1. What information do we collect?
2. How your information is collected – and the lawful basis for that collection
3. How we use the information collected?
4. How can you control your information?
5. Sharing information with third parties
6. How do we protect your information?
7. International Data Transfer
8. Third Party Websites; Social Media Features
9. Changes to the Privacy Policy
10. Minors
11. California Privacy Rights
12. EU Data Subject Rights

1. What information do we collect?

We collect two types of data and information from our Users:

• The first type of information is non-identifiable and anonymous information (“Non-Identifiable Information”). Non-Identifiable Information is any information that does not enable the identification of an individual. This kind of information is made available to us while you enter and/or use the Websites or the Services. Non-Identifiable information consists of technical information and behavioral information, and includes, among other things, the type of browser you use and the actions you take on the Websites or by using the Services, date/time stamp, referring/exit pages, clicked pages and any other information your browser may send us.
• The second type of information that is collected, either alone or in combination with other information, is information that could identify an individual (“Personal Identifiable Information” or “PII”). PII may include your Internet Protocol Address, first and last name, email or physical address and phone number.

At all times, you may choose whether to provide or disclose PII. If you choose not to provide PII, you may still visit parts of the Websites or receive limited Services, but you may be unable to access certain options, programs, offers, and services that involve our interaction with you. 

2. How your information is collected – and the lawful basis for that collection

Non-Identifiable Information is collected when you access or use the Websites and/or the Services. We use industry standard tools and software to monitor your navigation and usage of the Websites and services, your usage pattern-logs and other communications data. We may also use “cookies” and Flash (or similar technologies), which stores certain information on your computer (“Local Storage”) and which allows us to enable automatic activation of certain features and improve your experience. It is easy to prohibit Local Storage, most browsers will allow you to erase cookies from your hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. To erase or disable the Local Storage option in Flash you should use the settings option of Flash according to the specific instructions provided by the technology provider. However, if you block or erase cookies, or change the settings of Flash, your online experience may be limited.

We also collect information that you provide us voluntarily, for example, we collect PII when you:

• File an online form on one of our Websites
• Provide us with information at a live event
• Register for our services and making payments
• Post materials, participating in online forums or providing comments and feedback to online discussions on our Websites
• Contacting us by email
• Register (directly or indirectly) to any of our events.
• In addition, we may receive your PII from your employer

Your personal data is stored by us on our servers and on the servers of various cloud-based database management services we engage, located in the United States and the European Union (“EU”). We will only collect and process personal data about you when we have a lawful basis to do so. Such basis includes your consent, a contract between us and you or a third party you are associated with, as well as other legitimate interests (for example: our compliant with applicable law, protecting the security of ours and our customers’ systems and data, and enable our services).

3. How we use the information collected?

We collect each type of information for different purposes.

Non-Identifiable Information is collected to allow enhancement of your experience on the Websites and Services, for statistical and research purposes and for customization and improvement of our various interfaces. It also helps us learn about the preferences of our users and general trends relating to the Websites and Services.

PII is collected to:

• Enable use of the Services. For example, in order to register to the Services you will need to provide us with your name and email so we will be able to issue a license key.
• Allow us to contact you (in accordance with applicable law) with proposals and tailored information regarding new products, events, offers, services, features, enhancements, special offers, upgrade opportunities, and events of interest. For example, when you fill out a request for a quote, we will need you to provide us with contact details.
• Provide you with technical assistance and support.
• Issue invoices and contact you in connection with payments for our services

4. How can you control your information?

JFrog may retain your information for a period consistent with the original purpose of collection. For example, we will retain your information for as long as you are using our services, and for a reasonable period thereafter. Aggregated and/or anonymous data, and any other Non-personal Information may remain on our servers indefinitely all as permitted under the applicable privacy laws.

You may request to review, correct, delete or otherwise modify any of the PII that was provided to us, or request to confirm whether we process your personal information. In addition, you may object to our processing of your PII for a legitimate interest. Kindly send an email to PII@jfrog.com in connection with the aforementioned issues and we will provide you with all required information.

Please note that you may manage the receipt of marketing and non-transactional information from us by clicking on the “unsubscribe” link located on the bottom of marketing emails sent by us.

5. Sharing information with third parties

Our Websites and some of the Services allow you to share information with other users and create and publish content. Any content that you post on or via the Websites (“User Submissions”) may be publicly available to other users. The notices and tools that we provide on the Websites are intended to inform you which information will be made publicly available. If you publish your personal information in any User Submissions, you may receive unsolicited messages from other users of the Websites or the public. We, therefore, encourage you only to post information that you are sure you want to be accessible to anyone.

If you are using our services on behalf of an organization or if you provide us with an email address which belongs to an organization, certain information provided to us may be accessible to the respective administrator or to other users of such organization.

JFrog uses third-party service providers to enable us to provide the Services. These providers are not permitted to store, retain, or use information collected by us except for the sole purpose of providing us with the Services on our behalf. JFrog uses commercially reasonable efforts to engage with third parties that post a privacy policy governing their collection, processing and use of non-personal and personal information. Our third party service providers include, without limitation:

• Softlayer Technologies. Inc. privacy policy is available here;
• Zuora, Inc. privacy policy is available here;
• PayPal Holdings, Inc. privacy policy is available here;   
• Automattic, Inc. privacy policy is available here;
• Microsoft Azure policy is available here;
• Google Cloud Platform and Google Analytics privacy policy is available here;
• Amazon Web Services, Inc. privacy policy is available here; and
• Orbitera Inc., privacy policy is available here.
• Bing Ads, privacy policy is available here.

