This Privacy Policy describes how Sitetracker, Inc. (together with its affiliated companies – “Sitetracker”, “we” or “us”) collects, retains, and uses personal data from individuals all over the world. It also provides information on privacy rights, how to exercise these rights and how to contact us with any questions.

Specifically, this Privacy Policy describes the following:

  1. About Sitetracker
  2. The Scope of this Policy
  3. Data Collection & Processing
  4. Data Uses & Lawful Bases
  5. Sharing and Disclosure of Personal Data to Third Parties
  6. Cookies and Data Collection Technologies
  7. Data Locations
  8. Data Retention
  9. Your Privacy Rights
  10. General Information

We encourage you to read this Privacy Policy carefully and make sure that you fully understand it. You are not legally required to provide us with any personal data. If you do not wish to provide us with your personal data, or to have it processed by us or any of our service providers, please do not provide it to us and avoid any interaction with us or with any of our services, websites or other online assets.

  1. About Sitetracker

Sitetracker is a U.S. company, headquartered in New Jersey, with global operations. Sitetracker is the global standard in deployment operations management software that makes it possible to manage repeatable infrastructure projects and drive profitable growth (the “platform”). More information about Sitetracker and our platform can be found at https://www.sitetracker.com/.

  1. The Scope of this Policy

When we use the term “personal data” in this Privacy Policy, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual. It does not include aggregated or deidentified information that is maintained in a form that is not reasonably capable of being associated with or linked to an individual.

This Privacy Policy applies primarily where Sitetracker determines the purposes and means for the processing of personal data, as further detailed below, and specifically regarding the following categories of personal data and data subjects:

  • User Data: personal data concerning our customers’ internal focal persons who directly engage with Sitetracker concerning their organizational account, and users of the platform on behalf of such customers, e.g., the account administrators and users, billing contacts and authorized signatories on behalf of the customer (collectively, “users”); as well as the customer’s business needs and preferences, as identified to us or recognized through our engagement with them.
  • Prospect Data: personal data relating to visitors of our websites, participants at our events, and any other prospective customer, user or partner (collectively, “prospects”) who visits or otherwise interacts with our website, online ads and content, emails, sales and marketing channels, integrations or communications under our control (“sites”, and collectively with the platform and any related applications and services offered by us – the “Services”).

We also process personal data submitted by or for a customer to Sitetracker’s Services (“Customer Data”). If not stated otherwise in this Privacy Policy, we process such Customer Data on such customers’ behalf. Each such customer (and/or its affiliates), as relevant, is the responsible controller or owner of the Customer Data concerned, whilst Sitetracker acts as their data processor or service provider, in accordance with our customer’s reasonable instructions and as further stipulated in our Data Processing Addendum and other commercial agreements with such customer. We are not responsible for and have no control over the privacy and data security practices of our customers, which may differ from those set forth in this Privacy Policy. If you wish to learn more about the privacy and data security practices of those customers, please reach out to them directly.

  1. Data Collection & Processing

The personal data that Sitetracker collects will be determined by your interaction with Sitetracker, our partners, and other related sources. Sometimes we collect personal data automatically when an individual interacts with our services, and sometimes we collect personal data directly from the individual. At times, we may collect personal data about an individual from other sources and third parties (such as our customers and service providers, or from publicly available sources), even before our first direct interaction.

We collect or generate the following types of personal data about individuals through the Services:

