Lightrun Platform Ltd. (including its affiliates) (D.B.A LightRun) (“LightRun”, “we”, “our” or the “Company”) respect the privacy of anyone who visits our websites (“Visitors“), use our products and services (“Customers” and their “Users”), participate in our events or events we sponsor or participate in (“Participants”), apply for a job in our supper awesome company (“Applicants”) or otherwise interact with us (collectively – “you”) and is committed to protect the personal information that any such person shares with it. We believe that you have a right to know our practices regarding the information we may collect and use when you interact with us in any manner.
This Policy concerns personal data collected, received or used via LightRun’s websites referring to this Policy (each the “Website” and collectively the “Websites”), via LightRun’s products and services (“Solutions”; and together with our Websites and events – “Services”), and other data sources as described below.
You are not legally required to provide us with any Personal Data (defined below), but without it we may not be able to provide you with the required Service or may provide you with a different Service.
We collect Personal Data regarding our Customers, Users, Participants and Visitors. Such data is collected and generated through your interaction with us, automatically or directly from you or through third parties. We collect the following categories of data (which, to the extent it relates to a specific identified or identifiable individual, will be deemed as “Personal Data “):
1. Data automatically collected or generated through the Website: When you visit our Website, we may collect or generate certain technical data about you. We collect or generate such data either independently or with the help of third-party service providers (as detailed below), including through the use of “cookies” and other tracking technologies (as further detailed in Section 5 below).
Such data mainly consists of connectivity, technical and aggregated usage data, such as IP addresses, device, system and software details, click-stream and usage logs, unique identifiers and similar data and information concerning log-in attempts, usage and use preferences regarding your use of the Website. We mainly use this data to gain a better understanding on how you typically use and interact with our Services; how we could improve your user experience; to optimize our product; and to optimize the overall performance of our Services.
We use analytics tools (e.g. Google Analytics) to collect data about the use of our Services. Analytics tools collect data, such as how often Users and Visitors visit or use the Website or Service, which pages they visit and when, and which website, ad or e-mail message brought them there.
2. Data received from you: such Personal Data includes any data or information you may provide which is identifiable to you, such as your name, company and position, contact details (such as business e-mails, phones and addresses) as well as any free-form text or documentation you may choose to provide us. If you register as a Participant in any of our events, you may provide us with additional details such as your participation eligibility and preferences, your experience and any other relevant information. If you are an Applicant, we retain your CV and background checks (as applicable) as detailed below.
3. Data Provided through our Solutions. As part of the use of our Solution, our Customers may run our Solution on their code, which may cause the collection of certain variables. Such variable may contain or represent Personal Data. We are not aware of the nature of the collected variables and possible Personal Data. We do not retain any such variables and Personal Data and we delete such Personal Data immediately. We only use such Personal Data on behalf of our Customers and only to provide the Solution and comply with applicable laws.
4. Data provided by third parties: We may receive your Personal Data from other sources. For example, if you participate in an event or webinar that we sponsor or participate in, we may receive your Personal Data from the event organizers. We may also receive your contact and professional details (e.g., your name, company, position, contact details and professional experience, preferences and interests) from our business partners or service provides, and through the use of tools and channels commonly used for connecting between companies and individuals in order to explore potential business and employment opportunities, such as LinkedIn and other data services and sources
We use Personal Data as necessary for the performance of our Services; to comply with applicable law; as necessary for the performance of our contracts and agreements; and to support our legitimate interests in maintaining and improving our Services and offerings, understanding how our Services are used, optimizing our marketing, advertising and sales practices, providing customer service and technical support, and protecting and securing our Visitors, Customers, Users, Participants, Applicants, ourselves and our Services. We do not sell your personal information.