The Site also utilizes the services of Promarketing Wizard Ltd., an Israeli company, to manage the registration process to the Event and to collect and process payments and issue invoices in connection thereto.

We also reserve the right to: (a) use or disclose your information if required by law, under a judicial proceeding, court order, or legal processor if we reasonably believe that such disclosure is required to protect our rights, including their enforcement; or (b) to transfer or assign the PII retained by us in the  event that we are acquired by or merged with a third party entity; or (c) in the event of bankruptcy or a comparable event.

6. How do we protect your information?

We use industry standard technologies and internal procedures (including without limitation, using tokens and encryption mechanisms) to maintain the security and integrity of our Websites and Services and your information, and to prevent unauthorized access thereto. Please note, however, that there are inherent risks in transmission of information over the internet or other methods of electronic storage and we cannot guarantee that unauthorized access or use of your information will never occur. Further information is available at Privacy@jfrog.com. 

7. International Data Transfer

We collect information globally and primarily store that information in the United States and the EU. We transfer information collected about you, including PII, to affiliated entities and to other third-party service providers, which may be located outside your country of residence. Please note that we may transfer such information to a country and jurisdiction that does not have similar data protection laws that apply to your country of residence.

• International transfers within JFrog. JFrog is operated globally and our services are provided from various location. In order to allow us to perform our obligations and provide you with the services, we transfer information within our group of companies (a list thereof is available here). When we share information about you within and among our corporate affiliates, we make use of standard contractual data protection clauses, which have been approved by the European Commission, to safeguard the transfer of information we collect from the European Economic Area and Switzerland (collectively: “EEA”) outside of the EEA.
• International transfers to third parties. Some of the third parties described in this Privacy Policy, that provide services to us under contract, are based in other countries that may not have equivalent privacy and data protection laws to the country in which you reside. When we share information of users from the EEA outside of the EEA, we make use of standard contractual data protection clauses, which have been approved by the European Commission, or other appropriate legal mechanisms to safeguard the transfer. 

8. Third Party Websites; Social Media Features

Our Websites and Services include social media features (“Features“), for example, you can share posts and comments on or through your social media account. The Features may enable the applicable social networks to collect your Internet Protocol address, Non-Identifiable Information and may set a cookie to enable the functionality of the Feature. Your interactions with the Features are governed by the privacy policy of the third party who provided such Features, and we are not responsible for the privacy practices or the content of such third-party Features. Please be aware that the third parties providing the Features may collect PII from you. Accordingly, we encourage you to read the terms and conditions and privacy policy of each relevant third party that you choose to use or interact with.

In addition, certain links on our Websites, enable our users to enter other sites or services. Those linked sites and services are provided solely as a convenience to you and are not under the control of JFrog. We are not responsible or liable for such linked sites and services’ privacy practices and/or any other practices. Your access to, use of and reliance upon any such sites, services and content and your dealings with such third parties are at your sole risk and expense.

9. Changes to the Privacy Policy

The terms of this Privacy Policy will govern the use of the Websites and Services and any information collected by JFrog. JFrog reserves the right to change this policy at any time, so please re-visit this page frequently. We will provide notice of substantial changes of this policy on the homepage of the Websites. All other changes to this Privacy Policy are effective as of the stated “Last Updated” date and your continued use of the Websites and the services after the Last Update date will constitute acceptance of, and agreement to be bound by, those changes. If the Privacy Policy is required to be amended to comply with any legal requirements, the amendments may take effect immediately, or as required by the law and without any prior notice.

10. Minors

The Websites is intended for users over the age of eighteen (18). Therefore, JFrog does not intend and does not knowingly collect PII from children under the age of eighteen (18). We reserve the right to request proof of age. If we learn that we collected PII from children under the age of eighteen (18) we will delete that information promptly. Please contact JFrog at Privacy@jfrog.com if you have reasons to suspect that JFrog collected such information.

11. California Privacy Rights

California Civil Code Section 1798.83 permits our users who are California residents to request certain information regarding our disclosure of PII to third parties for their direct marketing purposes. To make such a request, please send an email to Privacy@jfrog.com.

In addition, if you are a California resident under the age of 18 and a registered user to our services, California Business and Professions Code Section 22581 permits you to remove content or Personal Information you have publicly posted.  If you wish to remove such content or PII and you specify which content or PII you wish to be removed, we will do so in accordance with applicable law.  Please be aware that after such removal you will not be able to restore the removed content. In addition, such removal does not ensure complete or comprehensive removal of the content or PII you have posted and that there may be circumstances in which the law does not require us to enable removal of content.

12. EU Data Subject Rights

The EU’s General Data Protection Regulation (“GDPR”) and other countries’ privacy laws provide certain rights for data subjects. Useful information regarding the GDPR (in English) is available on the following EU website.

You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside JFrog might have received the data from JFrog; the source of the information; and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by JFrog if it is inaccurate. You may request that JFrog erase that data or cease processing it, subject to certain exceptions. You may also request that JFrog cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how JFrog processes your personal data. When technically feasible, JFrog will—at your request—provide your personal data to you or transmit it directly to another controller. 

13. Got any Questions?

We are committed to protecting your privacy. If you have any questions (or comments) concerning this Privacy Policy, you are more than welcome to send us an e-mail to the following address: Privacy@jfrog.com and we will make an effort to reply within a reasonable timeframe.