  • Usage, login credentials, and device information concerning users and prospects (connectivity, technical and aggregated usage data, such as user agent, IP addresses (or proxy server) and approximate location based upon such IP addresses, ISP, device data (like type, OS, device identifiers and attributes, browser type and version, locale and language settings used), activity logs, referring and exit pages and URLs, platform type, number of clicks, web log data, domain names, landing pages, pages and content viewed and the order of those pages, the amount of time spent on particular pages, the date and time you used our Services, the frequency of your use of our Services, error logs, session recordings, log-in credentials to the Services, the cookies and pixels installed or utilized on their device, downloads and engagement data with Sitetracker reports and other publications, and inferred or presumed data generated from their use of the Services);
  • Information concerning our customers, users and prospects (contact and business details such as name, email, phone number, position, workplace and related business insights, our communications with such individuals (correspondences, sensory information including call and video recordings, and transcriptions and analyses thereof), feedback and testimonials received, contractual and billing details, as well as any expressed, presumed or identified needs, preferences, attributes and insights relevant to our potential or existing engagement, purchasing details including interest and/or purchase history);
  • Information related to users’ use of the mobile application services (information regarding users’ computer systems, and information regarding users’ interaction with mobile applications, which we may use to provide and improve the mobile application services that we may offer as part of the Services. Sitetracker customers may configure our mobile application services, and the types or scope of personal data accessed or obtained by Sitetracker mobile application on a user’s device may be affected by such customer’s configuration, which may change the scope of personal data required to be processed by us.  For example, a mobile application may access a camera on a user’s device to enable the user to upload photographs to our mobile services; or access the geographic location of a user’s device that enables us to provide mobile services. It may also include information obtained in preparation for anticipated updates to those services. The Sitetracker mobile application may transmit information to and from devices to provide the mobile application services. To the extent that a user uses a mobile application to submit electronic data and information to a customer account on our Services pursuant to the customer’s Master Subscription Agreement with us, that information constitutes “Customer Data” which we will then process on that customer’s behalf);
  • Personal data contained in Customer Data which is provided by our customers or processed on their behalf and under their instruction, which may also include any of the types of personal data described above (with respect to users or other individuals whose data is contained in the Customer Data) and in our Data Processing Addendum with such customers. If you wish to learn more about the types of personal data that a customer may provide us in connection with the Services, please reach out to them directly.
  1. Data Uses & Lawful Bases

Sitetracker uses personal data as necessary for the following purposes and in reliance on the lawful bases detailed in the chart below:

Users, Prospects & Customer Data
PurposeLawful basis for processing
To facilitate, operate and provide our Services, and comply with our contractual obligation to provide Services, along with related technical and customer success support.– Performance of a Contract (to the extent applicable)
– Legitimate Interest
Responding to individuals’ requests for action, support or information.– Performance of a Contract
– Legitimate Interest
To monitor, study and analyze use of the Services.– Performance of a Contract (to the extent applicable)
– Legitimate Interest
To gain a better understanding on how individuals use and interact with our Services, how we could improve their and others’ user experience and continue improving our offerings and the overall performance of our Services.– Legitimate Interest
To support and enhance our data security and policy enforcement measures, including for purposes of preventing, investigating and mitigating the risks of fraud, error or any illegal, fraudulent, suspicious or prohibited activity, including by tracking use of our sites and Services.– Performance of a Contract
– Compliance with legal obligations
– Legitimate interest
To comply with court orders and warrants.– Compliance with legal obligations
For investigations, the establishment, exercise or defense of legal claims, whether in court proceedings, alternative dispute resolution or in an administrative or out-of-court procedure.– Legitimate interest
– Compliance with legal obligations
To comply with legal and regulatory obligations.– Compliance with legal obligations
To contact our customers, users and prospects with general or personalized Services-related messages.– Performance of a Contract
– Legitimate Interest
To contact our customers, users and prospects with promotional messages that may be of specific interest to them, about us, our Services, and our affiliates and partners, and engage with those who are interested in learning about our Services, content, and our business initiatives.– Consent (to the extent applicable)
– Legitimate Interest
To facilitate and optimize our marketing campaigns, ad management and sales operations, and to manage and deliver advertisements for our products and services more effectively, including on other websites and applications.– Consent (to the extent applicable)
– Legitimate Interest
To explore and pursue growth opportunities by facilitating a stronger local presence and tailored experiences.– Legitimate Interest
To facilitate, sponsor and offer certain events, contests and promotions.– Legitimate Interest
– Consent (to the extent applicable)
To support our legitimate business management needs, and to ensure continued proper functioning, including internal training; research; record updating; internal analysis for business management purposes; internal or external audits purposes; preparing for or in connection with a potential or actual reorganization, asset, share sale or similar transaction;– Legitimate Interest
Protecting your vital interests or those of another person.– Vital Interest
To create aggregated data, inferred non-personal data or anonymized or pseudonymized data (de-identified data), which we or our business partners may use to provide and improve our respective services, conduct research, or for any other purpose.– Legitimate Interest Performance of a Contract
– Compliance with legal obligations

If you reside or are using the Services in a territory governed by privacy laws under which “Consent” is the only or most appropriate lawful basis for the processing of personal data as described herein (in general, or specifically with respect to the types of personal data you expect or elect to process or have processed by us or via the Services, or due to nature of such processing), your acceptance of our Terms and Conditions and this Privacy Policy will be deemed as your consent to the processing of your personal data for all purposes detailed in this Policy, unless applicable law requires a different form of consent. If you wish to revoke such consent, please contact us at privacy@sitetracker.com.

