Digi International Inc. and its subsidiaries and affiliates (hereinafter, “Digi,” “we,” “us,” or “our”) provide both cloud based software services (“Cloud Services”) and technology based products (“Technology Products”). Our Technology Products may collect and transmit information to one of our cloud platforms to enable us to deliver the service that you have subscribed to.
INFORMATION WE COLLECT
Digi collects personal information from you, which is information that can be used to directly or indirectly identify you (“Personal Information”). Personal Information also includes anonymous information that is linked to information that can be used to directly or indirectly identify you. Personal Information does not include information that has been irreversibly anonymized or aggregated so that it can no longer enable us, whether in combination with other information or otherwise, to identify you.
Here is a description of the types of Personal Information we may collect and how we may use it:
Types of Personal Information We Collect
Depending on the Products you use, we collect different kinds of personal information from or about you.
- Information you volunteer: We collect the Personal Information you and others knowingly and voluntarily provide when you use this Site or our services. For example, we collect the Personal Information you provide when you subscribe to our emails, subscribe to a Cloud Service, request technical support, attend a webinar, or contact us with questions.
- Information from your browser, device or Product: We collect information that is sent to us automatically by your web browser or mobile device, or if applicable, the information that is sent to us by a Product if used in conjunction with one of our cloud services. This information typically includes your IP address, your Product’s IP address, your Product’s GPS location, the name of your operating system, the name and version of your browser and usage information. The information we receive may depend on your browser or device settings and the information that you personally define within your cloud data streams. The information we receive from your web browser and device is not, in and of itself, personally identifiable. Generally, we use this information in the aggregate to help us improve this Site and make it more compatible with the technology used by our visitors. However, we may combine it with other information in an attempt to identify you or we may combine it with information that does identify you. We may also review our server logs for security purposes (e.g., to detect intrusions into our network) and we might share our server logs, which contain visitors’ IP addresses, with the appropriate investigative authorities who could use that information to trace and identify you.
- Your location: Using GeoIP technology, and with your opt-in consent, we may also collect precise, real-time location information from your mobile device and use that information to deliver tailored content through this Site or to confirm that you are where you say you are. Your mobile device may allow you to adjust your settings so that the location information is not available to any mobile website or application. If you have questions about the security and privacy settings of your mobile or tablet device, please refer to instructions from your mobile service provider or the manufacturer of your device.
- Information about payments: If you make a purchase, we collect personal information in connection with the purchase. This information includes payment information, such as your credit or debit card number and other card information; other account and authentication information; and billing, shipping, and contact details.
- Information from third parties: We may collect information from third parties, including business partners and marketing agencies. This includes your contact information from marketing partners when we engage in joint marketing or co-branding activities.
How We Use Your Personal Information
Generally, we use the information we collect to provide, improve, and develop our Site and Products, to communicate with you, to offer you targeted Products, and to protect us and our users.
Digi collects, processes, and determines how to process your Personal Information as data controller for the following purposes:
- to provide the information and Products you request;
- for security, credit or fraud prevention purposes;
- to provide you with a personalized experience when you use this Site;
- to contact you with special offers and other information we believe will be of interest to you (in accordance with any privacy preferences you have expressed to us);
- to contact you with information and notices related to your use of our Site;
- to invite you to participate in surveys and provide feedback to us (in accordance with any privacy preferences you have expressed to us);
- to better understand your needs and interests;
- to improve the content, functionality and usability of this Site;
- to improve our Products;
- to improve our marketing and promotional efforts; and
- for any other purpose identified in an applicable privacy notice, click-through agreement or other agreement between you and us.
As a global company, Digi has a number of corporate affiliates in different jurisdictions. Each of these affiliates collects, processes and determines how to process your personal information as a data controller to help provide you the Products and Services you request.
In relation to marketing communications, we will provide you with an “opt in” or “opt out” mechanism depending on where you are located when we collect your personal information. An “opt in” mechanism will provide you the opportunity to positively indicate that you would like or do not object to our sending you such further communications and we will not send you any unless you have “opted in”. An “opt out” mechanism (e.g., “unsubscribe”) will provide you the opportunity to indicate that you do not want us to send you such further communications, and if you “opt out” we will not send you any. Either way, opting in or opting out will be up to you.
Do Not Track mechanisms
Previously Expressed Preferences
You may change previously expressed preferences regarding how we use your Personal Information. If at any time you wish to be taken off our mailing lists, please indicate your preferences by e-mailing firstname.lastname@example.org or by indicating your preferences on our privacy management page.
HOW TO ACCESS, UPDATE OR CORRECT YOUR PERSONAL INFORMATION
You have the right to access, update or correct your Personal Information, and you may do so through your Cloud Services account information, if applicable, by visiting our Data Management Page, or by e-mailing us at email@example.com. We will perform such changes within a reasonable time and, in any case, within the time limits established by applicable law. We may ask you for additional information to verify your identity. In most cases, we will provide access and correct or delete any inaccurate information you discover. In some cases, however, we may limit or deny your request if the law permits or requires us to do so or if we are unable to verify your identify.
