Sandy – Privacy Notice

Effective Date: December 3rd , 2019

Sandy (by OM2 Technologies Ltd.; “Sandy “, “we”, “our” or “us”) is a SaaS product (the “Product”) which allows software developers to have a “playground” for their Websocket API, mainly for development and testing purposes. It also allows companies that expose Websocket API to provide an easy to use “playground” for their customers for easy integration and superior service.

For this purpose, we operate the website GoSandy.io, its subdomains, pages and related features (the “Site”, and together with the Product – the “Services”). This Privacy Notice describes the personal data we collect whenever someone visits our Site (a “Visitor” or “you”).

It also describes how and for which purposes we may use such data, where we store and for how long we retain it, with whom we may share it, our use of tracking technologies and communications, our security practices, your choices and rights regarding such data and how to contact us if you have any concerns regarding this Notice or your Privacy.

Please read this Notice and make sure that you fully understand and agree with it. If you do not agree to this Notice, please do not sign in. You are not legally required to provide us with any data, or to have such data collected about you, but unless we receive certain data, we will not be able to provide you with our Services.

1. Collecting Personal Data

We collect the following types of data (which, to the extent it relates to an identified or identifiable individual, is deemed as “Personal Data”):

1. Data automatically collected or generated about a person: when someone visits, interacts with or uses our Services, we may collect or generate certain technical or behavioral data about them. We collect or generate such data either independently or with the help of third party services (as detailed in Section 4 below).
   Such data mainly consists of technical or aggregated usage data, non-identifying data regarding a device, operating system and browser, and user activity on our Services. We do not use such data to learn about a person’s true identity or contact details, but mostly to improve our marketing campaigns and engagements.
2. Data received from Visitors: you may provide us with your Personal Data voluntarily, such as your name, contact details (such as business e-mail), and other data you choose to provide when you contact us. To the extent that such data concerns a non-human entity, we do not regard it as “Personal Data” and this Notice shall not apply to it.
3. Non-personal (anonymous) Data: such Non-personal Data does not and may not relate or refer to any specific individual, and we therefore do not regard it as “Personal Data” and may use it without restriction, for example to aggregate data for industry benchmarks or comparative performance metrics.

2. Using your Personal Data

We use your Personal Data as necessary for the performance of our Services, for complying with applicable law, and based on our legitimate interests in maintaining, improving and advertising our Services and offerings, using more effective marketing and advertising strategies and methods and protecting and securing our Services, ourselves.

Accordingly, we use Personal Data for the following purposes:

1. To facilitate, operate, and provide our Services;
2. To contact our Visitors with general or personalized service-related notices, informational materials and promotional messages, in accordance with below, and to facilitate, sponsor and offer certain events and promotions;
3. To monitor aggregate metrics and create aggregated statistical data, inferred non-personal data or anonymized or pseudonymized data, which we may use to provide and improve our respective services and offerings;
4. To act as permitted by, and to comply with, any legal or regulatory requirements; and
5. To conduct any additional activities that may require the use of your Personal Data, for which we will request your specific approval in advance.

3. Storing and Retaining your Personal Data

Personal Data which is subject to this Privacy Notice may be maintained, processed, accessed and stored by [Sandbox] and our authorized affiliates, Service Providers (as defined below) and business partners in and from various locations around the world, including the United States of America, as necessary for the proper facilitation, offering and delivery of our Services, or as may be required by law.

[Sandbox] is based in a jurisdiction which is considered by the European Commission to be offering an adequate level of protection for the Personal Data of EU Member State residents.

While privacy laws may vary between jurisdictions, [Sandbox] and its Service Providers are each committed to protect Personal Data in accordance with this Notice and industry standards, regardless of any lesser legal requirements that may apply in their jurisdiction.

We retain Visitors’ Personal Data as reasonably necessary to establish, preserve and expand our mutual relationship, and thereafter in accordance with our data retention policy. If you wish us to delete your Personal Data, or have questions about our retention policy, please contact us at info@gosandy.io.

4. Sharing your Personal Data

Compliance with Laws, Legal Orders and Authorities: We may allow government and law enforcement officials access to certain Personal Data, or otherwise share it with them, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations.

Service Providers: We may engage selected third party companies and individuals to perform certain services complementary to our own (e.g. hosting and server co-location services, data analytics services, marketing agencies and advertising services, data and cyber security services, fraud detection and prevention services, customer engagement services, e-mail distribution and monitoring services, remote access services, and our business, legal and financial advisors) (collectively, “Service Providers”). These Service Providers may have access to your Personal Data, depending on each of their specific roles and purposes in facilitating and enhancing our Services, and may only use it for such purposes.

Protecting Rights and Safety: We may share your Personal Data with others, with or without notice to you, if we believe in good faith that this will help protect the rights, property or personal safety of [Sandbox] or any members of the general public.

5. Communications from [Sandbox]

Service Communications: we may contact you with important information regarding our Services.

Promotional Communications: we and our authorized partners (e.g., event or webinar co-sponsors) may also notify you about new services, events and special opportunities or any other information we think you will find valuable. Such notices may be provided through any of the contact means available to us (e.g. e-mail), through the Services, or through our marketing campaigns on any other sites or platforms.

If you wish not to receive such promotional communications, you may notify Sandbox at any time by e-mailing us at info@gosandy.io or by following the “unsubscribe”, “stop” or “change e-mail preferences” instructions contained in the promotional communications you receive.

6. Data Security

We are committed to securing your Personal Data and use various security measures to better protect it. These include industry-standard physical, procedural and electronic security measures and methods where deemed appropriate. However, please be aware that regardless of the security measures used, we cannot and do not guarantee the absolute protection and security of any Personal Data stored with us or with any third parties as described above.

7. Data Subject Rights

If you wish to exercise your rights under applicable law (e.g. the EU GDPR) to request access to and rectification or erasure of your Personal Data held with [Sandbox], or to restrict or object to such Personal Data’s processing, or to port such Personal Data – please contact our Privacy team at info@gosandy.io

Please also note that we may require additional information and documents, including certain Personal Data, in order to authenticate and validate your identity and to process your request. Such additional data will then be retained by us for legal purposes (e.g. so we have proof of the identity of the person submitting the request), in accordance with our data retention policy.

8. Additional Notices

Updates and amendments: We may update and amend this Notice from time to time by posting an amended version on our Services. The amended version will be effective as of the published effective date. We will give you prior notice if any substantial changes are involved, via any of the communication means available to us, or on the Services. After such period, all amendments shall be deemed accepted by you.

Questions, Concerns or Complaints: If you have any comments or questions about this Privacy Notice or if you have any concerns regarding your Privacy, please contact us at info@gosandy.io