General Privacy Policy

Date Effective: April 17, 2020
Date Last Updated: April 17, 2020


Introduction

This General Privacy Policy, which is effective as of April 17, 2020, amends prior versions of the Customer Privacy Policy and Privacy Policy which were effective as of May 25, 2018 and June 1, 2018, respectively. The amendments update the information previously provided in such prior versions and reflect an internal reorganization of our corporate structure whereby Cyxtera Cybersecurity, Inc. d/b/a AppGate, including its subsidiaries and Affiliates (as defined below) (“AppGate”), was spun-out from Cyxtera Technologies, Inc., including its post-reorganization subsidiaries and Affiliates (“Cyxtera”). Cyxtera and AppGate may be referred to herein collectively as the “Group,” “we,” “our,” or “us” except for certain provisions where the context is limited to Cyxtera or AppGate as separate organizations.

Cyxtera is a global leader in data center colocation services, ranking as the largest private retail colocation company in the world and among the largest worldwide retail colocation providers overall.

AppGate is an industry leader in security, fraud protection and data analytics products and services and cybersecurity professional services, acting as a service provider for other entities to assist them in meeting their business needs.

This General Privacy Policy addresses the privacy rights of individuals who:

  • visit or use our Websites;
  • interact with us on behalf of a Customer in connection with the provision of our Services;
  • interact with us on behalf of a Service Provider in connection with the products and services our Service Provider provides to us;
  • interact with us on behalf of a business partner in connection with our relationship with the business partner;
  • apply to work with us;
  • receive marketing communications from us; and/or
  • interact with us by registering for, attending and/or otherwise taking part in our trade events, webinars, or conferences or who communicate with us via email, phone, or in-person.

This General Privacy Policy, along with our GDPR Privacy Policy and Privacy Shield Policy set forth at the links below, is designed to assist individuals and businesses that interact with us to understand the types of Personal Data we collect, how that Personal Data is Processed, and the practices we have adopted to protect Personal Data. If your Personal Data is Processed by us in the European Economic Area (“EEA”), including in the United Kingdom (“UK”) or the European Union (“EU”), or if you are a resident of the EEA, including the UK or EU, and subject to GDPR protections, please click here to view our GDPR Privacy Policy for data processing in the EU/EEA/UK, and here to view our Privacy Shield Policy, which covers the transfer of personal data from the EEA/EU/UK/Switzerland to the United States. In the event of a conflict between the GDPR Privacy Policy and the General Privacy Policy, the GDPR Privacy Policy will prevail. If your Personal Data is transferred from the EEA/EU/UK/Switzerland to the United States, please click here to view our Privacy Shield Policy covering such transfers. In the event of a conflict between the General Privacy Policy or GDPR Privacy Policy and the Privacy Shield Policy, the Privacy Shield Policy will prevail.


Definitions

Controller” means a person or organization that, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.

Customer” means a business that has, formerly had, or is contemplating purchasing or using our Services.

GDPR” means the EU General Data Protection Regulation 2016/679.

Personal Data” means any information relating to an identified or identifiable natural person.

Privacy Policy” means this General Privacy Policy, the GDPR Privacy Policy and the Privacy Shield Policy, collectively.

Process” and “Processing” means any operation or set of operations which is performed upon Personal Data, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure or dissemination, and erasure or destruction.

Processor” means a person or organization that engages in Processing.

Representative” means an individual who (i) acts on behalf of a Customer, including, a Customer’s employees, agents, and representatives, (ii) acts on behalf of a Service Provider, including, a Service Provider’s employees, agents, and representatives, (iii) acts on behalf of a business partner, including a business partner’s employees, agents, and representatives or (iv) otherwise interacts with us in any manner, for example through our Website, in emails, phone calls, or in-person interaction.

Sensitive Data” includes, but may not be limited to, Personal Data specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or information specifying the sex life of the individual, and that is subject to the EU-U.S. or Swiss-U.S. Privacy Shield Principles.

Service Provider” means a supplier, subcontractor, vendor, or other third party who provides services to us.

Services” means the products and services provided by us, including, but not limited to, colocation and other data center services, fraud detection software and services, website accessibility compliance software and services, data analytics services, and cybersecurity software and services.

Website” means all of the websites and mobile applications maintained by us that display a link to the General Privacy Policy, the GDPR Privacy Policy, and/or Privacy Shield Policy.

Website Visitor” means an individual who visits the Website.