If you provide us with personal data relating to another person, including any information about your employer, customers, business partners, vendors, contractors, subcontractors, etc., you confirm that you have informed them of our identity and the purposes (as set forth above) for which their personal data will be used and that you have obtained their consent prior to sharing their information with us.

Please do not provide the following types of data to us:

  • Any other person’s personal data, unless we explicitly ask you to do so;
  • Any categories of your personal data that have not been explicitly requested by us;
  • Any confidential, proprietary, secret or legally protected information which you are not explicitly requested by us to provide; and
  • Any confidential, proprietary, secret or legally protected information which are under any legal or contractual obligation to not provide to or share with us.
  1. Sharing and Disclosure of Personal Data to Third Parties

We share and disclose personal data to the following types of third parties and for the following purposes, insofar as reasonably necessary for these purposes:

  • Service Providers: We engage a limited number of third party service providers to perform services on our behalf or complimentary to our own. Such service providers support us in areas such as hosting and server co-location services, communications and content delivery networks (CDNs), data security services, billing and payment processing services, fraud detection and prevention services, web and product analytics, e-mail distribution and monitoring services, session or activity recording services, remote access services, content transcription and analysis services, performance measurement, data optimization and marketing services, social and advertising networks, content and data enrichment providers, event production and hosting services, e-mail, voicemails, support, enablement and customer relation management systems, and our legal, financial, privacy and compliance advisors. These third parties may access, process, or store personal data in the course of providing their services, depending on each of their specific roles and purposes in supporting us, and may only use this data as determined in our agreements with them.
  • Our relationship with Salesforce: Salesforce.com, inc. and its subsidiaries (“Salesforce”) host our Services, as well as some of the systems we use to store and process information we receive from sites, visitors, attendees, and individuals with whom we interact through email, other messaging systems, or telephone. This means that information submitted to our Services, and some other information we receive from you, which may contain personal data, is stored and maintained in accordance with Salesforce’s Privacy Statement, which can be viewed here: https://www.salesforce.com/company/privacy/full_privacy/. Our Privacy Policy does not create any obligation on the part of Salesforce.
  • Business Customers: Our customers have access to any personal data we process on their behalf in our capacity as a “processor” or a “service provider”, as well as to personal data relating to their users, as it relates to their use of our Services.
  • Business Partnerships: We partner with other companies to offer products or services. If you purchase or specifically express interest in a product or service we jointly offer with another company, we may share data about you collected in connection with your purchase or expression of interest with that other company. We do not control our business partners’ use of your personal data, and their use of such data will be subject to their own privacy policies. If you do not wish your personal data to be shared in this manner, please do not purchase or specifically express interest in a jointly offered product or service.
  • Managing Events: We do not share with our business partners information we receive about you through your registration for or attendance of events hosted or sponsored by us unless: (1) you opt in to such sharing via an event registration form or other valid communication means; or (2) you attend a jointly run event. If you do not wish your information to be shared in this manner, please do not to opt in via event registration forms and do not attend jointly run events. If you choose to share your data with business partners in the manners described above, your data will be subject to the business partners’ respective privacy statements.
  • Compliance with Laws and Legal Obligations: We may disclose or allow access to personal data to a third party where we believe in good faith that we are legally required to do so in order to comply with any applicable law, regulation, legal process, governmental request, or legal obligations, or in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. Such disclosure or access may occur if we believe in good faith that: (a) we are legally compelled to do so; (b) disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; or (c) such disclosure is required to protect our legitimate business interests, including the security or integrity of our products and services.
  • Sharing your Feedback or Recommendations: If you submit a public review or feedback, note that we may (at our discretion) store and present your review on our sites and in our Services. If you wish to remove your public review, please contact us at privacy@sitetracker.com.
  • Protecting Rights and Safety: We may share personal data with others if we believe in good faith that this will help protect the rights, property or personal safety of Sitetracker and our employees, any of our prospects, users or customers, or any members of the general public.
  • Sitetracker Subsidiaries and Affiliated Companies: We share personal data internally within our group, for the purposes described in this Privacy Policy.
  • Change in Control or Ownership: Should Sitetracker or any of its subsidiaries or affiliates undergo any change in control or ownership, including by means of merger, acquisition or purchase of substantially all or part of its assets, personal data may be shared with or transferred to the parties involved in such an event. We may disclose personal data to a third-party during negotiation of, in connection with or as an asset in such a corporate business transaction. Personal data may also be disclosed in the event of insolvency, bankruptcy or receivership.
  • Your Consent: We may share or disclose your personal data at your direction.

