For MSPs and internal IT to operate SMBs and Enterprises.

Enjoy automated onboarding and migration from your current Legacy Service Management portfolio, and be up and running within minutes.

UpStacked Privacy Policy

UpStacked is committed to protecting the privacy of visitors of the UpStacked website(s), individuals who register to use the products and services, individuals who register to attend the Company’s corporate or other events, and business partners. This privacy page describes our privacy practices in relation to your activities with us, including your choices regarding use, access, and correction of Personal Data.

Regulatory Statement: Changing privacy regulations, like the EU General Data Protection Regulation (GDPR), impose additional requirements upon companies to strengthen the security around and enhance the protection of an individuals’ Personal Data. UpStacked has a dedicated, cross-functional team overseeing UpStacked' privacy and security readiness.

Privacy Notice: UpStacked is committed to protecting the privacy of those involved in its business. Our Privacy Notice is meant to help you understand, among other things, what Personal Data we may collect about you; how we may use that information; when we may use your details to contact you; and your choices about the Personal Data that you give to us.

Cookie Policy: Our Cookie Policy addresses how we use cookies when you visit UpStacked. We want to be clear about how we collect and use data related to you via cookies.
You can read about our Cookie Policy here.
PRIVACY NOTICE

Last updated May 7th 2020.

Blue Tree AS and its affiliated brands (“UpStacked”) is committed to protecting the information relating to you that you share with us (“Personal Data”). This includes our customers and visitors of the UpStacked website(s), our business partners, and individuals who register to use our products and services, or to attend corporate events (“Customers”). This Privacy Notice (“Privacy Notice”) describes our privacy practices in relation to the use of UpStacked websites (including any customer portal or interactive website), our software, services, and related applications, and programs, including corporate events and research and marketing activities, offered by UpStacked (the “Services”). This Privacy Notice also describes how we collect, access, use, disclose, correct, and otherwise process Personal Data to provide our Services and to generally operate our business (“Sites”).

UpStacked Services include IT management and monitoring solutions, such as network, systems and database management, security solutions, applications and infrastructure monitoring, and IT helpdesk tools, for individuals as well as businesses; they are sold, directly and through distributors, resellers, and managed service providers (MSPs).

This Privacy Notice does not apply to information collected about UpStacked employees, applicants, or other personnel.

Customer Data. As a provider of Services, we may receive, process or store certain information, including Personal Data, on behalf of our Customers (“Customer Data”). Such information is owned and controlled by our Customers, the data controllers for such information. Customer Data may include information from the end points and other systems, tools or devices that Customers manage or monitor using our Services, and end user data related to activities on the relevant networks and systems. It may also include event logs, end user information (such as IP address, email address and computer name), and other Personal Data, where relevant. As a data processor of the Customer Data, UpStacked processes the Customer Data pursuant to the instructions from our Customers. For detailed privacy information related to where a UpStacked customer and/or customer affiliate is the controller, please reach out to the respective customer directly.  Our customers’ privacy and security practices are their own and differ from those set forth in this Privacy Notice.

Third Party Links. The UpStacked Sites may contain links to other websites, and information practices and/or the content related thereto shall be governed by the privacy notices of such other websites. UpStacked accepts no responsibility arising from or regarding such third-party websites.

What information we collect about you

UpStacked collects information as part of its normal business operations and in the administration of Customer relationships, which may include Personal Data.

Business Contact and Customer Relationship Management. We collect and maintain information about our Customers, which may include company name, business contact name and title, phone number, email and other contact details. We may also collect billing address, financial account, credit card information, order details, subscription and license information, and usage details. In addition, we collect user credential and profile data (name, contact, authorized users).

Data Submitted on Sites. In order to enjoy the full functionality of the Sites or to conduct business with us, you may be prompted to provide certain Personal Data to us:
by filling in forms (for example, a “Contact Us” form) on our Sites, at a trade show, or anywhere else we conduct business;

- by downloading or accessing the UpStacked Services;
- by downloading documentation from our Sites;
- by subscribing to newsletters or other communications; or
- by corresponding with us by phone, e-mail or otherwise using our contact details.

Typically, the Personal Data includes name, business affiliation, business address, telephone number, and email address, and any other personal details provided or required to resolve inquiries or complaints.

Customer Support and Service. When Customers contact us for support or other customer service requests, we maintain support tickets and other records related to the requests. We may also collect call recordings related to support and customer service-related calls.

Usage Details. We collect information about Customers’ usage of our Services, including IP address, Customer ID, email address, and other usage statistics. We do not collect usage details about Customer end users, except as necessary to provide and support the Services requested by Customers.

When you visit our Sites, our server automatically collects certain browser or device generated information, which may in some cases constitute Personal Data, including but not limited to:

- your domain;
- your IP address;
- the date, time and duration of your visit;
- your browser type;your operating system;
- your page visits;information from third parties;
- other information about your computer or device; or
- internet traffic.