Personal Data Collected

For our Customers, we may collect the Personal Data of your Representatives (e.g., name, job title, business contact details, etc.) when your Representatives inquire about, negotiate, purchase, or use any of our Services on your behalf.

For our Service Providers, we may collect the Personal Data of your Representatives when we inquire about or purchase services from you to support our business operations.

For our business partners, we may collect the Personal Data of your Representatives in connection with our interactions with you.

For prospective employees, we may collect your Personal Data when you visit, browse, or register on our Websites, when you submit an application for employment, when you provide additional Personal Data during the application and interview process, when you speak to our employees during your interview process, and when you otherwise provide or authorize us to collect your Personal Data during the application and interview process.

For our Website Visitors, we may collect certain Personal Data from you when you visit, browse, register on our Websites, complete a form on our Websites, or engage in online support received through our Websites. We may also collect certain information about your session when you visit our Websites, including internet protocol (IP) addresses, browser type, internet service provider, referring/exit pages, operating system, date/time stamp and clickstream data, as further outlined in Section VI below.

We may also collect the Personal Data of Representatives if they (i) register for a trade event, webinar, or conference hosted by us, (ii) download or request content and information regarding our Services, (iii) complete a survey or form, (iv) request online support through our Websites, or (v) receive marketing communications from us.


Purpose of Personal Data Collection and Processing

We collect and Process Personal Data for the following purposes:

  • To administer and process transactions related to the Services we provide;
  • To provide, assess, and improve our customer support and customer service;
  • To personalize your experience using our Services or Websites;
  • To communicate with you during contract negotiations or post-contract support;
  • To fulfill a legal obligation or to protect our rights;
  • To comply with applicable laws and regulations;
  • To advise you of additional or new Services that may be of interest to your company;
  • To administer and manage Service Providers;
  • To work with business partners;
  • To improve and protect the integrity and security of our Services and our Websites;
  • To enforce any applicable contracts;
  • To administer a contest, promotion, survey, event, conference, webinar, or other website feature;
  • To consider you for employment;
  • To send periodic communications (the contact information that you provide may be used to send you information, including marketing, respond to inquiries, and/or other requests or questions);
  • In an emergency, where the health or security of an individual may be endangered;
  • In the event of a corporate reorganization, including, but not limited to, merger, acquisition, or sale; and
  • For any other purpose for which you have been notified, and if legally required where appropriate consent has been obtained.

If you receive marketing communications from us by email, we seek your opt-in consent to send you such communications by email in jurisdictions where that is required. If we track whether or not you open any such email, we seek your opt-in consent to do so in jurisdictions where that is required. You may, in any event, unsubscribe from the receipt of future electronic communications from us by clicking on the “unsubscribe” link provided in such communications or by emailing unsubscribe@cyxtera.com or unsubscribe@appgate.com, as applicable. Please be sure to contact the appropriate email address that is affiliated with the entity from whom you are trying to unsubscribe.


Security

We implement a variety of security measures to maintain the safety of your Personal Data when you enter, submit, or access your Personal Data, or when it is otherwise collected or Processed by us. We take reasonable and appropriate measures to secure your Personal Data.


Cookies and Other Technologies 

When you visit our Websites, open an email that we send you, or interact with the communication features on our Websites, we may collect information about your usage or device by automated means or by using technologies such as cookies, web server logs, and web beacons. Please view Cyxtera’s Cookie Policy or AppGate’s Cookie Policy, as applicable, for information on our practices in relation to the use of these technologies.

At this time, we are not in a position to honor “do not track” signals from website browsers. However, you may refuse or delete cookies. If you do so, some of the functionality of our Website may be impaired. Additionally, you may still be identifiable and your usage may still be trackable by other means. Please refer to your browser’s “Help” instructions to learn more about how to manage cookies and the use of similar technologies.


Third Party Sharing

Except as otherwise detailed herein, we do not sell, disclose, or otherwise transfer Personal Data we have collected from you to outside parties.

Service Providers. We share Personal Data with Service Providers that we have retained to perform certain services and functions on our behalf, and these Service Providers have agreed to use the Personal Data solely as necessary to perform the services and functions in accordance with our instructions and subject to appropriate nondisclosure limitations.

Business Partners. We may share your Personal Data with trusted business partners pursuant to our contractual arrangements with them, which will include appropriate safeguards to protect any Personal Data that we share with these partners. These may be third parties that organize tradeshows, third party consultants and experts, and auditors.