Specifically, we use Personal Data for the following purposes:
To facilitate, operate, and provide our Services;
To verify the identity of our Users and Participants, and to allow them access to our Services and events, respectively;
To further develop, customize and improve our Services, and to offer a better experience to our Visitors, Customers, Users and Participants, based on common or personal preferences, experiences and difficulties;
To provide our Customers with assistance and technical support, and to diagnose or fix technical problems reported by them;
To facilitate and improve our marketing, advertising and sales practices, and make them more effective;
To contact our Visitors, Customers and Participants with general or personalized service-related notices, informational materials and promotional messages, as detailed below;
To facilitate, organize, sponsor and offer certain events and promotions;
To monitor aggregate metrics and create aggregated statistical data, inferred non-personal data, or anonymized or pseudonymized data (rendered non-personal), which we, our Customers or business partners may use at our discretion, including to provide and improve our respective services;
To support and enhance our data security measures, including for the purposes of preventing and mitigating the risks of error, fraud or any illegal or prohibited activity;
To act as permitted by, and to comply with, any legal or regulatory requirements.
Data Location and Retention
LightRun is mainly based in Israel, with headquarters in Tel Aviv. Israel is considered by the European Commission to be offering an adequate level of protection for the Personal Data of EU Member State residents.
Data Retention: We may retain Customer and User Personal Data for as long as your organization’s account with us is active; as reasonably necessary for us to provide or offer our Services to you and your organization; or as long as we consider necessary for the purposes described herein.
We may retain Visitor and Participant Personal Data for as long as reasonably necessary in order to maintain and expand our relationship and to provide them with our Services. We retain Applicant’s Personal Data, as detailed below.
We will also retain Personal Data for as long as is required in order to comply with our legal and contractual obligations, or to protect ourselves from any potential disputes (i.e. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use).
Please note that except as required by applicable law, we will not be obligated to retain your Personal Data for any particular period, and we are free to securely delete it for any reason and at any time, with or without notice to you.
If you have any questions about our data retention policy, please contact us by email at email@example.com.
Legal Compliance: We may disclose or allow government and law enforcement officials access to your Personal Data in response to a legal request, such as a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we have a good faith belief that we are legally compelled to do so, or that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing.
Service Providers: LightRun engages with a number of selected third party companies and individuals, to perform services complementary to our own (e.g. hosting services, data analytics services, marketing and advertising services, data and cyber security services, payment processing services, fraud detection and prevention services, e-mail distribution and monitoring services, session recording, remote access services, and our business, legal and financial advisors (collectively, “Service Providers”).
Such Service Providers may receive or otherwise have access to your Personal Data, depending on each of their particular roles and purposes in facilitating and enhancing our Services and business, and may only use it for such purposes.
In certain cases, other Users from your organization may control your account and will be entitled to monitor, process and analyse your data and associated content, including (i) view any content you submit and your activities on the Services; (ii) view statistics regarding your account; (iii) change your account password or other access credentials or privileges; (iv) suspend or terminate your account access; and (v) access or retain data stored as part of your account. Please note that in these circumstances LightRun is not responsible for and does not control any further disclosure, use or monitoring by or on behalf of your organization, that acts as the “Data Controller” of such data (as further described below).
Protecting Rights and Safety: We may share your Personal Data with others, if we believe in good faith that this will help protect the rights, property or personal safety of LightRun, any of our Visitors, Customers, Users, Applicants or Participants, or any members of the general public.
For the avoidance of doubt, LightRun may share your Personal Data in additional manners, pursuant to your explicit approval, or if we are legally obligated to do so, or if we have successfully rendered such data non-personal and anonymous. Additionally, we may transfer, share or otherwise use non-personal data at our sole discretion and without the need for further approval.
Cookies and Tracking Technologies
LightRun and some of its Service Providers utilize “cookies”, anonymous identifiers and other tracking technologies, which help us provide, secure and improve our Services, personalize your experience and monitor the performance of our activities and campaigns.
A “cookie” is a small text file that is used, for example, to collect data about activity on our Websites. Some cookies and other technologies serve to recall Personal Data, such as an IP address previously indicated by a Visitor or User.
The cookies we use can be classified in one of the following categories:
Strictly Necessary cookies We use these cookies to enable you to use our Website features, such as enabling movement between pages and remembering information you enter on forms.
Without these necessary cookies, services and functions on our Website will not be possible and our Website will not perform as it should.
Performance and Analytics cookies We use these cookies to collect information about Visitor’s use of our Platform to help improve the way the Platform works.
All of the Web browser cookies we use are stored on Visitor’s browser local memory. Therefore, by deleting such cookies from your local memory, we will not be able to associate any information we have about you, unless you login to our Platform as a registered user.