For the avoidance of doubt, Sitetracker may share personal data in additional manners, if we are legally obligated to do so, or if we have successfully rendered such data non-personal, non-identifiable and anonymous. We may transfer, share or otherwise use non-personal and non-identifiable data at our sole discretion and without the need for further approval.

  1. Cookies and Data Collection Technologies

We and our service providers use “cookies”, anonymous identifiers, pixels, container tags and other technologies in order to provide our Services and ensure that they perform properly, to analyze our performance and marketing activities, for personalization purposes, for product development and improvements, and to personalize your experience. For information regarding our use of such technologies, how to manage them, and other relevant information please go to our Cookie Policy located at: www.sitetracker.com/cookie-policy.

  1. Data Locations

We and our authorized service providers maintain, store and process personal data in the United States of America, Europe (including Germany, Spain, Luxembourg and the United Kingdom), Australia, Singapore and India, as reasonably necessary for the proper performance and delivery of our Services, for our internal business purposes in the locations where Sitetracker resides, or as may be required by law. A list of our global offices is available here: https://www.sitetracker.com/company/contact. This means that when we process your personal data, we may process it in any of these countries, as applicable to the purposes of such processing activity. These countries may have data protection laws that are different from the laws of your country, but in the event Sitetracker transfers any personal data originating from the EEA, Switzerland, or the UK to a third party in the United States or elsewhere, such transfers will be protected by appropriate safeguards and valid international transfer mechanism (e.g. Standard Contractual Clauses as approved by the European Commission, Swiss Federal Data Protection and Information Commissioner (FDPIC), and/or the UK Information Commissioner’sOffice (ICO)).

Sitetracker complies with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) (together, the “DPFs”) as set forth by the U.S. Department of Commerce. We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF. We have certified to the U.S.Department of Commerce that we adhere to the UK Extension to the EU-U.S. DPF with regard to the processing of personal data received from the UK. We have certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles, the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Under the DPFs, we are responsible for the processing of the personal data we receive and, subsequently, for the personal data that we transfer to a service provider. We comply with the DPF Principles for all onward transfers of personal data from the EU, UK, and Switzerland, including the onward transfer liability provisions.

The Federal Trade Commission has jurisdiction over our compliance with the DPFs. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

For complaints regarding DPF compliance, you have the possibility, under certain conditions, to invoke binding arbitration when other dispute resolution procedures have been exhausted (you can find additional information through the DPF Website with regards to this).

If you have questions or complaints regarding Sitetracker’s practices regarding international data transfer, or would like to obtain a copy of the Standard Contractual Clauses that we use, please contact us at privacy@sitetracker.com.

  1. Data Retention

We will retain your personal for the appropriate retention period for personal data on the basis of the purpose for which we process the personal data (as set out in the “Data Uses & Lawful Bases” section above), the amount and scope of personal data being processed, nature and sensitivity of your personal data processed, the potential risk of harm from unauthorized use or disclosure of your personal data, and whether we can achieve the purposes of the processing through other means, as well as on the basis of applicable legal requirements.

In cases where it is not possible for us to determine in advance the periods for which your personal data will be retained, we will determine the period of retention by taking into consideration additional factors such as the performance of our Services, and any applicable industry and governmental standards.

When we no longer have an ongoing purpose to process your personal data, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely retain your personal data to the extent as required by applicable laws and regulations.

Please note that except as required by applicable law or our specific agreements with you, we will not be obligated to retain your personal data for any particular period, and we are free to securely delete, anonymize or restrict access to it for any reason and at any time, with or without notice to you.

If you have any questions about our data retention policy, please contact us by e-mail at privacy@sitetracker.com.

  1. Your Privacy Rights

Individuals have rights concerning their personal data. Please submit a request form online by filling out our form here or contact us by e-mail at: privacy@sitetracker.com if you wish to exercise your privacy rights under any applicable law, including the EU or UK General Data Protection Regulation (GDPR), or the California Consumer Privacy Act (CCPA), such as – to the extent applicable – the right to know/request access to (specific pieces of personal data collected; categories of personal data collected; categories of sources from whom the personal data was collected; purpose of collecting personal data; categories of third parties with whom we have shared personal data), to request rectification or erasure of your personal data held with Sitetracker, or to restrict or object to such personal data’s processing (including the right to direct us not to sell your personal data to third parties now or in the future), or to port such personal data, to give us certain instructions concerning your personal data held with us, or the right to equal services and prices (e.g. freedom from discrimination) (each to the extent available to you under the laws which apply to you). Sitetracker is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). There exists the possibility, under certain conditions, for the individual to invoke binding arbitration when other dispute resolution procedures have been exhausted. You may also have the right to lodge a complaint with the relevant supervisory authority, as applicable.