You are also entitled to object to or restrict, at any time, the further processing of your Personal Information. You have the right to receive your Personal Information in a structured and standard format. You may lodge a complaint with the competent data protection authority regarding the processing of your Personal Information.
THIRD PARTY WEBSITES AND SERVICES
SAFEGUARDING YOUR INFORMATION
It is important that you take precautions to protect against unauthorized access to Products provided by us, account credentials, and computers or other devices. If you feel that the security of your account or Personal Information has been compromised, please Contact Us immediately at firstname.lastname@example.org. Please be aware that, despite our efforts, no security system is impenetrable. In the event of a security breach, we will promptly notify you and the proper authorities if required by law.
Steps We Take to Safeguard your Personal Information
We maintain reasonable administrative, physical and technological measures to protect the confidentiality and security of Personal Information you submit on or through this Site or the Products. Unfortunately, no website, server or database is completely secure or “hacker proof.” We therefore cannot guarantee that your Personal Information will not be disclosed, misused or lost by accident or by the unauthorized acts of others.
Retaining your Personal Information
PRIVACY OBLIGATIONS FOR MINORS
We do not knowingly collect, use, or disclose information from children under the age of 16 through the Site or Products. If you are the parent or guardian of a minor under the age of 16 and you are or become aware that your child has provided us with Personal Information without your consent, please Contact Us at email@example.com and we will work with you regarding your requests relating to such Personal Information. If we become aware that a minor under the age of 16 has provided us with Personal Information without consent from his or her parent or guardian, we will delete the information from our records.
ADDITIONAL INFORMATION FOR USERS IN THE EUROPEAN ECONOMIC AREA ONLY
How and Why We Use Personal Information Collected
We will only use the Personal Information when the law allows us to. The scope and use of Personal Information by Digi is set out in “Information We Collect” and “How we Share Your Personal Information With Others.”
Our grounds for using your Personal Information include:
- Where we need to perform to the contract we are about to enter into or have entered into with you;
- it is necessary for our legitimate interests (i.e., we have a business or commercial reason for using your information), and your interests and your fundamental rights do not override those interests;
- Where we need to comply with a legal or regulatory obligation; or
- Where you consent.
Generally we do not rely on your consent as a ground for processing your Personal Information other than in relation to sending marketing communications. Where we rely on your consent as a legal ground for processing, you have the right to withdraw consent at any time.
Our legitimate interests may include:
- Being efficient about how we fulfil our legal and contractual duties.
- Providing high quality customer service.
- Complying with laws or regulations that apply to us.
- Developing our Products and Services, our Site and what we charge for them.
- Defining types of customers for our Products and Services.
- Contacting you in respect or our products and services.
- Developing and improving the network security, efficiency and technical specification of our IT systems and infrastructure.
- Providing our customers with product and service, features.
- Keeping our Products, Services, and our Site, updated and relevant.
Change of purpose
We will only use your Personal Information for the uses and purposes set out above, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original uses and purposes. If we need to use your Personal Information for an unrelated purpose, we will notify you and will explain the legal basis which allows us to do so.
Under European Union data protection laws you may have the following rights:
- Right to withdraw consent at any time: This applies where we are relying on consent to process your Personal Information. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
- Request access to your personal information: This enables you to receive a copy of the Personal Information we hold about you and to check that it is accurate and that we are processing it lawfully.
- Request correction of your personal information: This enables you to have any incomplete or inaccurate Personal Information we hold about you corrected, though we may need to verify the accuracy of the new Personal Information you provide to us.
- Request erasure of your personal information: This enables you to ask us to delete or remove Personal Information where there is no good reason for us continuing to process it. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Request transfer of your personal information: This enables you to request the transfer of your Personal Information to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Request restriction of processing: This enables you to ask us to suspend the processing of your Personal Information in the following scenarios: (a) if you want us to establish the information’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the personal information even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your personal information but we need to verify whether we have overriding legitimate grounds to use it.
- Right not to be subject to a decision based on automated profiling: This applies where the automated processing produces legal effects on you or similarly significantly affects you. Note, it does not apply if the decision (a) is necessary for the performance of a contract between you and us, (b) is authorized by applicable law, or (c) is based on your explicit consent. However, where (a) or (c) applies, you have the right to obtain human intervention. You also have the right to be informed of the logic involved in such processes
- Make a complaint: You have the right to make a complaint at any time to the relevant data protection supervisory authority in the EU member state in which you reside. Please see “Recourse” below.
You will not have to pay a fee to access your Personal Information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Information (or to exercise any of your other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Data Transfers outside the European Economic Area
The Personal Information that we collect from you may be transferred to, and stored at, a destination in the United States. It may also be processed by staff operating in the United States who work for us or for one of our suppliers. By submitting your personal information, you agree to this transfer, storing or processing.
Where we transfer personal information to the United States, we ensure the protection of your Personal Information by instituting EU-approved Model Contracts.
Opt in and Opt out
In relation to marketing communications, may provide you with an “opt in” or “opt out” mechanism depending on where you are located when we collect your personal information. See “Your Choices” for more information.
Last Modified: May 9, 2018