CMDR
Privacy Policy
Last Updated: October 8th, 2024
Objective:
This Privacy Policy outlines how CMDR collects, uses, stores, and protects personal information and how users can exercise their rights under applicable data protection laws, including California and Nevada-specific regulations.
Introduction and Scope of this Policy:
The CMDR platform is a web platform designed to help engineering leaders support their organizations. The CMDR platform is operated by CMDR Inc. (“CMDR,” “we,” “us”). We are committed to protecting the privacy of your personal information, and we have provided this policy to our users (collectively, “you,” “your”) of the types of information we collect, and the ways in which we will use and disclose it. By accessing or using the CMDR platform, you agree to the terms of this Privacy Policy. CMDR operates from the United States and its services are intended for use in the United States. We do not market our services to residents or carry out operations in regions outside of the US, including, but not limited to the European Economic Area. If you are located outside the United States, the information you provide to us is transmitted and processed in the United States, and it will be protected subject to this Privacy Policy and applicable laws, which may not be as protective as the laws in your country. By using CMDR, you agree to this.
1. Data We Collect
We store and maintain OAuth access tokens, refresh tokens, access token expiry, client user IDs, and reports generated using CMDR encrypted in our database. Additionally, log data is collected for 30 days and then deleted.
2. How We Use Your Data
We use this data to:
Authenticate users and provide access to CMDR.
Monitor usage patterns and improve our services.
Comply with legal obligations.
3. Log Data
When you use CMDR, our servers automatically record information sent from your browser. Log Data may include information such as your computer's Internet Protocol (IP) address, browser type, machine model, activity you engage in on our pages, the referring URL, and access times and dates. We use this information to monitor, analyze, use of, and administer CMDR, and to better tailor CMDR to your needs.
4. User Data Subject Access Rights
As a user of our platform, you have certain rights regarding your personal data under applicable data protection laws. These rights include:
Right to Access
You have the right to request a copy of the personal data we hold about you, including details about how we process your data. You can do this by contacting us directly.Right to Rectification
If you believe that any information we hold about you is incorrect or incomplete, you have the right to request that we correct or complete this information.Right to Erasure
You have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent.Right to Restrict Processing
You may request that we limit the processing of your personal data in certain situations, such as when you contest the accuracy of the data.Right to Data Portability
You have the right to request that we provide your personal data in a structured, commonly used, and machine-readable format, or to transfer this data directly to another service provider, where technically feasible.Right to Object
You have the right to object to the processing of your personal data under certain circumstances, including for direct marketing purposes.
5. CA and NV Compliance
In compliance with the CCPA, California residents have the right to request disclosure of the specific pieces of personal information we collect about them.
Under Nevada law (NRS 603A), residents may opt out of the sale of their personal information.
Updates
The Privacy Policy will be reviewed at least annually and may change from time to time in the future. Non-material changes will become effective when posted by the provider. The “last updated” date at the top of this policy indicates when it was last revised.