Third Parties. We may also obtain Personal Data about Customers from third parties unless prohibited by applicable law, including third parties from whom we have purchased Personal Data, public databases, resellers, channel partners, and marketing partners. We may combine this information with Personal Data provided by you. This helps us to update, expand, and analyze our records, identify new customers, and create more tailored advertising to provide services that may be of interest to you.

De-identified Data. We may de-identify and aggregate certain data we collect such that the data no longer identifies or can be linked to a particular customer or an individual data subject (“De-identified Data”), subject to the terms of any applicable customer agreements. We may use this De-Identified Data to improve our Services, analyze trends, publish market research, and for other marketing, research or statistical purposes, and may disclose such data to third parties for these specific purposes.

Other Data. UpStacked collects, uses and maintains certain data related to its business and the Services it provides to Customers, which is not Personal Data; this Privacy Notice does not restrict our use and processing of such data.

Cookies

Our Sites use cookies. More information about our use of cookies can be found in our cookie policy.

Use of Personal Data

The following describes our purposes for using Personal Data that we process as a data controller. Additional details on how we process your Personal Data may be provided to you in a separate notice or contract.Our processing (i.e. use) of your Personal Data is justified on the following legal bases:

- Performance of Contract: the processing is necessary to perform a contract with you or take steps to enter into a contract at your request;
- Compliance with Law: the processing is necessary for us to comply with a relevant legal obligation (for example, laws which require us to collect tax information from customers, carry out checks on customers, or which compel us to disclose information to public authorities or regulators);
- Our Legitimate Interests: the processing is in our legitimate interests, subject to your interests and fundamental rights, and notably our legitimate interest in using applicable data to conduct and develop our business activities, such as developing and maintaining relationships with our customers (the majority of the processing covered by this Privacy Notice is legitimate interest based);*
- Defend Our Rights: where the processing is necessary to the establishment, exercise or defense of legal claims; or
- With Your Consent: you have consented to the processing (for example, where we are required by local law to rely upon your prior consent for the purposes of direct marketing).

* In all cases where legitimate interests is relied upon as a lawful basis, we take steps to ensure that our legitimate interests are not outweighed by any prejudice to your rights and freedoms. This is achieved in a number of ways, including the application of principles of data minimization and security, and by taking steps to ensure that Personal Data is collected where it is relevant to the lawful business activities, and, where using Personal Data, is reasonably necessary for those activities.

How we share your personal data

UpStacked is a brand of Blue Tree AS, and we may share Personal Data with our affiliated businesses as part of our business operations and administration of the Services. We may also appoint third party service providers (who will operate under our instructions) to assist us in providing information, products or services to you, in conducting and managing our business, or in managing and improving our Services or the Sites. UpStacked may share your Personal Data with these affiliates and third parties to perform services on UpStacked' behalf, subject to appropriate contractual restrictions and security measures.

UpStacked reserves the right to share information that is not deemed Personal Data or subject to contractual restrictions.  Additionally, some Sites may use framing techniques to serve content from our third-party partners, while preserving the look and feel of our Sites; please be aware that you are providing your Personal Data to these third parties, not to UpStacked.

Additional Disclosures. UpStacked may also share your Personal Data if we believe it is reasonably necessary to prevent harm or loss or pursuant to your consent.  In accordance with our legal obligations, we may also transfer Customer Data to relevant authorities for law enforcement or security purposes.  We may also disclose Customer Data (including any Personal Data), if required by law.

Business Transfers. UpStacked may disclose Personal Data in connection with, or during the negotiation, of any merger or sale of company assets, financing, acquisition, dissolution, corporate reorganization or similar event.  We will inform any buyer that your Personal Data shall only be used in accordance with this Privacy Notice.

Just-in-Time Disclosures. Additional disclosures or information about processing of Personal Data related to specific websites, mobile applications, products, services, or programs may be provided to you. These may supplement and/or clarify UpStacked privacy practices in specific circumstances and provide you with additional choices as to how UpStacked may process your Personal Data.

International transfers of personal data

Transfers outside of the EU. If Personal Data is transferred outside the EU to other Blue Tree group companies or to third-party service providers, we will take steps to ensure that your Personal Data receives the same level of protection as if it remained within the EU. This includes entering into data transfer agreements, using the European Commission approved Standard Contractual Clauses. For transfers to other Blue Tree group companies in the United States (a country that has not received a decision from the European Commission determining that the United States provides adequate protection to Personal Data), we have put in place European Commission approved Standard Contractual Clauses, which protect Personal Data transferred between UpStacked entities. You have a right to obtain details of the mechanism under which your Personal Data is transferred outside of the EU by contacting. As of now, Blue Tree AS does not have any legal or affiliated entities in the United States.

