Kasten by Veeam Privacy Notice
(Last updated on June 9, 2021)
Kasten is committed to protecting your privacy and to complying with all applicable data privacy laws. This Privacy Notice tells you about Kasten’s practices with respect to the collection, use, processing, storage, transfer, protection, and/or disclosure of Personal Information. Kasten does not collect, use, or share Personal Information except as described herein.
In this Privacy Notice, we cover the following issues:
- Who Are We?
- Scope of This Notice
- Collection of Personal Information
- Use of Personal Information
- Disclosure to Third Parties, Service Providers, and Others
- Your Data Privacy Rights
- Data Security
- Storing Personal Information
- Children’s Privacy
- Links to Third Party Websites
- Changes to This Privacy Notice
Who Are We
Kasten is an award-winning leader in Kubernetes Backup and Disaster Recovery. We help enterprises overcome Day 2 data management challenges to confidently run applications on Kubernetes. Kasten is part of Veeam Software, which is a global organization.
Under the General Data Protection Regulation (“GDPR”), Kasten, Inc. is the “data controller” for Personal Information collected that is subject to this Privacy Notice. The address for Kasten, Inc. is:
8800 Lyra Drive, Suite 350
Columbus, Ohio 43240
In addition, you can email us with any questions about this Privacy Notice at firstname.lastname@example.org.
Scope of this Notice
This Privacy Notice applies to Personal Information (as defined below) that we may collect through the following:
- Our website, kasten.io, including any subdomains or affiliated websites that connect to this Privacy Notice, as well as any other Kasten-branded digital properties;
- Interactions with current and prospective customers, including, for example, free product downloads, requests for marketing materials or other product information;
- Professional events, industry conferences, including events hosted or sponsored by Kasten; and
- Third-party websites and platforms where your contact information or other Personal Information is public and available to other users.
Collection of Personal Information
Personal Information (“Personal Information”) refers to information that can be used to identify, either directly or indirectly, an individual to whom the information applies. As used in this Privacy Notice, Personal Information has the same meaning as “personal information,” “personal data,” “personally identifiable information,” or any similar term referenced in applicable law. Aside from publicly available information, Personal Information that Kasten collects is a function of how you interact with us. Below is a chart that lists what Personal information may be collected:
Personal Information Collected May Include
Visiting Our Websites
For more information, see “Cookies” below.
Third-Party Sites or Platforms
Participating in Online Kasten Forums
Request Marketing Materials (including newsletters, white papers, etc.)
Request Product Downloads
Interactive Website Elements (e.g., Forums or Blog Comments)
Except for publicly available information or information we collect via cookies and similar technologies (see below), all the above-mentioned Personal Information is collected from you. In some cases, it is collected from you directly by Kasten (such as when you input the information into our website to download certain materials); in other cases, it is collected by a Kasten partner and shared with Kasten (such as when (i) you register for an industry conference where Kasten is a sponsor, (ii) you click on a Kasten advertisement on a third party platform, (iii) you purchase a product from an authorized reseller of Kasten products and the order is provided to Kasten, or (iv) you register for a course related to Kasten software and/or seek certification from Kasten).
Your Personal Information will be stored only for the time period necessary to fulfill the purposes outlined in this Privacy Notice, unless otherwise required or permitted by law.
Use of Personal Information
We use the Personal Information we collect for the following purposes:
- To Provide Requested Information or Materials. For example, we may use Personal Information to deliver materials requested about a specific product, to answer a question asked about how a product works, or to deliver a requested product download or license keys for product licenses purchased.
- To Market Our Products and Services. For example, we may use Personal Information to provide marketing and promotional information about products and services that Kasten offers. Information you have provided to third parties may be combined with information we already have about you and may be used to create more tailored advertising and products. For information about how you can opt-out of receiving marketing communications from us at any time, or withdraw your consent to receive such communications, see the section titled “Your Data Privacy Rights.”
- For Business Analytics. For example, we may use Personal Information to track behavior at the aggregate/anonymous level to identify and understand trends in usage and the various interactions with our websites and marketing content and determining the effectiveness of our marketing.
- For Website Optimization. For example, we may use Personal Information to administer our website and for internal operations of the website, including troubleshooting, data analysis, testing, research, and statistical purposes; to improve user experience; and as a part of our efforts to keep our websites safe and secure.
- To Comply With Our Legal Obligations. For example, we may use Personal Information to identify website visitors, including for account authentication purposes; to carry out our obligations and enforce our rights arising from any agreement to which Kasten is a party; and to respond to valid legal requests for information.
