GDPR Website Privacy Notice
CYXTERA TECHNOLOGIES, INC.
Website Privacy Notice
Effective Date: May 25, 2018
Please read this document carefully. If you do not understand, or do not agree, to be bound by this Privacy Notice, you must immediately cease using or accessing the Platform.
This document describes our practices regarding the collection and processing of Personal Data through our Platform (as defined below). Our practices implement the following principles:
Accountability: We are responsible for the protection of Personal Data entrusted to us.
Transparency: We inform Users (as defined below) about the collection and processing of their Personal Data, and use it proportionally to legitimate business interests.
Proportionality: We collect and use Personal Data for specific legitimate purposes.
Control: We offer Users choices regarding the use of their Personal Data, and honor their preferences for contacting them.
Security & Retention: We apply technical, physical and organizational measures to ensure an appropriate level of security for the Personal Data in our custody. We retain such data as needed for its intended purposes.
Third Parties: We carefully choose vendors, service providers and other third parties with whom we share Personal Data and require them to commit to standards that we consider adequate.
Operator: The operator of the Platform is Cyxtera Technologies, Inc., located at 2333 Ponce De Leon Blvd, Suite 900, Coral Gables, FL 33134. The Cyxtera Services are provided by Cyxtera Technologies, Inc. and its subsidiaries, including Cyxtera Technology UK Limited (a company organized and existing under the laws of England and Wales), Cyxtera Germany GmbH (a company organized and existing under the laws of Germany), Cryptzone Group AB (a company organized and existing under the laws of Sweden), and Cryptzone UK Ltd. (a company organized and existing under the laws of England and Wales) (together with Cyxtera Technologies, Inc., collectively, “Cyxtera” or “we,” “us,” “our”).
The local representative of Cyxtera in the European Economic Area is Michael Bennett, located at 630 Ajax Ave, Slough, SL1 4DG, United Kingdom.
For the purpose of this Privacy Notice, the following terms shall have the meanings set forth below:
“Customer” means a business that is, has been, or is about to become a customer of Cyxtera pursuant to a validly executed service agreement for the purpose of using the Services.
“Customer Representative” means an individual who acts on behalf of a Customer, and who uses or interacts with Cyxtera or the Platform in such capacity.
“GDPR” means the EU General Data Protection Regulation.
“Lead” means a Visitor (as defined below) who (i) has expressed interest in our products or services, for example by filling out a form or providing a business card to request information, a white paper, or a demo of the Platform, or (ii) otherwise interacts with us in any manner about our Services, for example in emails, phone calls or through in person interaction.
“Personal Data” means any information that pertains to an identified individual, or to an individual who can be identified directly or indirectly by reference to an identifier.
“Platform” means the Cyxtera website and all other specialized content, reports, software applications, social media pages and other means of interacting with individuals about the Services (including emails, newsletters, phone calls, marketing events and tradeshows).
“Processing” and “Processor” have the meanings ascribed to such terms in the GDPR.
“Services” means the services provided by Cyxtera, including colocation and other data center services, fraud detection software and services, website accessibility compliance software and services, and cybersecurity software and services relying on the Tools.
“Tools” means the proprietary tools, software applications, computer networks, technology, equipment, know-how and similar tools that Cyxtera uses to provide the Services and interact with Customer Representatives.
“User” or “you” or “your” means a Visitor, a Lead, or a Customer Representative.
“Visitor” means an individual who visits the website or otherwise interacts with the Platform.
This Privacy Notice applies to the handling by Cyxtera of Personal Data that Cyxtera collects on or through its Platform and for its own purposes, when individual Users interact with the Platform, for example by using the Cyxtera website, calling us, sending requests for information, or visiting our booth at tradeshows.
Third Party Services
This Privacy Notice does not apply to any third-party website or service that may be linked to the Platform. We have no control over, and are not responsible for, the data collection and/or handling practices of these third-party websites or services. We encourage you to note when you leave our Platform. We also encourage you to read the privacy statements of any third-party websites or services linking to (or linked to via) the Platform.
Processing Activities by Customers Through Use of Our Services are Not Subject to this Privacy Notice
This Privacy Notice does not apply to the collection or processing of Personal Data by Customers through the use of the Services. We are not responsible for our Customers’ use of Personal Data that they collect while using our Services.
