SoftLayer utilizes great care in keeping the information of the users of the Site (including customers) (“Users” or “You”) private and secure. SoftLayer adheres to the U.S.-Swiss Safe Harbor Framework as well as the Safe Harbor Principles as agreed to and set forth by the United States Department of Commerce and the European Union (“EU”), http://www.export.gov/safeharbor/. This Privacy Agreement demonstrates our firm commitment to maintaining the privacy of all data collected, and describes the information we collect; how we use, disclose, and share that information; and how we protect the information. Capitalized terms not defined in this PA are defined in the Terms of Service. This PA applies only to the Services and does not apply to Third Party Services, which are governed by their own privacy policies. For customers located in Germany, You and SoftLayer further agree to the German Data Processing Addendum, which is located at http://www.softlayer.com/legal/.
SoftLayer collects data related to our users through the following methods:
The data collected may include information about the User from forms, registrations and transactions (such as name, title, address, company, phone number and e-mail address), financial/transaction information (such as credit card, card verification value (cvv), and payment information), information about use of the Site (such as electronic communications protocols, web pages visited, and cookies) and User preferences and privileges. To the extent that this information is transferred to a country outside the European Economic Area or another country deemed “adequate” by the European Commission, SoftLayer will comply with both any data protection laws of the country to which the information is transferred, as well as the data protection provisions of the European Commission. “PII” when used in this Privacy Agreement refers to the Customer account Information provided by You to SoftLayer to maintain the relationship described in the MSA. PII does not include Customer Content in any form.
Cookies on the Site may collect the following information: a unique identifier, User preferences and profile information used to personalize the content that is shown, and User information to access SoftLayer's user forums. Some cookies used by softlayer.com may remain on the user's computer after the user leaves the Site, with the majority set to expire within 30 to 365 days, although some cookies may be of longer duration. Cookies may also be of benefit to You by creating a more streamlined login process, keeping track of shopping cart additions or preserving order information between sessions. In the future, as we enable further customization of the Site, cookies will help in ensuring that information provided to You will be the most relevant to Your needs. Browsers provide You with information and control over cookies. You can set Your web browser to alert You when a cookie is being used. You can also get information on the duration of the cookie and what server Your data is being returned to. You then have the opportunity to accept or reject the cookie. Additionally, You can set Your browser to refuse all cookies or accept only cookies returned to the originating servers. You can generally disable the cookie feature on Your browser without affecting Your ability to use the Site, except in some cases where cookies are used as an essential security feature or to provide functionality necessary for transaction completion.
Users visiting the site through an IP address that is associated with (a member state of) the European Economic Area ("EEA Users") will by default only receive cookies that expire once they leave the website. This may result in reduced website functionality. EEA Users may opt-in to the receipt of cookies of a longer duration by giving their consent in a pop-up window or bar shown at the homepage of the website. Following their consent, EEA Users will receive all cookies discussed above and full website functionality will be available. EEA Users may choose to revoke their consent at any time by deleting all cookies associated with SoftLayer through their browser settings (as discussed above).
We may also engage third parties to track and analyze non-personally and personally identifiable website data and to serve advertisements. To do so, we may permit third parties to place cookies on devices of Users of our Site, where permitted by law, and subject to Your right to opt out through the Site. We use the data collected to help us administer and improve the quality of the Site and to analyze Site usage. Such third parties may combine the information that we provide about You with other information that they have collected. These third parties are required to use Your information in accordance with this PA. We will record all such disclosures, and will use reasonable efforts to ensure that such third parties do not use Your PII for any purpose that is not expressly provided for herein.
You are solely responsible for any processing or international transfer of all PII in the Customer Content, including in any Third Party Services, and You agree to comply with all applicable rules, laws and regulations in any and all applicable regions or countries related to the transfer of such PII. To the extent PII is subject to rules, laws, regulations or the like implementing EU Data Protection Directive 95/46/EC, SoftLayer will be considered a "data processor" and will, as such, act on Your instructions and implement security measures in accordance with the MSA. For customers located outside of the territory of the United States, SoftLayer Dutch Holdings B.V. may utilize SoftLayer Technologies, Inc. to further process PII, and You agree that SoftLayer Technologies, Inc., which is based in the U.S., may act as a sub-processor.
You acknowledge and agree that SoftLayer may collect information from You for the following purposes:
On occasion, employees of SoftLayer Technologies, Inc. that are located in the U.S. may have temporary access to Customer Content in connection with providing maintenance or support services to You. This access will only be accomplished by way of Your explicit permission and instructions (as the Controller of the Customer Content) and only for so long as the employee is providing services to You. As a Processor, SoftLayer will not access the Customer Content for any purpose beyond providing You with support as described above, and will not disclose it to any person or entity. You agree that employees of SoftLayer Technologies, Inc. may access Customer Content in the manner described above.