- Fraud Prevention. For example, we may use Personal Information to prevent, protect against, investigate, or prosecute any fraud, abuse, or other misuse or illegal activity using our products or services.
- Legal Claims. We may use Personal Information to establish or preserve a legal claim or defense against a legal claim.
- Other Purposes Related to Your Interactions With Kasten. For example, we may use Personal Information to register you for an event, offer you the opportunity to participate in contests or promotions, to provide you with contest prizes or promotional materials (subject to any terms and conditions related to such contest or promotion), to create an account for you on our websites, to provide customer service (if you are a customer), to respond to a specific question, or to register you for courses or certifications that Kasten or its partners may offer.
Kasten will only collect, use, or share Personal Information for the purposes disclosed to you in this Privacy Notice.
Note that some of Kasten’s websites contain interactive elements, such as discussion forums and blogs that allow individual users to publish their own content which will then be made available to other users. Any information posted on these blogs and forums becomes public, which means it could be read, collected or used by other users in any manner.
Lawful Bases for Processing. In certain jurisdictions, we may only process Personal Information if we have a lawful basis on which to do so. The lawful bases for the processing described above includes:
- Performance of the Contract. Sometimes, such as when we use your contact information to send you information you have requested, the reason we process Personal Information is to perform the service which you have requested of Kasten.
- Legitimate Interests. In many cases we process data because it is in our legitimate interest to do so, and that interest is not overridden by your privacy interests. This applies, for example, when we process Personal Information as part of our fraud prevention program, where our legitimate interest is in ensuring the appropriate use of our services and products, or to collect business analytics data, where our legitimate interest is in improving our business, services, and products.
- In some cases, we do not process your Personal Information unless we have your consent to do so. In particular, we will not send you marketing materials unless you have consented to receiving them.
- Legal Obligation. In some cases, we collect, process, and share Personal Information because we have a legal obligation to do so. For example, if we are subject to valid legal process, we may have no choice but to provide the sought after information.
Disclosure to Third Parties, Service Providers, and Others
Kasten may share Personal Information with our worldwide partners (e.g. marketing, education, distribution, and reseller partners, online marketplaces, data hosters and other service providers to or for Kasten) to perform one or more of the functions or purposes outlined above on Kasten’s behalf.
Specifically, we may disclose Personal Information that we collect or that you provide to us in the following circumstances:
- To our partners, service providers and other third parties with whom we share Personal Information to support our efforts to provide the services and products we offer (e.g. to analyze data, host data, provide customer support, teach courses related to our products, and deliver online and offline marketing communications).
- As required by law, such as to comply with any court order, subpoena or other law or legal process, or when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a governmental or regulatory request.
- To related Kasten entities, for customer support, marketing, technical operations, and account management purposes.
- To a buyer or other successor in the event of a merger, sale or transfer of some or all of Kasten’s assets.
Third parties with whom we share Personal Information are bound by all relevant and applicable data privacy laws and/or terms of confidentiality.
What is a “Cookie”?
A cookie is a small text file that is sent to or accessed from your web browser or your computer's hard drive. A cookie typically contains the domain from which the cookie originated (e.g., kasten.io), the “lifetime” of the cookie (i.e., when it expires) and a randomly generated identifier. A cookie also may contain device-specific information, such as information about the browser, the operating system, etc. When a user visits www.kasten.io (or any of the Kasten websites), our server recognizes the cookie, giving us information that helps us to calibrate the user’s experience (e.g., if the user chose a specific language in which to view the website). And when combined with information on cookies from other users, this gives us a broad picture over time about how visitors use Kasten’s websites.
Types of Cookies
Cookies can be categorized by the role or purpose they serve on a website. For Kasten’s websites, these purposes include:
- Strictly necessary cookies, which are required for the operation of the website, such as to enable users to register or log in to the website.
- Functionality cookies, which are used to recognize visitors when they return to the website and allow other aspects of the website to function as intended.
- Analytical/performance cookies, which allow us to recognize and count the number of visitors to our websites, to learn how users navigate the websites, and to help us to improve how the website functions.
Many browsers accept cookies automatically, but you can adjust the settings in your browser to disable this automatic acceptance of cookies. How you control this will be different on different browsers. Note that if you choose not to accept cookies, you may experience limited functionality of our websites.
A “web beacon” (also known as a clear gif and pixel tag) helps us better manage the content of our website by informing us of what content is effective. A web beacon is incorporated into a web page or an email to keep track on a user’s activity on the page or the email. Just like a cookie, a beacon tracks a user’s visit and sends the data to the server, however, unlike cookies, a web beacon cannot and is not used for identification purposes, nor can it store any data on your computer.