5. Updates and Changes to Privacy Notice
We will review and update this Privacy Notice periodically in response to changing legal, technical, market, and business developments. When we update this Privacy Notice, we will note the date of its most recent revision on the cover page of this Privacy Notice. We will take appropriate measures to inform all Users in a manner that is commensurate with the materiality of any such changes, and that complies with applicable law regarding changes in this Privacy Notice. Your continued access to or use of the Platform after we have provided notice of any such changes as set forth above will indicate that you agree to be bound by such changes. If you do not agree with such changes, you should cease accessing or using the Platform and seek the deletion of your information by contacting us as described below. In some cases, your actual consent will be required, and in such cases this paragraph will have no effect.
6. Information Collection Practices
We collect a variety of information (as listed below) as needed to operate our business, and for the legitimate interests of our business, including, but not limited to, for marketing purposes, to the extent permitted by applicable law. Our website and other publicly facing services and applications are primarily intended for use in connection with our business activities, including the marketing, sale, and delivery of the Services. Our information collection practices are focused on, and limited to, the information needed for such purposes.
Data collected pursuant to these practices include the following:
When a Visitor uses, or interacts with our Platform, or clicks on a link that directs the Visitor to our website, the Visitor’s browser automatically provides, and we automatically collect and store, information about the Visitor’s device (computer, tablet, smartphone) used to access the website and the Visitor’s activities for the proper operation of our website. This information includes:
- Preferences and settings: time zone, language, and character size;
- Identifiers: IP address;
- Technical information: type of device, operating system name and version, device manufacturer, browser information (type, version), screen resolution; and
- Coarse Geographic information: geographic location derived from the IP address.
Until the Visitor becomes a Lead, this data cannot be linked to a specific individual; however, certain third party tracking pixels may be in use on the site where such third parties (such as LinkedIn, or Adroll) have prior records of a Visitor and be able to identify such Visitor.
Data generated by the use of the Platform also includes:
- Information about use of the Platform: date stamp, URL of the visited page, and URL of the last webpage visited before visiting our Platform or a website using our Platform; and
- History of interaction with our webpages: pages viewed, time spent on a page, click through and clickstream data, queries made, search history, search results selected; comments made, type of service requested, and purchases made.
We collect this data and use in aggregate form to understand how our Platform is used and create statistics on the use of our Platform. Until the User becomes a Lead, this data cannot be linked to a specific individual.
If a Visitor interacts with our Platform or our website in a manner beyond simply visiting our website (for example, by filling out a survey or a form to inquire about our Services), the Visitor becomes a Lead. In these cases, we will collect information provided in the form or questionnaire used to make the request, or provided at a trade show or industry event. This information is provided directly and voluntarily by the Visitor. Depending on the circumstances, it may include:
- First and Last Name;
- Name of the business;
- Email address;
- Street address, city, state, province and/or country;
- Telephone number;
- Website URL; and
- Mobile Number.
- Telephone number.
A Lead may also elect to provide additional information, such as a Twitter Handle or Facebook User ID, LinkedIn User ID, or other free-form information.
Customer Representative Data
When a Customer purchases any of our Services, we create an account on our Platform in the name of the Customer. The Customer has the ability to create one or several accounts. For each authorized Customer Representative allowed to access these accounts, we request:
- First and Last Name;
- Name of the entity for which the Services is purchased;
- Email address;
- Street address, including country; and
Only the minimum amount of information necessary to operate or manage the account is required from Customers or their Customer Representatives. Customer Representatives may elect to provide additional information.
To access a Customer account, the registrant for such Customer account is requested to choose a password.
Information the User Makes Public
The Platform utilizes features that allow certain Users to upload, post, transmit, display, perform, or distribute content, or other information, including their Personal Data. Any information that a User chooses to disclose by means of such features may become public information.
Cyxtera is unable to exercise control over this information once a User has made it public. You should exercise caution when deciding to disclose your Personal Data by means of such features, and you are solely responsible for any use or misuse of such information.
Publicly Available Information
We collect information that is available from public sources, in public records, or other publicly available databases or that Users have made public, for example, in tweets or Facebook posts.
We collect payment information, such as method, date and amount of payment. If a Customer pays with a credit card, this information will be transmitted directly to our payment processor, and we will not retain details of such payment information other than the Transaction ID number related to such payment. After payment information is provided by the User and transmitted to our payment processor, we will not have access to payment card information and disclaim any liability for any loss or compromise of payment card information. When you make a payment, you agree to terms of our payment processor.
