Privacy policy
Redpanda Data, Inc. (“Redpanda,” “we,” “our” or “us”) respects your privacy and is committed to protecting it through our compliance with this privacy policy. This privacy policy explains our policies and procedures regarding the collection, use, disclosure, and security of certain information that we receive, with a focus on information that would be considered “personal data” within the meaning of the EU General Data Protection Regulation (“GDPR”). As used in this privacy policy, “personal data” refers information about an identified or identifiable individual, such as their name or email address.
Redpanda provides a unified, high-throughput, low-latency software platform for queuing real-time data feeds (as modified from time to time, the “Redpanda Software”).
We are a Delaware corporation registered in the United States with an office at Redpanda Data, Inc., 5758 Geary Blvd #153, San Francisco CA 94121.
If you are a resident of the European Economic Area (an “EEA Resident”), you may have additional rights under GDPR with respect to your personal data, as described further herein.
Please note that by accessing and using the Redpanda Software, visiting or using https://redpanda.com (the “Site”) and the various related services, features, functions, software, applications, websites and networks (together with the Redpanda Software and the Site, collectively, the “Redpanda Services”), you are accepting the practices described in this privacy policy, subject to any rights or restrictions that might apply under the GDPR if you are an EEA Resident, including the rights described in the “European Privacy Rights for EEA Residents” section below. This privacy policy is incorporated by reference into the specific agreement that governs your use of the Redpanda Software and the other Redpanda Services (the “Terms”).
This policy describes the types of personal data and other information that we may collect from you or that you may provide when you access or use the Redpanda Software, the other Redpanda Services or any of the other features, functions, services, and products, including our Service Providers’ services and products, and our practices for collecting, using, maintaining, protecting and disclosing that information.
This policy applies to personal data and other information that we collect or may collect:
- In registering to use and to create an account for the Redpanda Software.
- In registering to be on Redpanda’s waitlist.
- In accessing and using the Redpanda Software and the other Redpanda Services.
- In e-mail, text and other electronic messages sent through or use of the Redpanda Software or any of the other Redpanda Services.
- When you send or upload any content through Redpanda Software or any of the other Redpanda Services.
- When you email Redpanda or our helpdesk.
- Through Cookies (as defined in the “Use of Cookies and Other Tracking Technologies” section below).
- Through services provided to us or to you by our Service Providers and other third-party companies, agents or contractors.
It does not apply to information collected by:
- Us offline or through any other means, including on any other website operated by Redpanda or any third party.
Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your only choice is not to use the Redpanda Software or any of the other Redpanda Services. By accessing or using the Redpanda Software or any of the other Redpanda Services, you agree to this privacy policy. This policy may change from time to time. Your continued use of the Redpanda Software and/or any of the other Redpanda Services, after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.
Minors under the Age of 18
None of the Redpanda Services are intended for minors under 18 years of age. No one under age 13 may provide any information on or through the Redpanda Software or the other Redpanda Services. We do not knowingly collect personal data from children under 13. If you are under 13, do not use or provide any information on or through any of the Redpanda Services, use any of the interactive or public comment features of the Redpanda Services or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name, username you may use or any pictures of you. If we learn we have collected or received personal data from a child under 13 without verification of parental consent, we will delete that information. If you believe that we might have any information from or about a child under 13, please contact us at legal@redpanda.com
Information We Collect About You and How We Collect It
We collect or may collect several types of information from and about users of the Redpanda Software and the other Redpanda Services, including:
- Information by which you may be personally identified, including personal data such as name, company, job title and e-mail address;
- Information that you provide by registering, creating accounts or registering to be on the waitlist on or through the Redpanda Services, including information provided in connection with registering to access and use the Redpanda Software;
- Content that you provide on a private chat platform or support group;
- Financial and billing information;
- When you report a problem with the Redpanda Software or any of the other Redpanda Services;
- Records and copies of your correspondence (including e-mail addresses), if you contact us;
- Details of tasks and other activities that you carry out through the Redpanda Software and any of the other Redpanda Services;
- Information that you provide when you contact our helpdesk;
- Information that is about you but individually does not identify you, such as the date and time of visit; and/or
- Device, internet and mobile information such as the hardware model, operating system version, unique device identifiers, browser type, language, wireless network, and mobile network information (including the mobile phone number).
We collect this information:
- Directly from you when you provide it to us.
- Automatically as you navigate through or use the Redpanda Software or any of the other Redpanda Services, including through the use of Cookies.
