceptance of those Modifications. If you do not accept any Modification to this Privacy Policy, your sole remedy is to cease accessing, browsing and otherwise using the Website or our Services.

10.           Dispute Resolution

  • If you have a complaint about AllCloud’s privacy practices, you should write to us at: dpo@allcloud.io .

 

Our Contact details:

 

ISRAEL (HEADQUARTERS) GERMANY (MUNICH) ROMANIA USA (NY)
Contact Person:

Lahav Savir, DPO

Contact Person:

Diana Teashala

Contact Person:

Diana Teashala

Contact Person:

Douglas Shepard

Address:

13 Amal St., Building A, 2nd Floor.

POB: 11390

Rosh Haayin, 4809280

Tel: +972 (3) 6783868
Fax: +972 (3) 5048647

Address:

Rechtsanwaltsgesellschaft mbH
Prinzregentenstr. 78
Munich, 81675
Germany
Tel: +49 172 295 295 1

Address:

Strada George Enescu 23
Bucuresti, 010303
Romania

Address:

155 Montgomery,
Suite # 810
San Francisco

94104
California,
USA

Tel: +1 415 549 0861

 

  • We will take reasonable steps to work with you to attempt to resolve your complaint.
  • General Inquiries and complaints
    • You may have the right to lodge a complaint with a supervisory authority. However, prior to doing so, you are welcome to contact us by email at dpo@allcloud.io in order to resolve the issue for the benefit of all parties.
    • Our supervisory authorities are the Israeli, Germany and Romanian Data Protection authorities. Contact information for EU Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en.