In certain cases of ongoing Customer relationships, we retain information about such Customers as necessary for the administration of such Customer accounts.
Communication from Users
When a User completes an online form, or otherwise contacts us, by email, phone or text, we automatically collect and store certain information, including:
- The User’s name and contact information;
- Other Information that the User provides to us; and
- The nature and purpose of the communication and the actions we took in response to the User’s inquiry or request or that the User took (for example, whether the User registers to attend an event that we offer, or request to receive documentation).
The information collected in connection with each type of interaction is retained to ensure continued interaction with the User for marketing and sales purposes and the promotion of our Services.
Communications Sent to Users
This information is needed for our legitimate business purposes, as it helps us understand how Users react to our communications. We believe that such methods are fair, lawful, and proportional to the legitimate interests and needs of our business, and that our methodology fairly addresses each User’s legitimate rights and expectations in view of the context and purpose of the collection and use of the information collected. Such information is collected in connection with our marketing efforts and is retained so that we can continue or elect to stop interaction with individual Users.
If at any time you wish for us to cease communicating with you, please contact us as indicated below in the section captioned “How to Contact Us”, or take advantage of the unsubscribe link that you will find in any of our written electronic communications.
Surveys and Contests
From time-to-time, we invite Users to participate in surveys or contests that we organize as part of our marketing efforts. We request that participants provide certain Personal Data such as name and email address. This information is necessary to ensure that responses are categorized properly and are not duplicated, to notify contest winners and award prizes, and in some cases, to send the survey results to participants.
We also use the information in aggregate form, for analytics purposes, to understand our market, or to modify our Platform or our Services to meet the needs or interests of Users.
Information we Obtain from Third Parties
We receive information from third party data providers. In some cases, such information has manifestly been made public by the individuals providing such information online (for example, in the case of a Visitor’s LinkedIn profile which has been posted and shared online publicly), and we assume that such individuals no longer have a privacy interest in such information, and that such information can be used in connection with Cyxtera’s legitimate interests in learning about potential Customers.
In other cases, where it is not clear that such information was made manifestly public by the individuals, we obtain this data with assurances from the third-party providers that the User has consented to the collection and sharing of this data, or that this information is available in public records and is permissible to collect.
7. How Information is Collected
User information is collected through several different means as described below. We believe that such means are fair, lawful, and proportional to the legitimate interests and needs of our business, and that our methodology fairly addresses each User’s legitimate rights and expectations in view of the context and purpose for the collection and use of the information collected.
If at any time you wish that we cease any form of collection or processing of information about you, please use any of the unsubscribe or opt-out methods that we provide, or contact us as indicated in the “How to Contact Us” section.
Information Provided by the User’s Device
Some information is provided automatically by the User’s device or browser. This includes, for example, browser and device version information.
Direct Contact by the User
Some information is provided directly by the User. This includes, for example, information provided by a User:
- When requesting information about our Services, or a copy of a newsletter or white paper;
- By completing a questionnaire, a form or a survey;
- When placing a call to us and requesting assistance from us;
- By visiting with us at an industry event;
- By registering to attend a seminar or webinar;
- When subscribing to marketing communications; or
- When requesting support.
User’s Activity on a Third-Party Site
When a User uses a third-party website that has integrated Cyxtera tracking code (to the extent such activity is not prohibited by applicable law), the pages visited on these websites, will be recorded by our Platform.
Some information is obtained from public records and publicly available databases.
Some information is provided by joint marketing partners and third-party providers who have confirmed that they have the right to share such information.
8. Cookies, Pixel Tags and Other technologies
Some User information is collected through cookies. Cookies, pixel tags and other tracking technologies are used on our Platform to ensure that it functions properly and to give Users a more personalized experience. Cookies can be “first party cookies” (served by us) or “third parties cookies” (served by others).
Information provided by our cookies are essential to help us provide our website in a manner that is adapted to each User’s specific needs, for example, to allow us to identify the country where the User is located, so that we can present our website in the appropriate language.
We believe that such means are fair, lawful, and proportional to the legitimate interests and needs of our business, and that our methodology fairly addresses each User’s legitimate rights and expectations in view of the context and purpose for the collection and use of the information collected.
