Privacy Policy
This privacy policy (the “Policy ”) for Software Mansion S.A. ("Company, " "we, " "us, " or "our"), describes how and why we might collect, store, use, and/or share ("process") your information when you use our products and/or services ("Services"), such as when you:
- Visit our website at smelter.dev, or any website of ours that links to this Policy
- Engage with us in other related ways ― including any sales, marketing, or events related to Smelter.
Questions or concerns?
Understanding this Policy will help you
comprehend your rights and choices regarding your privacy. If you disagree
with our methods and practices, do not access our Services. For any
questions or issues, please contact us at legal@swmansion.com. If there are any capitalized terms in this Policy that are not defined,
then those terms will have the meaning defined in your agreement with us.
How We Process Your Personal Information
“Personal information” or “personal data” includes an array of
information. In general, we interpret it to mean any information that
relates to an identifiable, living individual person. In some
jurisdictions, legal distinctions are drawn between “controllers” and
“processors” of personal data. Controllers determine the purposes and
means of processing personal data, whereas processors are entities that
process personal data on behalf of the controller according to their
instructions. A processor does not make decisions about personal
information; it only processes personal information on behalf of a
controller based on the controller's instructions.
If you are a user
using Smelter, we process your personal information in different ways when
you use our Services:
- We process your personal information as a user of Smelter (e.g. your contact information) — when you visit our public-facing website like Smelter.dev, reach out to us; or sign up for Smelter via contact form at Smelter.dev and use our Services (‘User Data’).
When we process your User Data we are acting as a controller.
If you are a visitor to our website (by which we mean any website that links
back to this Policy in its footer), we collect a minimal amount of data about
you (depending on how much you've chosen to share with us). This might be as
little as an IP address or a cookie, and it might be your contact information.
We also consider this User Data.
If you are an end user of a Smelter user, this Policy does not apply to the
services that our users provide to their end users. Our users have their own
policies regarding the collection, use, and disclosure of the personal information
of their end users. If you are an end user of one of our users and want to
learn about how that user handles your personal information, we encourage you
to read the user's privacy policy.
Data about our users
Smelter requires the minimal amount of data necessary to provide Services
to you, and the amount or type of data we collect depends on the product
or service you choose or how you use it. We do not sell your personal
information and we do not share your information with third parties for
those third parties' own business interests.
We use the information we collect and share it with our service providers primarily
to provide the Services you've requested from us, and as needed for our operational
purposes . In addition, we may use data about our users to detect, prevent,
or investigate security incidents, fraud, or abuse and misuse of our platform
and Services.
When you sign up to use Smelter, we ask for certain information like your contact details. We also collect some information automatically, like your IP address. We use this to understand who is using our Services and how, and to detect, prevent and investigate fraud, abuse, or security incidents.
Information You Share Directly:
Name and contact information.When you sign up for Smelter, you authenticate using your email account. In doing so, we receive certain information about you. The information we receive may vary depending on the email address and your email service provider, but could include your name. We collect this information so we know who you are.
Information We Generate or Collect Automatically:
Device information and IP addresses.We collect your IP address and
other data through tracking technologies like cookies, web beacons, and
similar technologies. We also collect IP addresses when you make requests
to our APIs and in our server logs. We use this information to understand
how users are using our platform, who those users are (if they are a
company and the IP address is associated with that company), what country
they are logging in from (for analytics and export control purposes), and
to help improve the navigation experience. You can learn more about
cookies in the section titled “Cookies and Tracking Technologies” below.
We also collect information about your device, such as your computer or mobile
device operating system type and version number, manufacturer and model, browser
type, screen resolution and general location information such as city or town.
We do not collect precise geographical information.
Data we process from our website and interactions
When you visit our website we may collect information automatically using tracking technologies, like cookies, and through web forms where you type in your information. We collect this information to provide you with what you request through the web form, to learn more about who is interested in our Services, and to improve navigation experience on our pages. You can learn more about cookies in the section titled "Cookies and Tracking Technologies" below.
Information You Share Directly:
On certain parts of our public-facing websites, you may be able to fill out forms to request contact from us, sign up for newsletters, or participate in surveys. The personal information requested on these forms will vary depending on the purpose of the form. We will ask for information that is necessary to fulfill your request, such as your email address if you want to receive a newsletter or your phone number if you want to be contacted by a member of our team. We may also ask for additional information to better understand our users, such as your use case for Smelter, your company name, or your job title. Our team keeps a record of all communication with users, including contact information and any other details shared during the conversation. This information is used to help us improve our Services, provide training to our team members, and manage our ongoing relationships with users. It is important to be mindful of what information you share with these teams, as we store a record of these communications. To protect your privacy, it is best to avoid sharing sensitive personal information unless it is necessary for the teams to assist you. We will take appropriate measures to protect any sensitive information that is shared with us.
