These terms apply to all our all existing users as of 2018-05-17, and any new users as of 2018-04-17.
These General Terms of Service ("Terms") will be applied to an agreement between UpCloud Ltd, a Finnish private limited company with Business ID 2431560-5, having its registered address at Eteläranta 12, 6. krs, FI-00130 Helsinki, Finland ("UpCloud"), and a customer ("Customer") to whom UpCloud provides cloud-based infrastructure and software services for the Customer's commercial purposes ("Service"). In these Terms, UpCloud and Customer are referred to jointly as the "Parties" and individually as a "Party". The Parties expressly acknowledge that the Service is neither intended nor fit for use by consumers.
An agreement is formed between the Parties when UpCloud receives an appropriately filled-in registration or order form ("Order") which the Customer has submitted through a registration and/or purchasing procedure on UpCloud's website. In connection with the registration procedure the Customer will create a service account. Any referral herein to "Agreement" includes the Order, service descriptions attached or referred to in the Order, the service level agreement ("SLA"), the acceptable use policy ("AUP") and these Terms. The SLA and the AUP are available on UpCloud’s website.
UpCloud shall provide the Customer with the Service, which is specified in the Order. If the provided Service differs from the specifications, UpCloud shall correct the Service promptly after a notification by the Customer.
UpCloud shall offer compensation to the Customer for all unscheduled interruptions in the provision of the Service in accordance with the SLA in force from time to time.
UpCloud shall provide the Customer's administrative users with technical support with respect to the Service through the means described under the Support page on UpCloud’s website. Contact details and service hours are provided on UpCloud's website.
The Customer will be responsible for activities that occur under the Customer's service account, including actions taken by the Customer's employees and other representatives ("User") as well as their compliance with user instructions and the AUP. The Customer must promptly notify UpCloud if the Customer suspects that an unauthorised third party is using, or may have access to, the Service or the Customer's service account.
The Customer must comply with third-party software license terms if the use of such software is offered by UpCloud for the provision of the Service, or if such software is obtained and uploaded in the Service by the Customer, with UpCloud’s separate instructions. Certain third-party software cannot be uploaded by the Customer but must always be offered by UpCloud.
The Service and the prices for the Service ("Service Fee") are described in the service descriptions available on UpCloud’s website. UpCloud may from time to time offer trials of the Service for a specified period without payment. UpCloud reserves the right, in its sole discretion, to determine Customer’s eligibility for a free trial and, subject to applicable laws, to withdraw or to modify an offer trial at any time without prior notice and with no liability, to the greatest extent permitted under the law. For a free trial of the Service, UpCloud may require Customer to provide payment details to start the trial. At the end of such trial, UpCloud may automatically start to charge the applicable service fees for the Service immediately after the end of the free trial in accordance with Section Payment Terms and according to the price list on UpCloud’s website. The applicable subscription to the Service must be cancelled through Customer’s account’s subscription page, or the Service must be terminated in its entirety, before the end of the trial period in case Customer does not accept the applicable prices provided on UpCloud's website. Customer shall ensure that the authorised Users use the Service in compliance with this Agreement. Misuse of the Service by Customer or any User may lead to termination of the Agreement or suspension or denial of access to the Service.
Subject to due subscription to the Service and compliance with the Agreement, UpCloud grants to Customer a non-exclusive, nontransferable and limited right to enter and use the Service and grant Users access rights to the Service.
The Customer is responsible for making appropriate back-up copies of the Customer Data (as defined below) stored in the Service. Such back-up copies shall be stored outside the Service.
UpCloud is entitled to develop its services and business offerings. In case of a change in the Service, UpCloud will notify the Customer in advance. If UpCloud considers that a change will have a material effect in the Service, UpCloud will notify the Customer at least 30 days before the change will be effected and reserve the Customer a possibility to terminate the Agreement.
The prices of the Service are specified in the Order. Unless otherwise agreed, UpCloud charges the Customer in advance for each one-hour period of the Service according to UpCloud's price list which is valid at the time and is available on UpCloud’s website. Applicable value added tax and other duties will be added to the prices unless the prices are specified VAT inclusive.