9. Information Use and Disclosure
We use the data collected for the legitimate interests of our business as follows:
To Interact with Customers and Potential Customers
We use Contact Data and records of our interactions with Users:
- To keep records of contact information, correspondence and communications;
- To provide requested information concerning the Platform or the Services;
- To respond to requests for assistance or support, or requests for information concerning a User’s account;
- To send relevant marketing information or market research surveys (in some countries subject to the recipient’s prior approval); and
- To send invitations to events that may be of interest to Users in accordance with their preferences or apparent interests (in some countries subject to the recipient’s prior approval).
Provide or Facilitate the Use of the Platform
We use information about a User to:
- Provide the products, services, documents requested by the User;
- Fulfill purchases of Services;
- Respond to Users’ requests, or respond to comments or questions;
- Provide service and support to Customer Representatives;
- Diagnose server problems, and administer the Platform or the Services; and
- Follow up with Customer Representatives and help resolve issues either internally or with our third-party partners;
For Financial Operations
We use financial data provided during the sales process to verify a potential Customer’s qualifications for certain features of the Services and to bill Customers, as applicable.
For our Business Operations
We use User information:
- To send administrative information to Customers and Customers Representatives;
- To expedite the processing and completion of Customer transactions;
- To administer our Platform, diagnose technical problems, and manage our business;
- To Facilitate the User’s use of the Platform;
- To allow Users to navigate or browse through our Platform quickly and efficiently; and
- To remember the User’s preference, such as language and font size.
For Security Purposes
We use information about our Customers, Customer Representatives, and in some cases Visitors, to perform data analysis, audits, security and fraud monitoring and prevention; and to enhance, improve, or modify our Platform or Services.
We use IP Addresses for administration and security purposes, such as calculating usage levels of our Platform or Services, diagnosing server problems, and detecting fraud, spam or other disruptive or destructive behavior.
For Statistical and Research Purposes
We use information gathered using cookies, traffic data, log data and demographic data in aggregated form to:
- Better understand the interests and needs of our Users and Leads, and how they are using our Platform;
- Create reports on trends in the usage of the Platform or Services; and
- Determine the effectiveness of our promotional campaigns, and optimize our marketing and ad targeting efforts.
10. Sharing with Third Parties
Except as described below, Cyxtera will not share or disclose a User’s Personal Data with or to third parties.
We believe that our practices below are fair, lawful, and proportional to the legitimate interests and needs of our business, and that they fairly address each User’s legitimate rights and expectations in view of the context and purpose of the collection and use of the information collected, and are not intrusive or contrary to Users’ legitimate rights.
Disclosure to Marketing Partners.
In countries where such activities do not require the prior explicit consent of Users, we provide personal information of Users to third party marketing companies, affiliates, advertising agencies, and data aggregation companies. These partner firms use this information to provide individuals with information on products and services that may be of interest.
If countries where such activities are not permitted without the prior explicit consent of the individuals, we do not conduct these activities except with prior consent.
We share information with our suppliers, subcontractors, and other third parties who provide services to us (collectively “service providers”) in connection with advertising, hosting, data analytics, information technology and infrastructure, order fulfillment, email delivery, auditing, and other related activities. We provide only the information such service providers need to perform their designated functions. Our contracts with them prohibit them from using or sharing with others the information that we provide to them, or that they collect directly from our Users for purposes other than as directed by us.
Some of our events may be organized and hosted through a service provider, or in cooperation with unaffiliated organizations. These entities may require attendees to these events to provide information such as their name, email address, and/or phone number as part of the registration process. We cannot control their collection or use of information. We encourage you to read the privacy statements of these third parties because they control how such entities handle the information that you provide at the time of registration.
We participate in tradeshows that are organized by third parties. These entities may require attendees to provide information such as their name, email address, and/ or phone number as part of the registration process. We cannot control their collection or use of information. We encourage you to read the privacy statements of these third parties because they control how such entities handle the information that you provide at the time of registration.
If a User visits our booth at a trade shows, and provides us with contact information or a business card, we assume that the User intends to establish a commercial relationship with us, and invites us to provide marketing documentation or interact with them for the purpose of discussing our Services.
We share information with entities that are under common ownership or control of our parent company (our “Affiliates”). Subject to local requirements, this information may be used to provide services offered by our Affiliates and for the purposes described in this Privacy Notice.
Affiliates may share information about Users for direct marketing purposes, but only in accordance with each User’s choices or preferences.
