Crusoe Cloud Platform Privacy Notice

Effective Date: May 26, 2022

This Crusoe Cloud Privacy Notice describes how we collect and process your personal information in relation to the Crusoe Cloud Platform.

Information We Collect

Crusoe processes Customer Data and Service Data in order to provide the Crusoe Cloud Platform. This Privacy Notice applies solely to Service Data and does not apply to Customer Data.

Customer Data is defined in our agreement(s) covering the Crusoe Cloud Platform and represents the data that you provide for processing in the Crusoe Cloud Platform. For more information about how we process Customer Data, see our Crusoe Cloud Platform Data Processing and Security Terms.

Service Data is the personal information Crusoe collects or generates during the provision and administration of the Crusoe Cloud Platform, excluding any Customer Data. Service Data includes:

Why We Process Data

Crusoe processes Service Data for the following purposes:

To achieve these purposes, we may use Service Data together with information we collect from other Crusoe products and services. We may use algorithms to recognize patterns in Service Data. Manual collection and review of Service Data may also occur, such as when you interact directly with our billing or support teams. We may aggregate and anonymize Service Data to eliminate personal details, and we may use Service Data for internal reporting and analysis of applicable product and business operations.

Where Data Is Stored

Crusoe and Crusoe’s partners maintain data centers around the world, and provide the Crusoe Cloud Platform from these locations. Service Data may be processed on servers located outside of the country where our users and customers are located because Service Data is typically processed by centralized or regionalized operations like billing, support, and security.

Regardless of where Service Data is processed, we apply the same protections described in this Privacy Notice.

How We Secure Data

We build the Crusoe Cloud Platform with strong security features to protect information. The insights we gain from providing our services help us detect and automatically block security threats from ever reaching you.

We work hard to protect you and Crusoe from unauthorized access, alteration, disclosure, or destruction of information we hold, including:

How We Share Data

We do not share Service Data with companies, organizations, or individuals outside of Crusoe except in the following cases:

If Crusoe is involved in a reorganization, merger, acquisition, or sale of assets, we’ll continue to ensure the confidentiality of your personal information and give affected users notice before personal information becomes subject to a different privacy policy.

Access to Data

Your organization may allow you to access and export your data in order to back it up or transfer it to a service outside of Crusoe. The Crusoe Cloud Platform may enable you to directly access and download the data you have stored in the services.

You and your organization’s administrator can access several categories of Service Data directly from the Crusoe Cloud Platform, including your billing contact information, payment and transaction information, as well as product and communication settings and configurations.

If you’re otherwise unable to access your data, you can always request it by contacting [email protected].

Deletion and Retention of Data

We retain Service Data for different periods of time depending on what it is, how we use it, and how you configure your settings.

Service Data is deleted or anonymized once it is no longer needed. For each type of data and operation, we set retention timeframes based on the purpose for its collection, and ensure it is kept for no longer than necessary.

Sometimes we need to retain certain information for an extended period of time for legitimate business or legal purposes. For example, when Crusoe processes a payment for you, or when you make a payment to Crusoe, we’ll retain data about those transactions as required for tax or accounting purposes. Other legitimate business or legal purposes that may require us to retain data include security, fraud and abuse prevention, ensuring continuity of our services, and complying with legal or regulatory requirements.

When we delete data, we follow detailed steps to make sure that the data is securely and completely removed from our active systems or retained only in anonymized form. We take measures to ensure that our services protect information from accidental or malicious deletion through the use of backup systems.

Using Crusoe Accounts and Products

Your Crusoe Account is your connection to the Crusoe Cloud Platform. If you interact with the Crusoe Cloud Platform using a Crusoe Account managed by an organization, then your personal information may be subject to your organization’s privacy policies and processes, and you should direct privacy inquiries to your organization.

EU Privacy Standards and GDPR

If European Union (EU), UK or Swiss data protection law applies to the processing of information about you, you have certain rights, including the rights to access, correct, delete and export your information, as well as to object to or request that we restrict processing of your information.

If you want to exercise your data protection rights with regard to information we process in accordance with this Privacy Notice and are not able to do so via the tools available to you or your organization’s administrator, you can always contact Crusoe at [email protected]. And you can contact your local data protection authority if you have concerns regarding your rights under local law.