Information We Collect Automatically:
When you visit Smelter website, including web forms, we and our service providers may collect certain information using tracking technologies such as cookies, web beacons, and similar technologies. This information helps us understand how visitors use our websites, which pages and features are most popular, and how we can improve our websites and track the performance of our advertisements. Tracking technologies also help improve the navigation experience on Smelter websites. We do not sell this information to third parties. For more information on how we use cookies and other tracking technologies, please see the section titled "Cookies and Tracking Technologies."
Marketing information
We may use your email address to send you information about other Services
or events in which we think you may be interested, if you opt-in to
receive such communication. You can opt-out at any time through your
marketing preferences page by clicking the “unsubscribe” link at the
bottom of any marketing email you receive from us. You can also contact us
to communicate your choice to opt out. Please note that it may take up to
three days to remove your contact information from our marketing
communications lists, so you may receive correspondence from us for a
short time after you make your request. You will not be able to opt out of
service emails from us, such as password reset emails, billing emails, or
notifications of updates to our terms, unless you delete your account.
We may also use publicly-available information about you that we have gathered
through services like LinkedIn, or we may obtain information about you or your
company from third-party providers. We use this information to help us understand
our user base better, such as your industry, the size of your company, and
your company's website URL.
How Long We Store Your User Data
Smelter will store your User Data as long as needed to provide you with our Services and to operate our business. If you ask Smelter to delete specific personal information from your User Data, we will honor this request unless deleting that information prevents us from carrying out necessary business functions.
How Smelter shares personal information
We do not sell your personal information or the personal information of
your end users. We also do not allow any personal information to be used
by third parties for their own marketing purposes. However, we do need to
share personal data in order to provide our Services to you, such as to
route a call you send through us or to store data you ask us to store.
Below are the different scenarios under which we may share your data with
third parties:
| Scenario | Transfer Details |
|---|---|
| Third-party service providers or consultants. | Smelter engages certain third-party vendors and service providers to carry out certain data processing functions on our behalf. These providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances they will appropriately safeguard the data. |
| Compliance with Legal Obligations. | We may disclose your or your end users' personal information to a third party if (i) we reasonably believe that disclosure is compelled by applicable law, regulation, legal process, or a government request (including to meet national security, emergency services, or law enforcement requirements), (ii) to enforce our agreements and policies, (iii) to protect the security or integrity of our Services, (iv) to protect ourselves, our other users, or the public from harm or illegal activities, or (v) to respond to an emergency which we believe in good faith requires us to disclose data to assist in preventing a death or serious bodily injury. If we are required by law to disclose any personal information of you or your end user, we will notify you of the disclosure requirement, unless we are prohibited by law. Further, we object to requests we do not believe were issued properly. |
| Business transfers. | If we go through a corporate sale, merger, reorganization, dissolution or similar event, data we gather from you may be part of the assets transferred or shared in connection with the due diligence for any such transaction. In that situation, and that situation only, we might transfer your data in a way that constitutes a sale under applicable law. If we do, we'll let you know ahead of time, and we will require any acquirer or successor to continue to process data consistent with this Policy. |
Cookies and Tracking Technologies
We may use common information-gathering tools such as cookies, web beacons, pixels and other similar tracking technologies to automatically collect information as you navigate our websites, your account or when you interact with emails we send to you.
Cookies
A cookie is a small piece of data stored on your device when you visit a
website. Cookies allow us to identify your device as you navigate our
websites or your account. This makes navigating and interacting with our
websites or your account more efficient, easy and meaningful for you.
By themselves, cookies do not identify you specifically. Rather, they recognize
your web browser. So, unless you identify yourself specifically to us, like
signing into your account, we don't know who you are just because you visited
our website. We use persistent cookies. Session cookies are cookies that disappear
from your computer or browser when you turn off your computer. Persistent cookies
stay on your computer even after you've turned it off. These cookies enable
core functionality such as security, network management, and accessibility
and are necessary for our websites to function properly.
Global Compliance
Our approach to privacy compliance is a global one. No matter where you are located, we remain committed to abiding by all applicable data protection laws.
Regions Requiring a Legal Basis for Processing Personal Information
If you are from a region that requires a legal basis for processing
personal data (such as the EEA or the UK), our legal basis for collecting
and using the personal information described above will depend on the
personal information concerned and the specific context in which we
collect it.