UpCloud shall charge the Service by debiting credits from the Customer's service account on a pre-paid basis after the Customer has submitted the Order. Invoices are made available on the Customer's service account. With the exception of credits offered by UpCloud free-of-charge for a trial period, the Customer will purchase credits that will be deposited into the Customer's service account. The Customer cannot order the Service unless the Customer has sufficient credits on the service account. The credits are not refundable unless otherwise decided by UpCloud at its sole discretion.
When subscribing to the Service, Customer shall provide true, accurate and complete information as prompted by the Order and update such information when required. Please note that this Agreement only covers the Service and the use thereof and any and all linked third party services and platforms are provided by the relevant third parties and covered by their terms of service or other agreement or license. UpCloud does not assume any liability in regard to use of such third-party services and platforms, whether or not they are linked to the Service.
Customer is not permitted and not entitled to permit the Users or any other parties to do any of the following:
UpCloud will defend Customer against any claim that the Service infringes the intellectual property rights of a third party and pay any damages finally settled or awarded in a trial to the third party with respect to any such claim, provided that UpCloud is notified promptly in writing of the claim and given sole control of the defense and all related settlement negotiations in relation to the claim as well as reasonable assistance and necessary authorisations from Customer to defend or settle the claims on behalf of Customer. At any time, if UpCloud reasonably deems that any part of the Service infringes the intellectual property rights of any third party, UpCloud has the right at its own expense to (i) modify/replace the Service to eliminate the infringement in such a manner that the modified Service complies with this Agreement, or (ii) procure to Customer a right to use the Service. If none of the aforementioned alternatives are reasonably possible, UpCloud shall have the right to terminate this Agreement and UpCloud shall refund to Customer the prices paid for the Service by Customer less the price corresponding the time Customer has been able to use the Service in accordance with this Agreement. UpCloud shall, however, not be liable for any infringement or claim thereof in the event the claim (i) is made by any affiliates of Customer; (ii) has resulted from Customer’s or Customer’s supplier’s or User’s use or modification of or addition to the Service; (iii) could have been avoided by using the latest version of the Service provided by UpCloud; or (iv) is not related to the Service or any part of the Service for which UpCloud is not responsible for pursuant to this Agreement or statutory requirements. This section contains UpCloud’s entire liability and Customer’s sole and exclusive remedy in case of intellectual property rights infringements. Customer shall indemnify, defend, and hold UpCloud harmless from and against all liabilities, damages and costs (including settlement costs and reasonable attorneys’ fees) arising out of any breaches of this Agreement by Customer, Customer’s personnel and/or Users.
Customer data shall mean all Customer’s data that a Customer or another party acting on Customer’s behalf generates in or submits to the Service ("Customer Data") or the data Customer submits to a third-party service or platform which might be accessed by the Service, subject to and on the basis of the permissions or consents Customer has granted. Customer agrees that UpCloud does not assume any liability or responsibility in respect to any Customer Data, with the exceptions relating to Personal Data as set forth in Section Data Processing below. Customer shall at all times ensure that Customer Data does not infringe any third party intellectual property rights or violate any applicable laws or legislation. Customer shall not upload any illegal, offensive, threatening, libellous, defamatory, or otherwise inappropriate data to the Service. For clarity, UpCloud is not responsible and shall not be held liable for any Customer Data, nor does it endorse any opinion contained in any Customer Data. Aside from the rights specifically granted herein, Customer retains ownership of all rights, including intellectual property rights, in the Customer Data.