In addition to the purposes and grounds described in this Privacy Notice, we may process information on the following legal grounds:

California Requirements

The California Consumer Privacy Act (CCPA) requires specific disclosures for California residents.

This Privacy Notice is designed to help you understand how Crusoe handles your information:

The CCPA also provides the right to request information about how Crusoe collects, uses, and discloses your personal information. And it gives you the right to access your information and request that Crusoe delete that information. Finally, the CCPA provides the right to not be discriminated against for exercising your privacy rights.

We provide the information and tools described in this Notice so you can exercise these rights. When you use them, we’ll validate your request by verifying your identity (for example, by confirming that you’re signed in to your Crusoe Account). If you have questions or requests related to your rights under the CCPA, you can also contact Crusoe at [email protected].

The CCPA requires a description of data practices using specific categories. This table uses these categories to organize the information in this Privacy Notice.

Categories of personal information we collect

Service Data is the personal information Crusoe collects or generates during the provision and administration of the Crusoe Cloud Platform, excluding any Customer Data. Service Data includes:

Identifiers such as your name, phone number, and address, as well as unique identifiers tied to the browser, application, or device you’re using.

Demographic information, such as your preferred language.

Commercial information such as records of charges, payments, and billing details and issues.

Internet, network, and other activity information such as device identifiers, identifiers from cookies or tokens, IP addresses, and information about usage, operational status, software errors and crash reports, authentication credentials, quality and performance metrics, and other technical details necessary for us to operate and maintain the Crusoe Cloud Platform and related software.

Geolocation data, such as the country you’re in, as may be determined by GPS or IP address, depending in part on your device and account settings.

Audio, electronic, visual and similar information, such as audio recordings of your calls with our technical support providers.

Inferences drawn from the above, like aggregated performance metrics for a new product feature to determine product strategy.

Business purposes for which information may be used or disclosed

Crusoe processes Service Data for the following purposes:

Protecting against security threats, abuse, and illegal activity. Crusoe uses and may disclose Service Data to detect, prevent and respond to security incidents, and for protecting against other malicious, deceptive, fraudulent, or illegal activity. For example, to protect our services, Crusoe may receive or disclose information about IP addresses that malicious actors have compromised.

Auditing and measurement. Crusoe uses Service Data for analytics and measurement to understand how our services are used, and to provide you and our customers with recommendations and tips.

Maintaining our services. Crusoe uses Service Data to provide the Crusoe Cloud Platform, technical support, and other services you request, and ensure they are working as intended, for example by tracking outages or troubleshooting bugs and other issues that you report to us.

Product development. Crusoe uses Service Data to improve the Crusoe Cloud Platform and other services you request, and to develop new features and technologies that benefit our users and customers.

Use of service providers. Crusoe shares Service Data with service providers to perform services on our behalf, in compliance with this Privacy Notice and other appropriate confidentiality and security measures. For example, we may rely on service providers to help provide technical support.

Legal reasons. Crusoe also uses Service Data to satisfy applicable laws or regulations, and discloses information in response to legal process or enforceable government requests, including to law enforcement.

Parties with whom information may be shared

We do not share Service Data with companies, organizations, or individuals outside of Crusoe except in the following cases:

With your consent. We’ll share Service Data outside of Crusoe when we have your consent. For example, when you use a third-party application that requests access to your information, we’ll seek permission to share information with that third party.

With your administrators. When you use the Crusoe Cloud Platform, your administrator authorized to manage your or your organization’s account will have access to certain Service Data. For example, they may be able to:

For external processing. We provide information to our affiliates, partners and other trusted businesses or persons to process it for us, based on our instructions and in compliance with this Privacy Notice and other appropriate confidentiality and security measures.

For legal reasons. We may share Service Data outside of Crusoe if we have a good-faith belief that access, use, preservation, or disclosure of the information is reasonably necessary to:

Updates to this Privacy Notice

We may update this Privacy Notice from time to time. We will not make any significant changes without notifying you in advance by posting a prominent notice on this page describing the changes or by sending you a direct communication. We encourage you to regularly review this Privacy Notice, and we will always indicate the date the last changes were published.