Affiliated Entities. We share Personal Data with entities that are under our common ownership or control (our “Affiliates”). Subject to local requirements, this Personal Data may be used to provide Services offered by our Affiliates, for Affiliates to provide support to the Affiliated entity that is sharing the Personal Data, or for any other purposes described herein. For example, our Affiliates may share Personal Data with one another about our Customers, Service Providers, business partners, Representatives, prospective employees, and Website Visitors for direct marketing purposes.

Payment Processing. We work with a payment processing partner to process certain credit card payments. If you make a credit card payment to us, our payment processing provider will store your full name and credit card details.

Fraud Prevention and Protection of Legal Rights. We may use and disclose Personal Data to the appropriate legal, judicial, or law enforcement authorities and our advisors and investigators: (i) when we believe, in our sole discretion, that such disclosure is necessary to investigate, prevent, or respond to suspected illegal or fraudulent activity or to protect our safety, rights, or property and those of each of our Customers, Service Providers, business partners, Representatives, Website Visitors, prospective employees, or others; (ii) when we suspect abuse of the Website or Services or unauthorized access to any system, spamming, denial of service attacks, or similar attacks; (iii) to exercise or protect legal rights or defend against legal claims; or (iv) to allow us to pursue available remedies or limit the damages that we may sustain.

Law Enforcement. We may have to disclose the Personal Data of our Customers, Service Providers, business partners, Representatives, prospective employees, Website Visitors, or others if a court, law enforcement, or other public or government authority with appropriate competency requests that we provide that Personal Data and we believe, in our reasonable discretion, that such request was made in compliance with applicable law.

Corporate Reorganization. We may share your Personal Data with a third party in the case of the reorganization, sale, merger, joint venture, assignment, transfer or other disposition of all or any portion of our business, asset or stocks, including in the event of bankruptcy or corporate restructuring. Any Personal Data that an individual submits or that is collected after the reorganization may be subject to a new privacy policy adopted by the successor entity, of which we will inform, where required.


Retention

We will keep the Personal Data that we collect for as long as is reasonably necessary to achieve the purpose for which you provided it, or to the extent necessary for us to protect our rights, or as required by applicable laws.


Collection of Personal Data from Children 

Our Websites are intended for individuals 18 years of age and older. They are not directed at, marketed to, nor intended for, children under 18 years of age. We do not knowingly collect any information, including Personal Data, from children under 18 years of age. If you believe that we have inadvertently collected Personal Data from a child under the age of 18, please contact us at the email address in Section XI below, and we will take immediate steps to delete it.


Changes to Privacy Policy

When we change this General Privacy Policy, including the GDPR Privacy Policy or Privacy Shield Policy, we will update the “Date Effective” and “Date Last Updated” provided with this General Privacy Policy and/or the effective date for the respective GDPR Privacy Policy or Privacy Shield Policy portions. We encourage you to view this General Privacy Policy, including the GDPR Privacy Policy and Privacy Shield Policy, when interacting with us to ensure you are aware of the current terms. We will provide adequate notice of any material changes and obtain your consent when legally required when making such changes to this General Privacy Policy, including the GDPR Privacy Policy and Privacy Shield Policy.


Inquiries/Contact Us

You may have rights regarding your Personal Data depending on where you are and where your Personal Data is Processed. Please contact us at the applicable email address in this Section XI if you have questions in this regard or if you wish to update your Personal Data. Please note that if you have an account with us, you may update certain information through that account. We commit to resolving complaints about your privacy and our collection or use of your Personal Data. Should you have any questions regarding this General Privacy Policy, the GDPR Privacy Policy, or Privacy Shield Policy or any of its or their provisions, you may contact us at: privacy@cyxtera.com or privacy@appgate.com. Please ensure you contact the appropriate email address for the entity to which your questions relate.


Governing Law; Venue; Waiver of Jury Trial and Class Actions

Unless applicable data protection / privacy laws provide otherwise, (a) the Privacy Policy is governed by the laws of the State of Florida, U.S.A, (b) you hereby agree that any dispute or claim raised or made by you against us relating to the Privacy Policy shall be subject to arbitration before a single arbitrator in Miami-Dade County, Florida in accordance with the Commercial Arbitration Rules of the American Arbitration Association and (c) you hereby waive all rights to bring or maintain any court action, jury trial or any class claim, class action, class arbitration, or other representative action, claim or proceeding against us in a court of law.