The Customer shall be responsible for the lawful collection, processing and use, and for the accuracy of the Personal Data, as well as for preserving the rights of the individuals concerned. If and to the extent legally required, the Customer shall inform the individuals concerned regarding the processing of their Personal Data by UpCloud, and shall obtain their consent if necessary. The Personal Data processed by UpCloud on behalf of the Customer may include e.g. Personal Data of the Customer’s employees and end-customers, such as contact details of the aforementioned data subjects. The Customer acknowledges that due to the nature of the Service, UpCloud cannot control and has no obligation to verify Personal Data the Customer transfers to UpCloud for processing on behalf of the Customer when the Customer uses the Service. The Customer ensures that the Customer is entitled to transfer the Personal Data to UpCloud so that UpCloud may lawfully process the Personal Data on behalf of the Customer in accordance with this Agreement. UpCloud shall not use Personal Data for any purpose other than that of rendering and providing the Service and will not assert liens or other rights over, or sell or disclose the Personal Data to any third parties, without the Customer’s prior written approval. UpCloud shall process Personal Data in accordance with this Agreement and documented instructions from the Customer. The Customer’s instructions must be commercially reasonable, compliant with applicable data protection laws and consistent with this Agreement. UpCloud shall not be obliged to verify whether any instructions given by the Customer are consistent with applicable laws, as the Customer is responsible for such compliance verification of its instructions. However, if UpCloud detects that any instruction given by the Customer is non-compliant with the requirements of any data protection legislation applicable to UpCloud’s operations, UpCloud shall inform the Customer in writing. UpCloud and the Customer shall comply with the EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data ("Regulation") and any applicable European or foreign data protection laws as amended, as well as data protection authorities’ orders and guidelines. UpCloud and the Customer shall implement and maintain appropriate technical and organizational security measures to protect the Personal Data within their area of responsibility, in order to safeguard the Personal Data against unauthorised or unlawful processing or access and against accidental loss, destruction or damage. Such measures include where necessary and appropriate, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons the following measures:
To respond to requests from individuals exercising their rights as foreseen in applicable data protection law, such as the right of access and the right to rectification or erasure, the Customer shall primarily use the corresponding functions of the Services, such as the UpCloud Control Panel. UpCloud shall provide the Customer with commercially reasonable assistance, without undue delay, taking into account the nature of the processing. UpCloud shall further provide the Customer with commercially reasonable assistance in ensuring compliance with the Customer’s obligations to perform security and data protection assessments, breach notifications and prior consultations of the competent supervisory authority, as set out in the applicable data protection law, taking into account the nature of the processing and the information available to UpCloud. In case such assistance requires extensive measures from UpCloud, the Customer shall pay additional reasonable remuneration to UpCloud for handling such assistance requests. In addition, UpCloud shall, and shall procure that its personnel (including its subcontractors’ personnel) shall:
The Customer accepts that UpCloud may have Personal Data processed and accessible by its subprocessors outside the Customer’s country of domicile to provide the Service. In case the processing is subject to any EU data protection law and Personal Data is transferred from the European Economic Area ("EEA") to a subprocessor for processing in any country outside the EEA that is not recognized by the European Commission as providing an adequate level of protection for personal data, UpCloud provides for appropriate safeguards by standard contractual clauses, adopted or approved by the European Commission and applicable to the processing by the non-EEA subprocessor or by any other appropriate safeguard as foreseen under Regulation.
The Customer shall have the right to audit the facilities and processing activities of UpCloud under this Agreement to examine the level of protection and security provided for Personal Data processed under this Agreement and to assess the compliance of UpCloud with the terms and conditions relating to Personal Data set out herein. Each Party shall bear its own costs for any such audit. Where an audit may lead to the disclosure of business or trade secrets of UpCloud or threaten intellectual property rights of UpCloud, the Customer shall employ an independent expert to carry out the audit, and the expert shall agree to be bound to confidentiality to UpCloud’s benefit.
General authorization. The Customer gives its general authorization to allow UpCloud to involve UpCloud’s affiliated companies and other subcontractors as subprocessors to process Personal Data in connection with the provision of the Service, to the extent such appointment does not lead to non-compliance with any applicable law or UpCloud’s obligations under this Agreement. UpCloud ensures that the involved subprocessors are properly qualified, will be under a data processing agreement with UpCloud, and comply with data processing obligations similar to the ones which apply to UpCloud under this Agreement. UpCloud shall be liable towards the Customer for the processing of Personal Data carried out by UpCloud’s subprocessors.
UpCloud is free to choose and change its subprocessors. Upon request, UpCloud shall inform the Customer of subprocessors currently involved. In case there is a later change of subprocessor (addition or replacement), UpCloud shall notify the Customer of such change. In case the Customer objects such change of subprocessor on reasonable grounds, the Customer has the right to request change of the subprocessor. If UpCloud is not willing to change the subprocessor the Customer has objected, the Customer shall have the right to terminate the Service and this Agreement.