- From third parties, such as our Service Providers and other third parties that provide us or you with certain services.
Certain transactions may also involve you calling us or our calling you. Please be aware that we may monitor, and in some cases, record such calls for staff training or quality assurance purposes.
Data Minimization
We take every reasonable step to limit the volume of your personal data that we process to what is reasonably necessary.
Consequences of not providing Personal Data
If you do not provide the personal data, we may not be able to access to the Redpanda Software or to respond to your requests or provide the Redpanda Services.
Use of Cookies and Other Tracking Technologies
The Redpanda Services use cookies and similar technologies such as pixel tags, web beacons, clear GIFs and JavaScript (collectively, “Cookies”) to enable our servers to recognize your web browser, tell us how and when you visit and use the Redpanda Services, analyze trends, learn about our user base and operate and improve the Redpanda Services. Cookies are small pieces of data – usually text files – placed on your computer, tablet, phone or similar device when you use that device to access the Redpanda Services. We may also supplement the information we collect from you with information received from third parties, including third parties that have placed their own Cookies on your device(s). Please note that because of our use of Cookies, the Redpanda Services do not support “Do Not Track” requests sent from a browser at this time.
We use the following types of Cookies:
- Essential Cookies. Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into secure areas of the Redpanda Services. Disabling these Cookies may make certain features and services unavailable.
- Functional Cookies. Functional Cookies are used to record your choices and settings regarding the Redpanda Services, maintain your preferences over time and recognize you when you return to the Redpanda Services. These Cookies help us to personalize our content for you and remember your preferences (for example, your choice of language or region).
- Performance/Analytical Cookies. Performance/Analytical Cookies allow us to understand how visitors use the Redpanda Services. They do this by collecting information about the number of visitors to and users of the Redpanda Services, what pages visitors view on the Redpanda Services and how long visitors are viewing pages on the Redpanda Services. Performance/Analytical Cookies also help us measure the performance of our advertising campaigns in order to help us improve our campaigns and the Services’ content for those who engage with our advertising. For example, Google LLC (“Google”) uses cookies in connection with its Google Analytics services. Google’s ability to use and share information collected by Google Analytics about your visits to the Services is subject to the Google Analytics Terms of Use and the Google Privacy Policy. You have the option to opt-out of Google’s use of Cookies by visiting the Google advertising opt-out page at www.google.com/privacy_ads.html or the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout/.
- Retargeting/Advertising Cookies. Retargeting/Advertising Cookies collect data about your online activity and identify your interests so that we can provide advertising that we believe is relevant to you. For more information about this, please see the section below titled “Information about Interest-Based Advertisements.”
You can decide whether or not to accept Cookies through the cookie consent banner made available on the Redpanda website or your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit our website and some of the Services and functionalities may not work.
To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about Cookies, including information about how to manage and delete Cookies, please visit http://www.allaboutcookies.org/ or https://ico.org.uk/for-the-public/online/cookies/ if you are located in the European Union.
Information about Interest-Based Advertisements.
We may serve advertisements, and also allow third-party ad networks, including third-party ad servers, ad agencies, ad technology vendors and research firms, to serve advertisements through the Redpanda Services. These advertisements may be targeted to users who fit certain general profile categories or display certain preferences or behaviors (“Interest-Based Ads”). Information for Interest-Based Ads (including personal data) may be provided to us by you, or derived from the usage patterns of particular users on the Redpanda Services and/or services of third parties. Such information may be gathered through tracking users’ activities across time and unaffiliated properties, including when you leave the Redpanda Services. To accomplish this, we or our service providers may deliver Cookies, including a file (known as a “web beacon”) from an ad network to you through the Redpanda Services. Web beacons allow ad networks to provide anonymized, aggregated auditing, research and reporting for us and for advertisers. Web beacons also enable ad networks to serve targeted advertisements to you when you visit other websites. Web beacons allow ad networks to view, edit or set their own Cookies on your browser, just as if you had requested a web page from their site.
We comply with the Digital Advertising Alliance (“DAA”) Self-Regulatory Principles for Online Behavioral Advertising. Through the DAA and Network Advertising Initiative (“NAI”), several media and marketing associations have developed an industry self-regulatory program to give consumers a better understanding of, and greater control over, ads that are customized based a consumer’s online behavior across different websites and properties. To make choices about Interest-Based Ads from participating third parties, including to opt-out of receiving behaviorally targeted advertisements from participating organizations, please visit the DAA’s or NAI’s consumer opt-out pages, which are located at http://www.networkadvertising.org/choices/ or www.aboutads.info/choices. Users in the European Union should visit the European Interactive Digital Advertising Alliance’s user information website http://www.youronlinechoices.eu/.