While we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser, most browsers allow you to control cookies, including whether or not to accept them and to remove them. You may set most browsers to notify you if you receive a cookie, or to block cookies with your browser.
Service Communications: LightRun may contact you with important information regarding our Services. For example, we may notify you (through any of the means available to us) of changes or updates to our Services, billing issues, service maintenance or changes, password retrieval notices, etc. You will not be able to opt-out of receiving such service communications while using our Services, as they are integral to such use.
Notifications and Promotional Communications: We may send you notifications concerning new features, offerings, events, and special opportunities or any other information we think you will find valuable. We may provide such notices through any of the contacts means available to us (e.g. phone, mobile or e-mail), through the Services, or through our marketing campaigns on any other websites or platforms.
If you do not wish to receive such promotional communications, you may notify LightRun at any time by sending an e-mail to firstname.lastname@example.org, or by following the “unsubscribe”, “stop” or “change e-mail preferences” instructions contained in the promotional communications you receive.
In order to protect your Personal Data held with us and our Service Providers, we are using industry-standard physical, procedural and electronic security measures, including encryption as appropriate. We are compliant with ISO 27001:2013, in connection with our Solution, however, please be aware that regardless of any security measures used, we cannot and do not guarantee the absolute protection and security of any Personal Data stored with us or with any third parties as described in Section 4 above.
If you wish to exercise your rights under any applicable law, including the EU General Data Protection Regulation (GDPR), such as the right to request access to, or rectification or erasure of your Personal Data held with LightRun, or to restrict or object to such Personal Data’s processing, or to port such Personal Data, or the right to equal services and prices (each to the extent available to you under the laws which apply to you) – please send us an e-mail to email@example.com.
Please note that once you contact us, we may require additional information and documents, including certain Personal Data, in order to authenticate and validate your identity and to process your request. Your request along with such additional data will be then retained by us for legal purposes (e.g. so we have proof of the identity of the person submitting the request).
Data Controller / Processor
Certain data protection laws and regulations, such as the GDPR, typically distinguish between two main roles for parties processing Personal Data: the “Data Controller”, who determines the purposes and means of processing; and the “Data Processor”, who processes the data on behalf of the Data Controller. Below we explain how these roles apply to our Services, to the extent that such laws and regulations apply.
If LightRun processes Personal Data on a Customer’s behalf, such Customer shall be deemed the “Data Controller” of this data. The Customer will be solely responsible for meeting any legal requirements applicable to Data Controllers (such as establishing a legal basis for processing and responding to Data Subject Rights requests concerning the data they control).
If you would like to make any requests or queries regarding your Personal Data that we process on our Customer’s behalf, please contact such Customer directly. Should we receive such requests directly, we may refer them to our Customer.
We may collect information provided to us by Applicants when they apply to a position in our company. LightRun welcomes all qualified Applicants to apply to any of the open positions by sending us their contact details and CV (“Applicants Information”). Applicants Personal Information will be maintained, processed and stored in Israel, and in the applied position’s location(s), and as necessary, in secured cloud storage provided by our third-party services. We are committed to keep Applicants Information private and use it solely for our internal recruitment purposes (including for identifying Applicants, evaluating their applications, making hiring and employment decisions, background checks on Applicants and contacting Applicants by phone or in writing). Please note that LightRun may retain Applicants Information submitted to it even after the applied position has been filled or closed so we can re-consider Applicants for other positions and opportunities and in case the Applicant is hired, for additional employment and business purposes related to their work. If you previously submitted your Applicants Information to us, and now wish to access it, update it or have it deleted, please contact us.
Children’s Privacy: Our Services are not intended for use by children under the age of 18. We do not knowingly collect Personal Data from minors under the age of 18 and do not wish to do so. In the event that it comes to our knowledge that a minor is using the Services, we will prohibit and block such user from accessing the Services (to the extent reasonably possible) and will make all efforts to promptly delete any Personal Data stored with us with regard to such user.
If you are a GDPR-protected individual, you also have the right to lodge a complaint with an EU supervisory authority.
Effective Date: June 25, 2020