We work with a payment processing partner to process credit card payments. If you make any payment to us, our payment processing provider will store, on our behalf, your full name and credit card details.
Fraud Prevention and Protection of Legal Rights
We may use and disclose information to the appropriate legal, judicial or law enforcement authorities and our advisors and investigators (i) when we believe, in our sole discretion, that such disclosure is necessary to investigate, prevent, or respond to suspected illegal or fraudulent activity or to protect the safety, rights, or property of Cyxtera, Users or others; (ii) when a User has abused the Platform or Services or gained unauthorized access to any system, engaged in spamming, denial of service attacks, or similar attacks; (iii) to exercise or protect legal rights or defend against legal claims; or (iv) to allow us to pursue available remedies or limit the damages that we may sustain.
We may have to disclose User information if a court, law enforcement or other public or government authority with appropriate jurisdiction requests that we provide that User’s information and we believe, in our reasonable discretion, that such request was made in compliance with applicable law.
11. Privacy Shield Statement
A. Cross Border Transfers
Cyxtera is a global corporation. As a result, Personal Data may be transferred, accessed or stored globally as explained in this Privacy Statement.
Cyxtera complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce (“Privacy Shield”) regarding the collection, use, and retention of Personal Data when a customer and Cyxtera have agreed that the transfer and processing of Personal Data about individuals in the European Economic Area (“EEA”) or Switzerland will be conducted pursuant to the Privacy Shield for the relevant services.
When conducting those activities on behalf of its EEA or Swiss customers, Cyxtera holds and/or processes Personal Data about EEA or Swiss individuals at the direction of the customer.
Cyxtera is responsible for ensuring that third parties acting as an agent on Cyxtera’s behalf are obligated to provide at least the same level of privacy protection as is required under the Privacy Shield Principles.
Cyxtera has certified (application pending) to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this Privacy Shield Statement and those of the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification (once approved), please visit https://www.privacyshield.gov/list.
The following entities are covered entities under Cyxtera’s Privacy Shield self-certification: SIS Holdings LP, Cyxtera Technologies, Inc., SIS Acquisition Corp. IV, Cyxtera Software, Inc., Cyxtera Management, Inc., Cyxtera DC Parent Holdings, Inc., Cyxtera Federal Group, Inc., SIS Acquisition Corp. II, SIS Acquisition Corp. III, Easy Solutions Enterprises Corp., Easy Solutions, Inc., Brainspace Corporation, Cyxtera DC Holdings, Inc., Catbird Networks, Inc., Cryptzone Worldwide, Inc., Cryptzone International Holdings, Inc., Cryptzone North America, Inc., Cyxtera Data Centers, Inc., Cyxtera Communications, LLC and Cyxtera Canada, LLC.
With respect to Personal Data received or transferred pursuant to the EU-US or Swiss-US Privacy Shield Framework, Cyxtera is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission and commits to cooperate with EU data protection authorities. In certain situations, Cyxtera may be required to disclose Personal Data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
B. Dispute Resolution
If you have any complaints regarding our compliance with this Privacy Shield Statement, you should first contact us. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of Personal Data in accordance with this Statement.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider, the American Arbitration Association, (free of charge) at http://go.adr.org/privacyshield.html.
Under certain conditions, more fully described on the Privacy Shield website at:, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
Security of Personal data
We use commercially reasonable technical, organizational, and administrative safeguards to protect information within our control against unauthorized or unlawful access, use, modification, destruction, processing or disclosure, and against accidental loss, destruction, or damage. We believe that these measures are reasonably suited to the nature of the information in our custody.
We limit access to our Users’ Personal Data to only those employees and third parties who reasonably need access to such information in order to perform their job responsibilities.
Threats to data security are constantly evolving. Therefore, Cyxtera cannot guarantee information in its care will not be accessed, hacked, disclosed, altered, or destroyed by unauthorized parties. Cyxtera continually seeks to improve its security posture in order to protect its employees', customers', and partners' data while aligning with industry best practices.
Breach of Security
If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us might have been compromised), or if you suspect someone else is using your account, please let us know immediately by contacting us as indicated in the “How to Contact Us” section.
Lost or Stolen Information.
You must promptly notify us if your credit, bank, other financial institution information, username, or password is lost, stolen, or used without permission. In such an event, we will assist you in updating your account details with respect to that information that we have in our possession.