Your Data Privacy Rights
Kasten is a global company, and we collect personal information from individuals all over the world. We strive to comply with all applicable privacy and data security laws around the globe, including GDPR, the California Consumer Privacy Act (“CCPA”), and other applicable laws. To that end, we offer a number of tools to help maximize your control over the information Kasten may have about you.
You can manage what information you receive from Kasten about products and services and how such information is received by specifying your communication preferences and subscription details at the subscription preferences page.
If you wish to discontinue receiving marketing and/or non-transactional e-mails from us, you may do so by using an "unsubscribe" link in any email. Note that this does not apply to transactional emails related to users’ business relationship with Kasten.
In the event you choose not to provide certain Personal Information, we may not be able to respond completely or adequately to your questions, provide updates, and/or information about our products and services. We will however continue to use your Personal Information for the limited purpose of sending you important notices relating to information about your purchases, changes to our policies and agreements, or for other reasons permitted by applicable law.
Your GDPR and California Privacy Rights.
Where GDPR and CCPA applies to the Personal Information we have collected, you may have certain rights you can exercise under certain circumstances. These may include:
- Right of Access/Right to Know/Right to Data Portability: You have the right to request that Kasten disclose to you the Personal Information we collect, use, or share about you, as well as information about our data privacy practices.
- Right of Erasure/Deletion: You may have the right to request that we delete the Personal Information that we have collected from you or about you.
- Right to Object: You may have the right to object to, or opt-out of, certain processing Kasten undertakes with your Personal Information.
- Right to Rectification: You may have the right to correct any incomplete or inaccurate Personal Information Kasten may hold about you.
- Right to Non-Discrimination: Kasten will not discriminate against you for exercising any of these rights.
- Right to Lodge a Complaint: Under GDPR to lodge a complaint with an appropriate data protection authority if you have concerns about how we process your Personal Information.
Kasten does not “sell” your Personal Information
For any other requests to exercise your GDPR and CCPA privacy rights, please email us at email@example.com.
Note that to protect the security, confidentiality, and integrity of your Personal Information, we may need to verify your identity before processing your request. In some cases we may need to collect additional information to verify your identity, such as a government issued ID.
Finally, under the CCPA you may exercise these rights yourself or you may designate an authorized agent to make these requests on your behalf. If you choose to do that, we may seek additional information to ensure that you have actually designated the agent to make the request.
Kasten takes the security of Personal Information seriously. To protect Personal Information against accidental or unlawful destruction, loss or alteration, Kasten uses risk-based technical and organizational security measures reasonably designed to prevent any unauthorized disclosure or access. For example, Kasten has implemented strict security controls, intrusion detection software and processes to alert us in the case of a potential or actual intrusion of our information systems.
Storing and Transferring Personal Information
Kasten is part of Veeam Software’s global organization. So the information you provide to Kasten may be transferred or accessed by Kasten corporate entities around the world. No matter where Kasten stores or accesses Personal Information, it is collected, used, shared, and protected in accordance with this Privacy Notice.
Kasten uses approved Standard Contractual Clauses for the transfer of Personal Information collected in the European Economic Area and Switzerland to third countries.
Kasten also abides by the Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules System. The APEC CBPR system provides a framework for organizations to ensure protection of Personal Information transferred among participating APEC economies.
Kasten will not knowingly collect Personal Information from any person that is not a legal adult, as defined by local law, without insisting that they seek prior parental consent, if such consent is required by applicable law. Kasten does not target children in connection with its products, services, and websites. In the event Kasten uses or discloses Personal Information of a person that is not a legal adult, Kasten will seek parental consent pursuant to local laws and regulations in order to protect the person that is not a legal adult.
Links to Third Party Websites
Kasten is only responsible for privacy practices of Kasten and its websites. Kasten’s website may contain links to other websites for additional information and convenience. Kasten does not control those other websites, endorse or make any representation about other websites, and is not responsible for the privacy practices of those other websites.
Changes to This Privacy Notice
As a technology company, our systems will mature and change as will this Privacy Notice. Changes to this Privacy Notice with the most recent revision date will be posted at www.kasten.io. We will take steps to notify you of the material changes to this Privacy Notice by posting the changes here or contacting you by e-mail.
Kasten is committed to responding to reasonable requests to review any of your Personal Information we may have and to amend, correct, or delete any inaccuracies. To have your information amended, corrected, or deleted, or if you have any questions that weren’t answered in this Privacy Notice, you can contact us at firstname.lastname@example.org.