New Customers are automatically registered for access at https://control.softlayer.com. The Customer Portal allows You the ability to create users, add/delete users, add/delete user privileges and opt in (or out) of Services and mailing lists. The Customer Portal provides You with control over preferences for electronic information delivery. The Customer Portal is operated and maintained in the United States and Your Account Information is stored on the Customer Portal in the United States, and You agree that SoftLayer may do so.
SoftLayer has also provided Your master user the ability to manage Your Account Information. To change this information, You must be a current customer, log in with a user ID and password, and follow the prompts to "update my profile" on the Customer Portal. We continue to expand the profile of Services and information that You may access and update.
Please note that some email communications are not subject to general opt-out. These include communications related to downloads; communications about sales transactions; information about software updates, patches and fixes; disclosures to comply with legal requirements; and network upgrades or other related maintenance for Service.
If an individual's PII is to be (a) disclosed to a third party who is not an agent of SoftLayer, or (b) used for a purpose that is incompatible with the purpose(s) for which it was originally collected or subsequently authorized by the individual, then the individual will be notified prior to such disclosure and may opt out of having the PII disclosed by responding to the email and/or author of the notification, where such information shall be clearly set forth. Any such disclosures will be documented, recorded, and retained as required by retention policies or applicable laws.
When providing infrastructure as a service (IaaS), SoftLayer Technologies, Inc. may process personal data controlled by its customers or customers of SoftLayer entities located in the European Union/European Economic Area. SoftLayer does not determine or have knowledge of the types of data stored by customers and/or how that data is accessed, exchanged, processed or the classification of that data. SoftLayer customers are the data controllers of such personal data and are responsible for compliance with applicable data protection principles. SoftLayer processes data as a data processor at the direction of its customers in accordance with the terms of the MSA.
SoftLayer has in place a data processing agreement with each of its entities located in the EU (in accordance with the standards of the EU Data Protection Directive and the Safe Harbor).
The provision of IaaS may, at the direction of the customer, include the transfer by the customer of its personal data outside of the EEA to jurisdictions which may not provide the same level of legal protection as in the EEA. The customer is responsible for ensuring that it has all necessary consents and agreements in place with data subjects for international transfers of personal data that it directs as part of its receipt of IaaS.
The terms “process,” “data controller,” “data processor,” and “data subject” have the meanings given to them in the EU Data Protection Directive.
SoftLayer is concerned with the security of the data we have collected and utilizes reasonable measures to prevent unauthorized access to that information. These measures include policies, procedures, employee training, physical access and technical elements relating to data access controls. In addition, SoftLayer uses standard security protocols and mechanisms to facilitate the exchange and the transmission of sensitive data, such as credit card details. SoftLayer does not process PII in a way that is incompatible with the purposes for which it has been collected or subsequently authorized by the individual.
In the event that PII is acquired, or is reasonably believed to have been acquired, by an unauthorized person and applicable law requires notification, SoftLayer will notify the affected individual of the breach by email or ticket on the Customer Portal or, if SoftLayer is unable to contact the individual by email or ticket on the Customer Portal, then by regular mail. Notice will be given promptly, consistent with the legitimate needs of law enforcement and any measures necessary for SoftLayer or law enforcement to determine the scope of the breach and to ensure or restore the integrity of the data system. SoftLayer may delay notification if SoftLayer or a law enforcement agency determines that the notification will impede a criminal investigation, and in such case, notification will not be provided unless and until SoftLayer or the agency determines that notification will not compromise the investigation. SoftLayer will cooperate with You in the investigation and/or remediation of any security breach.
If we are going to use Your PII in a manner different from that stated at the time of collection, we will notify You via email. In addition, if we make any material changes in our privacy practices that do not affect the PII already stored in our database, we will notify You by email or post a prominent notice on the Customer Portal notifying users of the change. In some cases, when we post the notice, we will also email users who have opted to receive communications from us, notifying them of the changes in our privacy practices. We may update this PA from time to time to describe how new site features affect our use of Your PII and to let You know of new control and preference features that we provide.
SoftLayer Technologies, Inc., an IBM Company
ATTN: Legal Department
Stanford Corporate Center
14001 North Dallas Parkway, Suite M100
Dallas, Texas 75240
Phone: 1 (214) 442-0600
If at any time You decide that You no longer desire that we hold, use, correct or supplement any of Your PII, receive information regarding any PII processed in relation to You or You wish to change the manner in which Your PII may be used, please let us know by contacting us as set forth above.
PLEASE NOTE THAT ADDENDA THAT APPLY TO THE FOLLOWING COUNTRIES ARE INCORPORATED INTO THE MSA AND THIS PRIVACY AGREEMENT AND CAN BE FOUND AT HTTP://WWW.SOFTLAYER.COM/LEGAL/: AUSTRALIA; BRAZIL; GERMANY; HONG KONG; MEXICO; THE NETHERLANDS AND SINGAPORE