13. Data Retention
We will retain Personal Data we collect from Users where we have justifiable business need to do so, and/or for as long as it is needed to fulfill the purposes outlined in this Privacy Notice, unless a longer retention period is required by law, such as for tax, legal, or accounting purposes.
You can request deletion of your Personal Data at any time, and we will consider your request in accordance with applicable laws.
When, in our reasonable discretion, we have no justifiable business need to process your Personal Data (for example, after you have ended all of your interactions with Cyxtera and our internal record keeping policies no longer dictate that we continue to process your Personal Data), we will either delete it or anonymize it, or if it not possible (for example, because your Personal Data has been stored in back-up archives), we will securely store your Personal Data and isolate it from any further processing until deletion is possible.
14. Advertising Choices
You may choose to block our website and other sites from setting cookies by changing the settings of your browser. Please note that blocking or disabling certain cookies may interfere with certain functionalities of some parts of our website.
To learn more about cookies, you may wish to refer to the following informational resources:
We use information collected about a User’s use of our Platform to arrange for advertisements about our Services to be served to a User on third party’s websites in accordance with our e-marketing Policy. To do so, our advertising service provider places or recognizes a unique cookie on the User’s browser and uses other techniques, such as pixel tags.
If you would like more information about this practice and to learn about your options with regard thereto, you may wish to refer to the following informational resources:
Opt-out of Interest-based Advertising
You may opt-out of receiving interest-based advertising as explained below. The opt-out may be provided through specific opt-out cookies. Please note that using a new computer, using a different browser, upgrading certain browsers, or modifying or erasing a browser’s cookie file, may clear an opt-out cookie.
Please note that opting out of receiving interest-based advertising does not result in blocking all advertisements targeted to your equipment. You will continue receiving advertisements, which advertisements will be generic or based on the content of a webpage that you are visiting, instead of being targeted to your specific interests.
Controlling Advertising on Websites
The following websites provide information regarding controlling advertising on websites:
World Privacy Forum:
Interactive Advertising Bureau (IAB)
Information collected by the Google Analytics cookie is transmitted to, and stored by, Google in accordance with its privacy practices.
To see an overview of privacy at Google and how this applies to Google Analytics, please visit: https://support.google.com/analytics/answer/6004245.
To opt out of Google Analytics, please visit: https://tools.google.com/dlpage/gaoptout.
If you receive commercial electronic communications from us, you can unsubscribe from the receipt of future commercial electronic communications from us by clicking on the “unsubscribe link” provided in such communications.
Customers who have a registered account may also opt out of receiving commercial electronic communications by logging in to their Cyxtera account, clicking on “Settings,” “User Accounts,” selecting a User, then editing the options in “Notification Options.” We will comply with your request(s) within ten (10) working days.
Please also note that if you do opt out of receiving commercial electronic communications from us, we may still send you important administrative messages (such as updates about your account or service changes), and you cannot opt out from receiving these messages.
15. Right of Information, Access and Other Rights
Accessing, Correcting or Deleting Your Information
Users who have an account with Cyxtera have the right to review, change, or suppress Personal Data that we have collected from them. There are several ways to do this, including by logging into your account and changing this information or by contacting us as indicated below in the section captioned “How to Contact Us”. To confirm the completeness and accuracy of, or make changes to, their Personal data, Users are encouraged to visit their personal profile.
We may need to retain certain information for legally required, or Cyxtera internal, record keeping purposes and/or in order to complete any transactions initiated prior to a User request to remove or delete their information. Residual information may remain within our databases and other records, but it will no longer be tied to your identity.
16. EU/EEA Residents: Data Subject Rights under the GDPR
The EU General Data Protection Regulation (GDPR) grants individuals who are in the European Union and European Economic Area (EU/EEA) the following rights, with some limitations. Users may contact us, at the address provided below in the section captioned “How to Contact us” to exercise any of those rights and we will respond with the requested action or information, or will let you know why such right(s) does not apply to you.
Right Not to Provide Consent or to Withdraw Consent
We may seek to rely on your consent in order to process certain Personal Data. Where we do so, you have the right not to provide your consent, and the right to withdraw your consent at any time. If you withdraw your consent, this will not affect the lawfulness of the processing conducted based on consent before its withdrawal.
Right of Access
You have the right to obtain confirmation as to whether or not we collect or process Personal Data concerning you and, if this is the case, you have the right to request a copy of such Personal Data in digital format.