Third-party Responsibilities and Services.
We may use or partner with other third-party companies, agents or contractors for various purposes in connection with our business and operations (“Service Providers”). These parties help us provide the Redpanda Services or perform business functions on our behalf, and we may disclose your personal data to these Service Providers. They include:
- Hosting, technology and communication providers.
- Security and fraud prevention consultants.
- Software and database server providers.
- Voice and SMS communications providers.
- Customer service and support vendors.
- Payment processors who provide invoicing services and collect your voluntarily-provided payment card information necessary to process any payments.
- Survey providers.
- Analytics partners that provide analytics on web traffic or usage of the Redpanda Services, including companies that track how users found or were referred to the Redpanda Services and how users interact with the Redpanda Services.
- Marketing providers that help us market our services and provide you with other offers that may be of interest to you.
- Showing you advertisement, including interest-based or online behavioral advertising that may be of interest to you.
- Business partners that we partner with in offering various services, which may include joint promotional offers or opportunities.
- Third parties you access through the Redpanda Services.
In the course of performing these responsibilities and providing such services, these other companies may have access to your information. We may also share information, including your information, with these Services Providers in order to enable them to perform these responsibilities and to provide these services. These Services Providers may have adopted their own privacy policies, which are not subject to control by Redpanda. You should always review the policies of these Service Providers to make sure that you are comfortable with the ways in which they collect, use, maintain, protect and disclose your information. We do not list our current Service Providers because they change from time to time. If you would like the names of any of our Service Providers, please email us at legal@redpanda.com.
How We Use Your Information
We use information that we collect about you or that you provide to us, including any personal data:
- To provide you the Redpanda Software and the other Redpanda Services and the content and the other services that you request from us.
- To process and complete transactions, including registration for the use of the Redpanda Software and send you related information.
- To determine if the Redpanda Software is right for you and to contact you of our conclusion.
- To improve the Redpanda Software and Redpanda Services, including testing, research, internal analytics and product development.
- To provide software updates.
- To provide technical and other support to you.
- To enable Service Providers to perform certain responsibilities and provide certain services in connection with the Redpanda Services and our business and operations, as described further in the “Third-party Responsibilities and Services” section above.
- To provide you with notices about your account, actions, or activity within the Redpanda Software.
- To provide you with notices about the Redpanda Software and the other Redpanda Services.
- To carry out our obligations and enforce our rights arising from any agreements entered into between you and us, including for billing and collection.
- To notify you about changes to the Redpanda Software and the other Redpanda Services.
- To enhance the safety and security of all of the Redpanda Services.
- To maintain a history of any data access and modifications to the system, for security and auditing purposes.
- To verify your identity and prevent fraud or other unauthorized or illegal activity.
- In any other way we may describe when you provide the information.
- To fulfill any other purpose for which you provide it.
- To personalize the Redpanda Services, including to recognize you and your preferences when you return to the Redpanda Software.
- To market and sell the Redpanda Services.
- To respond to correspondence that we receive from you or otherwise correspond with you according to your preferences or to display content that we think will interest you.
- To fulfill our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.
- To resolve disputes and protect the rights, property or safety of you, Redpanda or another party.
- For any other purpose with your consent or as otherwise permitted under applicable data privacy laws.
Some of the information that we collect automatically is statistical data and does not include personal data, but we may maintain it or associate it with personal data we collect in other ways or receive from third parties or you provide to us. It helps us to improve the Redpanda Software and the other Redpanda Services, and to deliver a better and more personalized service, including enabling us to:
- Understand what features of the Redpanda Software our users utilize and how they use them
- Create and establish industry benchmarks
- Estimate our usage size and better understand usage patterns.
- Store information about your preferences, enabling us to customize the Redpanda Software according to your individual interests.
- Plan and prioritize new features, updates and enhancements
We will not use the personal data we collected for materially different, unrelated or incompatible purposes without providing you notice.
Storage and Transfer of Your Information
Your personal data may be transferred to, and processed in, countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. However, we have taken appropriate safeguards to ensure that your personal data will remain protected in accordance with this Privacy Notice.