Please note that when you ask us to exercise any of your rights under this policy or applicable law, we may need to ask you to provide us with certain credentials to make sure that you are who you claim you are, to avoid disclosure to you of personal data related to others and to ask you to provide further information to better understand the nature and scope of data regarding which you request to exercise your rights. Such additional data, along with records pertaining to your request, its handling by us and subsequent communications between you and us, may be then retained by us for legal, compliance and auditing purposes (e.g., as proof of the identity of the person submitting the request or proof of request fulfillment).

We may redact from the data which we will make available to you, any personal data related to others, or confidential information pertaining to Sitetracker, our customers, service providers or partners.

If your personal data has been submitted to us by or on behalf of a Sitetracker customer and you wish to exercise any rights you have under applicable data protection laws, please inquire with that customer directly. Because we may only access a customer’s data upon instruction from that customer, if you wish to make your request directly to us, please provide to us the name of the Sitetracker customer, who submitted your data to us. We will refer your request to that specific customer, and will support them as needed in responding to your request within a reasonable timeframe.

If you have any question about your privacy rights, please contact us in accordance with the “How to Contact Us” instructions below.

  1. General Information
  • How to Contact Us: If you have questions regarding this Privacy Policy or if you wish to exercise your privacy rights of applicable jurisdiction, please contact us:
    • by email at privacy@sitetracker.com
    • by mail/post to: Sitetracker, Inc. (Attn: Sitetracker Privacy), 491 Bloomfield Ave, Suite 301, Montclair, NJ 07042, United States of America
  • External Links: Our sites may contain links to other websites. This Privacy Policy only applies to Sitetracker’s sites and Services, not to other websites for which our sites or Services may contain links.
  • Requirements under US State Privacy Laws: This Policy describes the categories of personal data (or personal information under certain US State Privacy Laws such as the CCPA/CPRA defined below) we may collect and the sources of such data (in Section ‎3 above), and our practices regarding data retention (Section ‎8) and requests to exercise privacy rights including deletion (Section ‎9). We also included information about how we may process your data (in Sections ‎2 through 9), which includes for “business purposes” under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA) and similar state laws, as applicable. We do not “sell” or “share” your personal data for the intents and purposes of the CCPA or CPRA, nor disclose personal data that we “control” to any third party for their direct marketing purposes. We may disclose personal data to third parties or allow them to collect or access personal data from our Services as described in Section ‎5 above, if those third parties are our customers (in respect of Customer Data processed on their behalf), or are our authorized service providers or business partners who have agreed to our contractual limitations as to their retention, use, and disclosure of such personal data, or direct us to disclose your personal data to third parties, or as otherwise described in Section ‎5 above. You may also designate an authorized agent, in writing or through a power of attorney, to request to exercise your privacy rights on your behalf. The authorized agent may submit a request to exercise these rights by emailing/mailing us. We will not discriminate against you by withholding our Services from you or providing Services of a lower quality.
    • If you have any questions or would like to exercise your rights under any applicable US State privacy laws, you can contact us at privacy@sitetracker.com or via mail at the address stated above.
  • Children: We recognize the importance of children’s safety and privacy. Our Services are not designed to attract children, and are not intended for use by any children under the age of 16. We do not request, or knowingly collect, any personally identifiable information from children under the age of 16. If you are under age 16, you do not have permission to use our sites or our Services. If you are a parent or guardian and believe your child has provided us with personal data without your consent, please contact us by using the information in the “How to Contact Us” section below, and we will take steps to delete such personal data from our systems.
  • EU and UK Representatives: Sitetracker has designated representatives in the European Union and in the United Kingdom for data protection matters. Inquiries regarding our UK privacy practices may be sent by e-mail to privacy@sitetracker.com or via mail as follows: Work.Life Farringdon, 120 Aldersgate Street, London EC1A 4JQ, United Kingdom; inquiries regarding our EEA privacy practices may be sent by e-mail to privacy@sitetracker.com or via mail as follows: 46A, Avenue JF Kennedy, Luxembourg, Grand Duchy of Luxembourg, 1855.
  • Changes to this Privacy Policy:  We may update this Privacy Policy from time to time by publishing a new version on our Services. The amended version will be effective as of the date it is published. We will provide prior notice if we believe any substantial changes are involved via any of the communication means available to us or via the Services. After such notice period, all amendments shall be deemed accepted by you.