UpCloud shall, without undue delay after having become aware of it, inform the Customer in writing about any data breaches relating to Personal Data and any other events where the security of Personal Data processed on behalf of the Customer has been compromised. UpCloud’s notification about the breach to the Customer shall include at least the following:
UpCloud shall not take any action to intentionally erase any Personal Data processed on behalf of the Customer, without the Customer’s explicit request. Personal Data shall be processed under this Agreement until the Customer has ceased to use the Service. Within a reasonable time after the termination or expiry of this Agreement, or after the Customer has permanently ceased to use the Service, UpCloud shall permanently delete Personal Data from its storage media, except to the extent that UpCloud is under a statutory obligation to continue storing such Personal Data. On the Customer’s request, UpCloud shall confirm the deletion in writing. The obligation to delete Personal Data shall not apply to Personal Data contained in regular back-up copies of comprehensive datasets from which the individual deletion of Personal Data would not be possible without significant efforts or costs.
The Parties may exchange confidential information during the performance of this Agreement. Confidential information shall mean any information which is marked as confidential or which should be understood as confidential, irrespective of its form of storage or disclosure. All confidential information shall remain the property of the disclosing Party and the receiving Party shall keep confidential and refrain from using such confidential information otherwise than for the purposes of this Agreement, during the term of this Agreement and after the termination of this Agreement. For the avoidance of doubt, any information of or relating to a Party or that Party’s personnel, suppliers, contractors, customers or end-users, which information is obtained or detected by the other Party or processed or generated in the course of providing or receiving the Service shall be deemed confidential information of that Party. Each Party shall promptly upon termination of the Service cease using confidential material and information received from the other Party and use reasonable means to destroy such material. Each Party shall, however, be entitled to retain the copies required by law or regulations.
All intellectual property rights to and in the Service as well as intellectual property rights pertaining thereto, are exclusive property of UpCloud or its licensors with all rights reserved. All intellectual property rights to the content uploaded into the Service by or on behalf of the Customer will remain the exclusive property of the Customer or its licensors. Customer agrees not to resell the Service or redistribute or transfer the Service. All intellectual property rights relating to the provision of the Services, including suggestions for improvements made by the Customer, will remain the exclusive property of UpCloud or its licensors.
UpCloud will offer service level compensations to the Customer in accordance with the SLA. In all other respects the Service is provided on "as-is" and "as-available" basis, and UpCloud will not give the Customer any warranty or guarantee, express or implied, for the Service, including but without limitation to warranties of merchantability, fitness for any particular purpose, performance, or non-infringement. The parties expressly note that the Service is not designed to be error-free or uninterrupted and therefore they are neither intended nor fit for purposes that require fail-safe performance.
UpCloud will not be liable for indirect damage or consequential damages caused to the Customer. UpCloud’s total aggregate liability under or in connection with this Agreement shall be limited to the aggregate Service Fee paid by the Customer for the Service for the last six (6) months preceding the occurrence for which damages are claimed. These limitations will not apply to damage caused by willful misconduct or gross negligence. In order to be valid and enforceable, all claims for damages must be made within 30 days from the date the damage was or should reasonably have been noticed by the Customer.
UpCloud may assign the Agreement in whole or in part to another group company or in connection with the trade sale which includes the provision of the Service. The Customer may assign the Agreement to a third party with UpCloud's prior written consent which UpCloud will not unreasonably withhold. The Agreement will not create any third-party beneficiary rights in any third party.
If the Customer has breached the provisions of the Agreement or UpCloud has justifiable reasons to believe such a breach exists, UpCloud may temporarily suspend the provision of the Service.
The Customer may terminate the Agreement for any reason by issuing 5 days written notice to UpCloud. UpCloud may terminate the Agreement for any reason by issuing 30 days written notice to the Customer.
Either Party may terminate the Agreement with immediate effect if the other Party has materially breached the provisions of the Agreement.
UpCloud will provide the Customer with transition services in order to enable the Customer to transfer the Customer Data to another service provider. The Customer must order the transition services before the termination of the Agreement. The description of the transition services and applicable prices are provided on UpCloud's website.