Redpanda is committed to safeguarding the privacy of personal data transferred from the European Union, United Kingdom, and Switzerland. To ensure compliance with the EU-U.S. Data Privacy Framework ("EU-U.S. DPF"), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework ("Swiss-U.S. DPF"), Redpanda has certified that our data processors are compliant with the DPF. These DPA agreements may be referenced here -
https://webflow.com/legal/dpa
Redpanda is accountable for the personal data it receives under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, even if it is subsequently transferred to a third party. This means that Redpanda remains responsible and liable if these third-party agents process the personal data in a manner inconsistent with the principles of the DPFs, unless Redpanda can demonstrate that it is not at fault for the resulting harm.
We may store any data or other information that we collect (personal or otherwise) ourselves or in databases and servers owned and maintained by us, our affiliates, agents or Service Providers. If you access or use the Redpanda Software or any of the other Redpanda Services outside of the United States, information that we collect about you may be transferred to servers inside the United States and maintained indefinitely, which may involve the transfer of information out of countries located in the European Economic Area and other parts of the world unless otherwise prohibited by applicable law or agreed by Redpanda and you. By allowing Redpanda to collect information about you, you consent to such transfer and processing of such information without restriction. We may also store some information locally on your computer or other devices. For example, we may store information as local cache so that you can open the Redpanda Software and view content faster.
Although users from all over the world may access the Redpanda Software and the other Redpanda Services, keep in mind that no matter where you live or where you happen to use the Redpanda Services, you consent to us processing and transferring information in and to the United States and other countries whose data-protection and privacy laws may offer fewer protections than those in your home country.
Disclosure of Your Information
We may use and disclose aggregated information about our users, and information that does not identify any individual, without restriction. We may disclose personal data that we collect or you provide as described in this privacy policy, including:
- To our subsidiaries, affiliates and parent company.
- To other users in your organization in connection with the Redpanda Software or any of the other Redpanda Services.
- To our operations personnel.
- To our Service Providers, contractors and other third parties we use to support the Redpanda Software, the Redpanda Services and our business.
- To a potential or actual buyer, assignee or other successor (including its related advisors and agents) in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Redpanda’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which personal data held by Redpanda about users of the Redpanda Software and the other Redpanda Services is among the assets that may be or are actually transferred.
- To fulfill the purpose for which you provide it.
- For any other purpose disclosed by us when you provide the information.
- With your consent.
We may also disclose your data information:
- To comply with any court order, law or legal process, including to respond to any government or regulatory request.
- To enforce or apply the Terms and other agreements, including for billing and collection purposes.
- If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Redpanda, our customers or others.
We may share information that is anonymized or in an aggregated form that does not directly identify you and we may use and share any such information for any purpose without restriction so long as it does not violate the terms of this privacy policy or any applicable law. We may use, disclose or sell that anonymized or aggregated information without restriction so long as we do not disclose any of your personal data or violate the terms of this privacy policy or any applicable law.
Our Legal Bases for Handling Your Personal Data
GDPR and the laws in some other jurisdictions require companies to tell you about the legal bases that they rely on to use or disclose your personal data. To the extent that those laws apply, we rely on the following legal grounds to process your personal data:
- Performance of a contract: In most cases, we collect and use your personal data and other information to meet our obligations under a contract to which you are a party or pursuant to which we are providing services to you. For example, when you use our Redpanda Software or the other Redpanda Services, we will use your personal data to respond to your requests and to provide you with these services.
- Legitimate interests: We may use your personal data information for our legitimate interests on the grounds that it furthers our legitimate interests in commercial activities (but only to the extent that such interests are overridden by the interests or fundamental rights and freedoms of the affected individuals) including:
- Analyzing and improving the Redpanda Software, the other Redpanda Services and our business
- Providing the services pursuant to our contracts with our clients
- Legal compliance: We may use and disclose personal data in certain ways to comply with our legal obligations under European or Member State law or other applicable law.
- Consent: To the extent required by law, and in certain other cases, we handle personal data on the basis of implied or express consent.
Accessing and Correcting Your Personal Data
You may change, correct or delete any personal data that you have provided to us by emailing us at legal@redpanda.com.
European Privacy Rights for EEA Residents.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your personal data) if we intend to use your personal data for such purposes or if we intend to disclose your personal data to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your personal data. You can also exercise the right by contacting us directly.