Right of Rectification
You have the right to require that we correct any inaccurate Personal Data concerning you, and that we complete incomplete Personal Data.
Right of Erasure
In certain circumstances, you have the right to request that we erase Personal Data concerning you; for example, if it is no longer necessary for the purposes for which it was originally collected.
Right to Restrict Processing
In certain circumstances, you have the right to request that we restrict the processing of the Personal Data that we have collected about you; for example, where you believe that the Personal Data that hold about you is not accurate or lawfully held.
Right to Data Portability
In certain circumstances, you have the right to receive the Personal Data concerning you that you have provided us in a structured, commonly used, machine readable format, and the right to obtain that we transmit the data to another entity where technically feasible.
Right to Object to the Processing
In certain circumstances, you have the right to request that we stop processing your Personal Data.
Right to Object to the Processing for Direct Marketing Purposes
You have the right to request that we stop sending you marketing communications.
Right Not to be Subject to Decisions Based Solely on Automated Processing that Produce Legal Effects
In certain circumstances, you have the right no to be subject to a decision based solely on automated processing - including profiling - that produces legal effects or similarly affects you.
Right to Complain to a Supervisory Authority
You have the right to lodge complaint with a Supervisory Authority if you believe that our processing of Personal Data relating to you infringes the GDPR.
17. California Residents: Rights under California Law
California requires operators of websites or similar services to make certain disclosures to Users who reside in California regarding their rights, specifically:
Shine the Light
Under California law, a business that has an established business relationship with an individual, and has, within the immediately preceding calendar year, disclosed Personal Data that is primarily used for personal, family or household purposes to third party for the third party’s direct marketing purposes, must disclose to its California Users, upon request, the identity of any such third party, along with the type of Personal Data disclosed.
You can contact us to request such information as provided in the “How to Contact Us” section. Please note that under California law, businesses are only required to respond to a User’s request once during any calendar year.
Some browsers give individuals the ability to communicate that they wish not to be tracked while browsing on the Internet. California law requires that we disclose to Users how we treat do-not-track requests. The Internet industry has not yet agreed on a definition of what “Do Not Track” means, how compliance with “Do Not Track” would be measured or evaluated, or a common approach to responding to a “Do Not Track” signal. Due to the lack of guidance, we have not yet developed features that would recognize or respond to browser-initiated Do Not Track signals in response to California law.
In the meantime, there are technical means to prevent some of the tracking, if any. See “Controlling Advertising on Websites.”
18. Children’s Privacy
Our Platform is not directed to individuals under the age of 13. We do not solicit or knowingly collect Personal data from such individuals. If you become aware that a child has provided us with Personal Data, please contact us as indicated in the “How to Contact Us” section below. If we obtain actual knowledge that we have collected Personal data from a child under the age of 13, we will take steps to delete such information from our database.
19. How to Contact Us
We would love to hear your questions, concerns, and feedback about this Notice.
You can contact us:
By email at: GRC@Cyxtera.com.
By postal mail at:
Attn: Director, GRC
22860 International Drive
Sterling, VA 20166
Please note that email communications are not always secure; so please do not include credit card information or sensitive information in your emails to us.
Request to Exercise Individual Rights
To exercise any of your rights as set forth herein, please contact us in writing, via email or postal mail as indicated above, so that we may consider your request under applicable law. Please be aware that your request will not be accepted for review unless you provide the following:
- The name, User ID, pseudonym, email address, or other identifier that you have used to use our Platform, or if you are not a registered User of the service, or have not otherwise previously interacted with us, your first and last name and an address where we can correspond with you;
- The State or Country in which you are located.
- A clear description of the information or content you wish to receive or to be deleted or corrected, or the action you wish to be taken; and
- Sufficient information to allow us to locate the content or information to be deleted, removed or corrected.
For your protection, we may only implement requests with respect to the Personal Data associated with the particular email address that you use to send us your request.
In addition, please note that, depending on the nature of your inquiry, request or complaint, we may need to verify your identity before implementing your request and may require proof of identity, such as in the form of a government issued ID and proof of geographical address.
We will try to comply with your request as soon as reasonably practicable. However, we reserve the right to refuse to act on a request that is manifestly unfounded or excessive (for example because it is repetitive) and/or, in some cases, to charge a fee that takes into account the administrative costs for providing the information or the communication or taking the action requested.
* * * * * * * * * *