The Agreement constitutes the entire agreement and supersedes all previous commitments between the parties in respect of the provision of the Service. All amendments to the Agreement must be made in writing. UpCloud may modify this Agreement by notifying the Customer in writing, such as by e-mail or by posting a revised document version on UpCloud's website. If UpCloud considers that a revision will have a material effect on the Agreement, UpCloud will notify the Customer at least 30 days before the revision will be effected and reserve the Customer a possibility to terminate the Agreement.
A failure by either Party to enforce any provision of the Agreement will not be deemed to constitute a present or future waiver of such provision. All waivers must be made in writing.
Force Majeure is an event that prevents, or makes unduly difficult, the performance of the Service or the fulfilment of the provisions of the Agreement, such as war, rebellion, natural catastrophe, general interruption in energy distribution or telecommunications, fire, strike, embargo, or another equally significant and unforeseen event independent of the parties. Each Party shall be entitled to suspend its duties without liability thereof in case of Force Majeure affecting the Party either directly or through its subcontractor.
Should any provision of the Agreement be declared unenforceable by a court of competent jurisdiction, the remaining provisions of the Agreement will remain in full force and effect to the fullest extent permitted by law. The Parties shall attempt through negotiation in good faith to replace the unenforceable provision with such provisions that correspond as closely as possible to the original intention of the Parties.
The Agreement will be governed by the substantive laws of Finland, with the exception of any conflict of law principles. Any and all disputes, which the Parties fail to settle amicably, arising out of or relating to the Agreement will be finally settled by arbitration in English language in accordance with the Rules of the Arbitration Institute of the Finland Chamber of Commerce.
Scope. This service level agreement ("SLA") is an integral part of the Contract between UpCloud and the Customer.
Service Guarantee. UpCloud will guarantee 100% virtual server and network availability to the Customer. The network will be deemed available if UpCloud's routers and switches are available and responding properly. For all unscheduled interruptions in the provision of the Services, which are due to hardware or telecommunications failures that last longer than 5 minutes, UpCloud shall offer compensation to the Customer.
Scheduled Interruptions. UpCloud will notify the Customer by e-mail or on UpCloud's website about scheduled interruptions in the provision of the Services at least 24 hours in advance, with the exception of important security updates and patches which UpCloud may deploy without prior notice.
Error Notifications. In case of an interruption in the Services, the Customer has to notify UpCloud by e-mail to [email protected] The interruption is deemed to begin when the failure starts to affect the Customer's use of the Services, and to end when the failure has been corrected. UpCloud will notify the Customer about the correction of the failure.
Payment of Compensation. When a failure in the Services has been corrected, UpCloud will offer the Customer compensation which the Customer may reclaim within 15 days. The compensation will be paid to the Customer's service account in the form of credits and may not be exchanged for cash or other forms of payment.
Amount of Compensation. The amount of compensation will be 50 times UpCloud's charges for the Services allocated for the period of the interruption of the Services. The maximum amount of compensation for an individual interruption is 100% of UpCloud's charges for the Services during 30 calendar days preceding the interruption. The total sum of aggregated compensations cannot exceed 250% of UpCloud's charges for the Services during 30 calendar days preceding the latest interruption.
Sole Remedy. The above-mentioned payment of compensation will be the sole remedy of the Customer for interruptions or other failures in the Services. In case of a disagreement over the amount of the compensation payable to the Customer, UpCloud's decision on the issue will be binding and final.
Exemptions from Service Guarantee. The following situations will be exempt from UpCloud's service guarantee:
No compensation will be payable to the Customer during a free-of-charge trial period.
Scope. This acceptable use policy ("AUP") is an integral part of the Contract between UpCloud and the Customer.
User Instructions. The Customer must comply with separate user instructions concerning the Services. The Customer shall provide reasonable cooperation with regard to investigations on suspected breaches of the Contract.
Customer's Legal Compliance. The Customer must comply with applicable laws and regulations. For example, the Customer must have necessary rights to use the content which has been uploaded in the Service by or on behalf of the Customer.
Illegal or Offensive Use of Services. The Customer is not entitled to use the Services for purposes which UpCloud deems to be illegal or offensive. If the Customer is uncertain whether or not its use of the Services could be deemed illegal or offensive, the Customer should contact UpCloud in advance and request permission. For example, UpCloud considers the following actions or content to be illegal or offensive:
Mass Emailing. If the Customer wishes to use the Services for sending of bulk e-mail or other mass communications, the Customer must first receive UpCloud's written consent.