If you are an EEA Resident and GDPR applies and we hold your personal data in our capacity as a controller, you may request that we:
- Provide access to and/or a copy of certain personal data (including, in some cases, in portable form);
- Prevent the processing of your personal data for direct-marketing purposes (including any direct marketing processing based on profiling);
- Update personal data that is out of date or incorrect;
- Delete certain personal data which we are holding about you; provided that the personal data is not required by us for (i) compliance with a legal obligation under European or Member State law or other applicable law or (ii) the establishment, exercise or defense of a legal claim;
- Object to our processing of personal data;
- Restrict the way that we process and disclose certain of your information except to the extent that processing is required (i) to comply with a legal obligation under European Member State law or applicable law or (ii) for the establishment, exercise or defense of legal claims;
- Transfer your personal data to a third party to the extent that this is technically feasible; and
- Honor a revocation of your consent for the processing of your personal data (without retroactive effect).
We will consider all requests and provide our response within the time period required by applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. We may request you provide us with additional information to confirm your identity before responding to your request. You have the right to lodge a complaint with the authorities applicable to your situation, though we invite you to contact us with any concern, as we would be happy to try to resolve it directly.
If you are an EEA Resident in France, you also have the right to set guidelines for the retention and communication of your personal data after your death.
If you reside in a jurisdiction other than the European Economic Area, you may also have similar rights to the above. Please contact us at legal@redpanda.com if you would like to exercise one of these rights, and we will comply with any request to the extent required under applicable law.
In addition, where you believe that we have not complied with its obligation under this Privacy Policy or European law, you have the right to make a complaint to an EU Data Protection Authority, such as the UK Information Commissioner’s Office. Here is a list of local data protection authorities in EEA countries
You can exercise any of these rights by contacting us at legal@redpanda.com or write to us at: Redpanda Data, Inc., 5758 Geary Blvd #153, San Francisco CA 94121.
How Long We Store Your Personal Data
We will only retain your personal data, in a form which permits us to identify you, for as long as necessary to fulfil the purposes we collected it for. We will retain and use your personal data as necessary to satisfy any legal, accounting or reporting requirements, to resolve disputes or to enforce our agreements and rights. To dispose of personal data, we may anonymize it, delete it or take other appropriate steps. Data may persist in copies made for backup and business continuity purposes for additional time.
Data Security
We understand that the security of your personal data is important. We provide reasonable administrative, technical, and physical security controls to protect your personal data. However, despite our efforts, no security controls are 100% effective. Redpanda cannot ensure or warrant the security of your personal data. Any transmission of personal information over public or third party networks is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on or through the Redpanda Software.
The safety and security of your data also depends on you. Where you have chosen (or we have given you) a password for access to and use the Redpanda Software, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of any of the Redpanda Software. The information you share in public areas may be viewed by Redpanda and anyone anonymously, including people who are not users of the Redpanda Software
Changes to Our Privacy Policy
It is our policy to post any changes we make to our privacy policy on this page with a notice that the privacy policy has been updated on the home pages of the Site for at least 30 days and by email. If we make material changes to how we treat our users’ personal data that are materially less protective than provided in this policy, we will use reasonable efforts to notify you by e-mail to the e-mail address specified in your account and/or through a notice on the home pages of the Site and to attempt to get your consent to the changes. The date the privacy policy was last updated is identified above. You are responsible for ensuring that we have an up-to-date active and deliverable e-mail address for you, and for periodically visiting the Site and this privacy policy to check for any changes. Like our Terms, of which this privacy policy is a part, your use, and/or continued use after our efforts to contact you, of the Redpanda Software means that you agree to be bound by such changes.
Survival
The policies indicated in this privacy policy will remain effective, even if the Terms and the other agreements between us are terminated and you are no longer using the Redpanda Software or any of the other Redpanda Services.
Contact Information
To ask questions or comment about this privacy policy and our privacy practices or need to reach us for any other reason, you may contact us by e-mail at legal@redpanda.com or by mail at, 5758 Geary Blvd #153, San Francisco CA 94121.
