Privacy Policy | CanopyMetrics - Visualize your data ecosystem

1. Introduction

Welcome to CanopyMetrics ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this policy, or our practices with regards to your personal information, please contact us at [email protected].

This Privacy Policy governs the privacy policies and practices of our website, accessible at https://www.canopymetrics.com, and our analytics dashboard services (collectively, the "Services").

Our goal is to help you visualize your data ecosystem with clarity. Just as a canopy protects the forest floor, we aim to protect the integrity and confidentiality of the data you entrust to us. By using our Services, you hereby consent to our Privacy Policy and agree to its terms.

2. Information We Collect

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products, when you participate in activities on the Services, or otherwise when you contact us.

A. Personal Information Provided by You

The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:

Identity Data: First name, maiden name, last name, username, or similar identifier.
Contact Data: Billing address, delivery address, email address, and telephone numbers.
Credentials: Passwords, password hints, and similar security information used for authentication and account access.
Payment Data: Data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument. All payment data is stored by our payment processor, Stripe.

B. Information Automatically Collected

Some information — such as your Internet Protocol (IP) address and/or browser and device characteristics — is collected automatically when you visit our Services.

Log and Usage Data: Service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files.
Device Data: Information about your computer, phone, tablet, or other device you use to access the Services. This device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.

Note on Aggregated Data: We also collect, use, and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.

3. How We Use Your Information

We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations.

To provide and manage your account: We use your information to allow you to create and log in to your account, as well as keep your account in working order.
To deliver specific visualization services: To process your data inputs and render the analytics dashboards that constitute our core service.
To send administrative information to you: We may use your personal information to send you product, service, and new feature information and/or information about changes to our terms, conditions, and policies.
To protect our Services: We may use your information as part of our efforts to keep our Services safe and secure (for example, for fraud monitoring and prevention).
To enforce our terms, conditions, and policies: For business purposes, to comply with legal and regulatory requirements or in connection with our contract.
For marketing and promotional purposes: We and/or our third-party marketing partners may use the personal information you send to us for our marketing purposes, if this is in accordance with your marketing preferences. You can opt-out of our marketing emails at any time.

4. Information Sharing and Disclosure

We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations.

A. Vendors, Consultants, and Other Third-Party Service Providers

We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include:

Cloud Hosting: Amazon Web Services (AWS)
Payment Processing: Stripe
Customer Support Tools: Zendesk
Data Analytics: Google Analytics

B. Business Transfers

We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

C. Legal Requirements

We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).

5. Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk. You should only access the services within a secure environment.

Key security measures include:

Encryption: Data is encrypted in transit using TLS 1.2+ and at rest using AES-256 standard encryption.
Access Controls: Strict role-based access controls (RBAC) ensure only authorized personnel can access your data.
Regular Audits: We conduct regular security audits and vulnerability assessments.

6. Your Rights (GDPR & CCPA)

Depending on your location, you may have specific rights regarding your personal information.

Region: European Economic Area (GDPR)

If you are a resident of the EEA or UK, you have the following rights:

Right to Access: You have the right to request copies of your personal data.
Right to Rectification: You have the right to request that we correct any information you believe is inaccurate.
Right to Erasure: You have the right to request that we erase your personal data, under certain conditions.
Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data.
Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you.

Region: California (CCPA)

If you are a resident of California, you are granted specific rights regarding access to your personal information:

Request to Know: You can request that we disclose to you the categories and specific pieces of personal information that we have collected about you.
Request to Delete: You can request that we delete any personal information about you which we have collected from you.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

Do Not Sell My Info: CanopyMetrics does not sell your personal information to third parties.

To exercise any of these rights, please contact us at [email protected].

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Policy.

We categorise cookies as follows:

Essential Cookies: Necessary for the website to function (e.g., login sessions).
Performance Cookies: Help us understand how visitors interact with the website.
Functional Cookies: Enable enhanced functionality and personalization.

8. Third-Party Websites

The Services may contain links to other websites that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

9. Children's Privacy

Our Services are not intended for use by children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personally identifiable information from children. If you become aware that a child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

10. International Data Transfers

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside the United States and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United States and process it there.

CanopyMetrics will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information. We utilize Standard Contractual Clauses (SCCs) for transfers from the EEA to third countries.

11. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the "Last Updated" date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

12. Contact Us

If you have any questions about this Privacy Policy, the practices of this site, or your dealings with this site, please contact us:

Email:[email protected]
Mailing Address:
CanopyMetrics Legal Team
123 Forest View Drive, Suite 400
Seattle, WA 98101
United States