Disruptive Use of Services. The Customer may use, investigate, and modify the operating environment of the Services only within the limits of the user instructions. The Customer may not use the Services in any way that causes security risks to the Service or interferes with the operation of the Services. For example, UpCloud considers the following actions to be disruptive on the operation of the Services:
Privacy, security and online safety are important for us, and we process all personal data with due care and in accordance with applicable laws and regulations.
We collect two types of information from the Users: (i) User Data; and (ii) Technical Data. Although we do not normally use Technical Data to identify individuals, sometimes individuals can be recognized from it, either alone or when combined or linked with User Data. In such situations, Technical Data can also be considered to be personal data under applicable laws and we will treat the combined data as personal data.
UpCloud may collect and process for example the following User Data from Users: (i) name and contact details; (ii) e-mail address; (iii) phone number; (iv) invoicing and billing information; (v) other personal data Users provide themselves.
The specific kind of User Data collected will depend on the Services used by the User. Most of the User Data is received directly from Users at the point of registration or otherwise at beginning of and during the customer relationship.
Technical Data we gather in connection with the use of our Services includes for example the following data: (i) User’s IP address; (ii) browser type and version; (iii) preferred language; (iv) geographic location using IP address or the GPS, wireless, or Bluetooth technology on your device; (v) operating system and computer platform; (vi) the full Uniform Resource Locator (URL) clickstream to, through, and from our Services, including date and time; (vii) products or services User viewed or searched for while using our Services; and (viii) areas of our Services User has visited.
For example, the following links provide information on how to adjust the cookie settings on some popular browsers:
Our Services use several web analytics services to compile Technical Data and reports on visitor usage and to help us improve our Services.
There are several purposes for the processing of personal data by UpCloud. Personal data is processed by UpCloud for managing the relationships with customers, facilitating transactions and payments, and for managing, developing and analysing our customer service. Personal data is also used to direct marketing at special customer groups, and other business activities related to any of these activities.
Personal data is also processed by UpCloud for the following purposes:
We process personal data in the first place to be able to offer the Services to our customers and Users and to run, maintain and develop our business. In some cases, personal data may be processed in order to carry out our contractual obligations towards the User. We may use the data for example to offer essential functionalities of the Services and to provide access to the Services. If User contacts our customer service, we will use the provided information for answering questions and solving possible issues.
We may process personal data for the purpose of contacting Users regarding our Services and to inform Users of changes in our Services. Data may also be used for research and analysis purposes in order to improve our Services.
We may process information regarding the use of the Services to improve the quality of our Services e.g. by analysing any trends in the use of our Services. When possible, we will do this using only aggregated, non- personally identifiable data.
We process personal data to perform our contractual obligations towards Users and to comply with legal obligations. Furthermore, we process personal data to pursue our legitimate interest to run, maintain and develop our business.
In some parts of the Services, Users may be requested to grant their consent for the processing of personal data. In this event, Users may withdraw their consent at any time.
We store the Users’ personal data primarily within the European Economic Area. However, we have service providers in several geographical locations. As such, we and our service providers may transfer personal data to, or access it in, jurisdictions outside the European Economic Area or the User’s domicile.
We will take steps to ensure that the Users’ personal data receives an adequate level of protection in the jurisdictions in which it is processed. We provide adequate protection for the transfers of personal data to countries outside of the European Economic Area through a series of agreements with our service providers based on the Standard Contractual Clauses or other similar arrangements.
We only share personal data within the organisation of UpCloud if and as far as reasonably necessary to perform and develop our Services. We do not share personal data with third parties outside of UpCloud’s organization unless one of the following circumstances applies:
We may share personal data with third parties outside UpCloud’s organization if we have a good-faith belief that access to and use of the personal data is reasonably necessary to: (i) meet any applicable law, regulation, and/or court order; (ii) detect, prevent, or otherwise address fraud, security or technical issues; and/or (iii) protect the interests, properties or safety of UpCloud, our Users or the public in accordance with the law. When possible, we will inform Users about such transfer and processing.