© Copyright Redpanda Data, Inc. 2021 and 2022
Glossary of Terminology and Frameworks
1.1 "controller", "processor", "data subject", "personal data" and "processing" (and "process") will have the meanings given in EU/UK Data Protection Law;
1.2 "Applicable Data Protection Law" means all worldwide data protection and privacy laws and regulations applicable to the Personal Data in question, including, where applicable, EU/UK Data Protection Law, US Data Protection Law, Serbian Data Protection Law, Canadian Data Protection Law, and the Swiss DPA;
1.3 “Breach” means an accidental or unlawful destruction, loss, alteration, or unauthorized disclosure or access that is in violation of Redpanda security obligations under this Agreement by Redpanda or its agents of which Redpanda becomes aware. Breach will not include an unsuccessful Breach, which is one that results in no unauthorized access to Personal Data or to any Redpanda equipment or facilities storing the Personal Data, and could include (without limitation) pings and other broadcast attacks of firewalls or edge servers, port scans, unsuccessful log-on attempts, denial of service attacks, packet sniffing (or other unauthorized access to traffic data that does not result in access beyond headers) or similar incidents;
1.4 "Canadian Data Protection Law" means: (i) the Personal Information Protection and Electronic Documents Act S.C. 2000, c. 5; (ii) applicable provincial law; (iii) any and all applicable data protection laws made under, pursuant to or that apply in conjunction with any of (i) or (ii); in each case as may be amended or superseded from time to time;
1.5 “Data Privacy Framework” means the EU-US Data Privacy Framework, the UK extension to the EU-US Data Privacy Framework, and the Swiss-US Data Privacy Framework self-certification program operated by the US Department of Commerce;
1.6 “Data Privacy Principles” means the Data Privacy Framework principles (as supplemented by the Supplemental Principles);
1.7 "EU/UK Data Protection Law" means: (i) Regulation 2016/679 of the European Parliament and of the Council on the protection of natural persons with regard to the Processing of Personal Data and on the free movement of such data (General Data Protection Regulation) (the "EU GDPR"); (ii) the EU GDPR as saved into United Kingdom law by virtue of section 3 of the United Kingdom's European Union (Withdrawal) Act 2018 (the "UK GDPR"); (iii) the EU e-Privacy Directive (Directive 2002/58/EC); and (iv) any and all applicable national data protection laws made under, pursuant to or that apply in conjunction with any of (i), (ii) or (iii); in each case as may be amended or superseded from time to time;
1.8 "US Data Protection Law '' means: (i) the California Consumer Privacy Act of 2018, including as amended by the California Privacy Rights Act of 2020, codified at Cal. Civ. Code §1798.100 et seq., upon the CPRA’s enforcement date of July 1, 2023 (together with its implementing regulations) (“CPRA”); (ii) the Virginia Consumer Data Protection Act; (iii) the Colorado Privacy Act; (iv) the Connecticut Personal Data Privacy and Online Monitoring Act; (v) the Utah Consumer Privacy Act; (vi) the Iowa Consumer Data Protection Act; (vii) the Indiana Consumer Data Protection Act; (viii) the Tennessee Information Protection Act; (ix) the Montana Consumer Data Privacy Act; (x) the Texas Data Privacy and Security Act; (xi) the Oregon Consumer Privacy Act; (xii) the Delaware Personal Data Privacy Act; and (xiii) any and all applicable comprehensive state data protection laws and regulations that are or are not yet in effect as of the Effective Date; in each case as may be amended or superseded from time to time;
1.9 "Serbian Data Protection Law" means: Law on Personal Data Protection (Zakon o zaštiti podataka o ličnosti; Official Gazette of the Republic of Serbia, no 87/2018). In the case of a transfer of Personal Data to a Non-Adequate Country, by entering into this DPA, the Customer is entering into the Serbian Standard Contractual Clauses (“Serbian SCCs”) as adopted by the "Serbian Commissioner for Information of Public Importance and Personal Data Protection", to provide an adequate level of protection. References to the Standard Contractual Clauses in this DPA will include the Serbian SCCs.
1.10 “Supplemental Principles” will have the meaning given in the Data Privacy Framework;
1.11 "Standard Contractual Clauses" means: (i) where the EU GDPR or Swiss DPA applies, the contractual clauses annexed to the European Commission's Implementing Decision 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of Personal Data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council ("EU SCCs"); and (ii) where the UK GDPR applies, standard data protection clauses adopted pursuant to or permitted under Article 46 of the UK GDPR ("UK SCCs"); and (iii) where Serbian Data Protection Law applies, the Serbian SCCs; and
1.12 "Swiss DPA" means the revised Swiss Federal Act on Data Protection enacted on September 25, 2020, and effective on September 1, 2023, as may be amended or superseded from time to time.