We contractually require agents, service providers, and affiliates who may process Personal Data related to the Services to provide the same level of protections for Personal Data as required under the Principles. UpStacked currently does not transfer Personal Data to a third party for the third party’s own use, but only for UpStacked’ purposes as outlined above. UpStacked will remain liable under the Principles if one of its third-party processors processes Personal Data in a manner inconsistent with the Principles, if we are responsible for the event giving rise to the damage.

Vendor Data Protection Requirements. UpStacked recognizes that the use of third-party vendors must be properly managed. Before entering into third party relationships, we take deliberate steps to conduct an assessment of risk related to the vendor relationship. We take care to understand the compliance, reputational, strategic, operational, and transactional risks relating to a particular vendor before entering into a contractual relationship.

Any vendor who has access to Personal Data is expected to demonstrate their security policies, processes, and procedures and prove that they are able to provide adequate protection of such data, including against misuse or compromise.

Children

The Sites, Services and portal are not for use by children under the age of 16 years and UpStacked does not knowingly collect, store, share or use the Personal Data of children under 16 years. If you are under the age of 16 years, please do not provide any Personal Data to UpStacked, even if prompted to do so. If you are under the age of 16 years and you have provided Personal Data, please ask your parent(s) or guardian(s) to notify UpStacked, and UpStacked will delete all such Personal Data.

Marketing

Where lawful to do so, and subject to your consent where required, we may communicate with Customers (and related business contacts) about our Services. If you wish to unsubscribe from receiving marketing communications, please visit the Email Preference Center on our Site or use the Email Preference Center link in our promotional emails to request that the cessation of these communications.

Security

UpStacked maintains (and requires its service providers to maintain) appropriate organizational and technical measures designed to protect the security and confidentiality of Personal Data we process. However, no environment or security procedures or protocols are ever guaranteed to be 100% secure or error-free. Accordingly, we cannot be held responsible for unauthorized or unintended access that is beyond our control. We encourage you to take care when disclosing Personal Data online and use readily available tools and security measures to protect yourself online.

Retention of your personal data

We apply a general rule of keeping Personal Data for as long as it is required to fulfil the purposes for which it was collected. In some circumstances, however, we may retain Personal Data for other periods of time, including where we are required to do so in accordance with legal, tax and accounting requirements or if required to do so by a legal process, legal authority, or other governmental entity capable of making this request.In specific circumstances, we may also retain your Personal Data for longer periods of time, which may correspond to a statute of limitations, so that we have an accurate record of your dealings with us in the event of any complaints or challenges.

External links

The Sites may contain links to third-party sites. Since UpStacked does not control nor is responsible for the privacy practices of those websites, we encourage you to review the privacy policies of these third-party sites. This Privacy Notice applies solely to Personal Data collected by our Sites or in the course of our business activities.

Your privacy rights and choices

Individuals have the right to access the Personal Data processed about them, subject to applicable law; individuals may request to access their Personal Data processed by us by contacting us at Hello@UpStacked.com.

Subject to applicable law, you may also have some or all of the following rights available to you as to your Personal Data:

- to obtain a copy of your Personal Data together with information about how and on what basis that Personal Data is processed;
- to rectify inaccurate Personal Data (including the right to have incomplete Personal Data completed);
- in limited circumstances, to port your data in machine-readable format to a third party (or to you) when we justify our processing on the basis of your consent or the performance of a contract with you;
- to erase your Personal Data (in limited circumstances, such as where it is no longer necessary in relation to the purposes for which it was collected or processed);
- to restrict processing of your Personal Data under certain circumstances;
- to withdraw your consent to our processing of your Personal Data (where that processing is based on your consent); and
- to obtain or see a copy of the appropriate safeguards under which your Personal Data is transferred to a third country or international organization.

In addition to the above rights, EU data protection law provides applicable individuals the right to object to processing of your Personal Data for which we have justified on the basis of a legitimate interest, including profiling (as opposed to your consent) or to perform a contract with you. You also have the right to object at any time to any processing of your Personal Data for direct marketing purposes, including profiling for marketing purposes.

You also have the right to lodge a complaint with your local supervisory authority for data protection.

To exercise such rights, please contact us at Hello@UpStacked.com.

Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, especially if your request is manifestly unfounded or excessive. We will endeavor to respond to your request within all applicable timeframes.

If you contact us regarding Customer Data for which we are a data processor, we will attempt to refer your request to the relevant Customer, and data controller for your Personal Data.

Changes to our privacy notice

UpStacked will review and update this Privacy Notice periodically to respond to changing legal, technical and business developments. We will note the date of its most recent revision herein. Please review this Privacy Notice frequently to be informed of your rights and how UpStacked is protecting your Personal Data.

Contact information

If you have any questions in relation to this Privacy Notice, please contact us at Hello@UpStacked.com.
copyright © 2023. All rights reserved