We may share personal data with third parties outside UpCloud’s organization for other reasons than the ones mentioned before, when we have the User’s explicit consent to do so. The User has the right to withdraw this consent at all times.
UpCloud does not store personal data longer than is legally permitted and necessary for the purposes of providing the Services or the relevant parts thereof. The storage period depends on the nature of the information and the purposes of processing. The maximum period may therefore vary per use.
Typically, we will store User’s personal data for as long as the User or the relevant customer User represents is a registered subscriber or a registered user of our Services or for as long as we have another purpose to do so and, thereafter, for no longer than is required or permitted by law or reasonably necessary for internal reporting and reconciliation purposes.
In general, personal data of Users are deleted within reasonable time after the User no longer uses any part of the Services or when the User makes a request regarding deletion of User’s personal data.
UpCloud offers access for the Users to the personal data processed by UpCloud. This means that Users may contact us and we will inform what personal data we have collected and processed regarding the said User and the purposes such data are used for.
In case the processing is based on a consent granted by User, User may withdraw the consent at any time. Withdrawing a consent may lead to fewer possibilities to use our Services.
Users have the right to have incorrect, imprecise, incomplete, outdated, or unnecessary personal data we have stored about the User corrected or completed.
Users may also ask us to delete the User’s personal data from our systems. We will comply with such request unless we have a legitimate ground to not delete the data. We may not immediately be able to delete all residual copies from our servers and backup systems after the active data have been deleted. Such copies shall be deleted as soon as reasonably possible.
Users may object to certain use of personal data if such data are processed for other purposes than purposes necessary for the performance of our Services to the User or for compliance with a legal obligation.
Users may also object any further processing of personal data after prior given consent. If User objects the further processing of personal data, this may lead to fewer possibilities to use our Services.
In the event and at the sole discretion of UpCloud, if it is determined that the Service can no longer be provided without customer acceptance of modified terms, a pro-rated refund of service will be paid back to the User.
Users may request us to restrict certain processing of personal data, this may however lead to fewer possibilities to use our Services.
Users have the right to receive their personal data from us in a structured and commonly used format and to independently transmit those data to a third party.
The above mentioned rights may be used by sending a letter or an e-mail to us on the addresses set out above, including the following information: the full name, company name (if applicable), address, e-mail address and a phone number. We may request the provision of additional information necessary to confirm the identity of the User. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded.
Notwithstanding any consent granted beforehand for the purposes of direct marketing, User has the right to prohibit us from using User’s personal data for direct marketing purposes, market research and profiling by contacting us on the addresses indicated above or by using the functionalities of the Services or the unsubscribe possibility offered in connection with any direct marketing messages.
You have the right to opt out of receiving electronic direct marketing communications from us, and choosing not to receive marketing communications from us in the future. UpCloud uses the Users’ e-mail addresses on record to communicate of updates and important information regarding the UpCloud infrastructure in the form of occasional newsletters. Users have the possibility to opt out of these e-mails by unsubscribing through the e-mail itself.
You also have the right to prohibit us from using your personal data for direct marketing purposes, market research and profiling by contacting us on the addresses indicated above. In case your personal data are processed based on your consent, you have the right to withdraw your consent for such processing.
In case User considers our processing of personal data to be inconsistent with the applicable data protection laws, a complaint may be lodged with the local supervisory authority for data protection.
We will take all reasonable and appropriate security measures to protect the personal data we store and process from unauthorised access or unauthorised alteration, disclosure or destruction. Measures include for example, where appropriate, encryption, firewalls, secure facilities and access right systems.
We maintain all personal data collected through industry standard safe mechanisms including, but necessarily limited to encryption of password data as well as API keys, SSL-encryption, passing of credit card information directly to our PCI compliant Merchant Processor and encryption of any collected credit card information.
We use administrative, organizational, technical, and physical safeguards to protect the personal data we collect and process. Our security controls are designed to maintain an appropriate level of data confidentiality, integrity, and availability. We regularly test our websites, data centres, systems, and other assets for security vulnerabilities.
Should despite of the security measures, a security breach occur that is likely to have negative effects to the privacy of Users, we will inform the relevant Users and other affected parties, as well as relevant authorities when required by applicable data protection laws, about the breach as soon as reasonably possible.