Effective as of 5th September 2024
Scalable Software, Inc. (“Scalable” or the “Company”) is committed to protecting the privacy of individuals who use our browser extension products ("Users"). This Privacy Statement describes Scalable’s privacy practices in relation to the use of our browser extension products, including the Scalable Agent Web Page Event Admin and Scalable Agent Browser Extension (collectively referred to as the “Products”).
Scalable strives to comply with all applicable laws that are designed to protect your privacy. Our goal is to provide protection for your data no matter where it is collected, transferred, or retained.
Information We Collect
The Products collect no information unless explicitly instructed to do so by a competent professional employed by the customer (“System Administrator”).
Data Collected:
Under control of the System Administrator the Products can collect information related to user interactions with web pages, including URLs, page content, and event-related data for web application page recognition. This data may include URLs that contain personal information depending on the content of the URL.
Collection Methods:
Data is collected through content scripts and background scripts that monitor a user’s interactions with web pages. The data is encrypted and transmitted to a secure server, via the locally installed Scalable agent, where it accessible only by individuals authorised by the Systems Administrator
Contextual Data:
The Scalable agent may retrieve context from Scalable’s secure server to determine what data should be collected. This is under the control of the System Administrator
Use of Information Collected
Primary Purpose:
The primary purpose of the Scalable Agent Web Page Event Admin plugin is to allow Systems Administrators to set and define which web events should be tracked. The Scalable Agent Browser Extension then monitors user interactions with web pages based on these predefined events and sends the relevant usage data to the Scalable server for storage and analysis. This data is essential for recognising and managing web application events as per the customer-defined criteria.
Internal Use Only:
All collected data is held and used internally within the customer’s instance of the product. and is not shared externally except as required by law.
No Research or Development Use:
The data will not be used for research or development purposes beyond improving the specific functionality of the Products.
No Personalisation:
The collected data is not used to provide personalised experiences or recommendations to Users.
Data Sharing and Disclosure
Service Providers:
We do not share your data with any third-party service providers for promotional purposes. The data is maintained strictly within the Scalable cloud environment.
Legal Obligations:
Scalable reserves the right to disclose your data if required by law or if the Company reasonably believes that disclosure is necessary to protect the Company’s rights or to comply with a judicial proceeding, court order, or legal process.
No Advertising Use:
The data is never shared with advertisers or used for advertising purposes.
International Transfer of Information Collected
To facilitate Scalable’s global operations, the Company may store data in, and provide access to data from, multiple locations around the world; including the United States, United Kingdom and European Union. This Privacy Statement shall apply regardless of the location where the data is stored.
Data Security
Transmission Security:
Data transmitted to the Scalable servers is firstly encrypted, and then sent over an https-based connection.
Data Retention:
We retain collected data for 90 days, after which it is securely deleted.
Access Control:
Data is encrypted during transmission, and access is restricted to personnel within the customer’s organisation authorised the Systems Administrator. The security of the data is of utmost importance, and Scalable uses robust security measures to protect it from unauthorised access.
Compliance with Google Policies
Scalable is committed to complying with all relevant Google Chrome Web Store policies. Our browser extensions are designed to adhere to the principles of data minimization and security as outlined by Google. Specifically:
-
Minimal Permissions: Our Products request only the necessary permissions required to perform their intended functions, ensuring that no unnecessary data is collected or accessed. This includes the use of “tabs,” “activeTab,” and “scripting” permissions solely for the purposes of event tracking and data transmission as defined in this policy.
-
User Data Handling: We ensure that all personal and sensitive user data collected by our extensions is handled securely and transmitted using strong encryption methods, specifically zlib encryption. The data is used exclusively for internal purposes, as described in this policy, and is never shared with third parties for advertising or promotional purposes.
-
Security Protocols: We implement robust security measures to protect user data, including encrypting data during transmission and restricting access to personnel within the customer’s organisation authorised the Systems Administrator.
-
Transparency and Disclosure: Users are informed of our data collection practices through this Privacy Policy, which is readily accessible. Any updates to our data practices or permissions will be communicated to users in accordance with Google’s requirements, and users will be given the opportunity to review and accept these changes before continuing to use our Products.
By ensuring full compliance with Google’s policies, we strive to maintain the highest standards of privacy and security for all users of our browser extensions.
User Control and Access
Consent:
By using our Products, you consent to the collection and use of your data as described in this Privacy Policy.
No Opt-Out:
Users cannot opt out of data collection due to the nature of the Products’ functionality, but collection of this data is at the control of the customer- typically the user’s employer.
Contacting Us:
For questions or concerns regarding your data, you can contact us via email at privacy@scalable.com or by mailing to:
Scalable Software
Attn: Privacy
111 Congress, Suite 800,
Austin, Texas 78701,
United States
Communications Preferences
Scalable offers Users the ability to choose how the Company uses the information provided. You may manage your receipt of marketing and non-transactional communications by emailing privacy@scalable.com
Changes to This Privacy Statement
Scalable reserves the right to change this Privacy Statement. Scalable will provide notification of material changes to this Privacy Statement through the Company’s websites or via email at least thirty (30) days prior to the change taking effect. Users will have the opportunity to review any changes before they are applied.
Notification of Data Breach
In the event of a Security Incident, Scalable will notify the User’s nominated Information Security Officer or other contact within twenty-four (24) hours of discovery. A detailed report will be provided within a further twenty-four (24) hours.
Contacting Us
Questions regarding this Privacy Statement or the information practices of the Company’s Products should be directed to privacy@scalable.com or by mailing Scalable at the address provided above.