However, we will normally collect personal information from you only where
we need the personal information to perform a contract with you, to allow you
to use the Services, or where the processing is in our legitimate interests
and not overridden by your data protection interests or fundamental rights
and freedoms, or where we have your consent to do so. In some cases, we may
also have a legal obligation to collect personal information from you or may
otherwise need the personal information to protect your vital interests or
those of another person, such as in the case where we request personal information
from you in the context of a government audit or in response to a request from
law enforcement. If you have questions about or need further information concerning
the legal basis on which we collect and use your personal information, please
contact us using the contact information provided below.
Broadly speaking, we use User Data to further our legitimate interests to:
- understand who our users and potential users are and their interests in the Services;
- manage our relationship with you and other users;
- carry out core business operations such as accounting, filing taxes, and fulfilling regulatory obligations; and
- help detect, prevent, or investigate security incidents, fraud and other abuse or misuse of our Services.
United States
California Consumer Access and Deletion Rights
For those users that would like more information about our use of User
Data, you have the ability to request:
- that we provide details about the categories of personal information that we collect about you, including how we collect and share it;
- that we provide you access to the personal information we collect about you; and
- that we delete the personal information we have about you.
Please be aware that when you ask us for these things, we will take steps
to verify that you are authorized to make the request. You must be a
resident of California to make this request.
The California Code of Regulations defines a "resident" as:
- that we provide details about the categories of personal information that we collect about you, including how we collect and share it;
- that we provide you access to the personal information we collect about you; and
- that we delete the personal information we have about you.
We have collected the following categories of personal information in the
past twelve (12) months:
- Identifiers
- geolocation data
- Internet or other similar network activity
Other regions
Some countries, other than the EEA, UK, and United States, also have specific privacy notice requirements, and we address those requirements in our general privacy sections above.
International data transfers
We may need to transfer your personal information to our affiliates,
contractors, service providers, and to third parties in various countries
and jurisdictions around the world. In each case, we take care to use
appropriate safeguards to ensure your personal information remains
protected.
Data transfers to the United States and elsewhere. When you use our
Services, personal information of you may be transferred to the United States,
where our analytics processing facilities are located, and possibly to other
countries where we or our service providers operate. These transfers will often
be made in connection with routing your communications in the most efficient
way.
Safeguards for data transfers. When you use our Services, personal information
of you may be transferred to the United States, where our analytics processing
facilities are located, and possibly to other countries where we or our service
providers operate. These transfers will often be made in connection with routing
your communications in the most efficient way.
Transfers from other countries. When we transfer personal information
outside countries other than those in the EEA, the UK, and Switzerland, we
strive to comply with the cross-border data transfer rules of those countries,
such as by cooperating with that country's data protection authority or providing
a written agreement to each user that meets the data protection requirements
of the country.
Security Information
How We Secure Personal Information
We use appropriate security measures designed to protect the security of
your personal information both online and offline. These measures vary
based on the sensitivity of the personal information we collect, process
and store and the current state of technology. We also take measures to
ensure service providers that process personal data on our behalf also
have appropriate security controls in place. When we transfer data across
borders, we also take supplementary measures to ensure that data is
protected.
Please note that no service is completely secure. While we strive to protect
your data, we cannot guarantee that unauthorized access, hacking, data loss
or a data breach will never occur.
To protect the confidentiality of your data you must keep your project's API keys confidential and not disclose them publicly or to unauthorized individuals — this includes accidentally distributing them in a binary or checking them into source control. Please let us know right away if you think your API keys were compromised or misused.
How we use personal information for security purposes
We may collect and use User Data to detect, prevent, or investigate security incidents, fraud, or abuse and misuse of our platform and Services. In addition, we may also use records containing end user personal information to debug, troubleshoot, or investigate security incidents; to detect and prevent spam or fraudulent activity; and to detect and prevent network exploits and abuse. We may anonymize personal information and use it for our legitimate business needs, and, where allowed by law, this may include records containing end user personal information.
Handling disputes
If you have a dispute with us relating to our data protection practices, you can raise your concern or dispute by contacting us via email at legal@swmansion.com. For individuals in the EEA, the UK, or Switzerland, you have additional rights to make a complaint to a competent data protection authority or commence proceedings in a court of competent jurisdiction in accordance with applicable data protection laws.
Changes to our Privacy Policy
We may change this Policy from time to time, and if we do, the most current version will be available on our website with the date at the top indicating when it was last updated.We will comply with applicable law with respect to any changes we make to this Policy and seek your consent to any material changes if this is required by applicable law.