Effective Date: May 25th, 2018
MantisHub, LLC. - (“MantisHub”, “we”, or “us”) refers to employees and contractors of the MantisHub company
Service - ("MantisHub," "instance", "Services", "the Service") MantisHub provides cloud software for the purposes of issue tracking, project management and Helpdesk services
Customer - ("account owners", "You", "Your") defined as any account owners as registered when subscribing to the Service or as updated by the account owners during the life of the subscription.
Users - users of the Service registered to the customer.
Personal Data - This is covered in 2 broad categories-
- What we call Account Information- this is data collected by MantisHub for the purposes of providing, maintaining and improving Service for customers (or potential customers). Under data protection laws in certain jurisdictions, like the EEA, MantisHub is the 'data controller' of such data.
- What we call Customer Content- data collected and stored by customers and subscribers within MantisHub services. Under data protection laws in certain jurisdictions, like the EEA, MantisHub is the 'data processor' of such data.
Account Information Collected
- Information you provide:
- Account Registration - When you register for a Service, we may ask for your contact information, including items such as name, company name and email address. You may also choose to provide added information for invoicing or account management purposes including alternate contact details, company name, address, telephone and VAT number
- Referral Service - If you choose to refer a friend to our Services, we may also collect your friend’s email address so that we may send them a referral or promotional code to sign up for our Services.
- Payment Information - When you add your payment information to your account, that information is directed to our third-party payment processor. We do not directly collect or store your payment information on our systems; however, we have access to, and may retain, subscriber information through our third-party payment processor.
- Communications - If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.
- Volunteered Information - We may request and you may elect to respond to requests for added information such as surveys.
- Other information collected:
- Cookies and Other Tracking Technologies - As is true of most websites, we gather certain information automatically and store it in log files. In addition, when you use our Services, we may collect certain information automatically from your device. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, clickstream data, landing page, and referring URL. To collect this information, a cookie may be set on your computer or device when you visit our Services. Cookies contain a small amount of information that allows our web servers to recognize you. We store information that we collect through cookies, log files, and/or clear gifs to record your preferences. We may also automatically collect information about your use of features of our Services, about the functionality of our Services, frequency of visits, and other information related to your interactions with the Services. We may track your use across different websites and services. In some countries, including countries in the European Economic Area ("EEA"), the information referenced above in this paragraph may be considered personal information under applicable data protection laws.
- Usage of our Services - When you use our Services, we may collect information about your engagement with and utilization of our Services, such as processor and memory usage, storage capacity, navigation of our Services, and system-level metrics. We use this data to operate the Services, maintain and improve the performance and utilization of the Services, develop new features, protect the security and safety of our Services and our customers, and provide customer support. We also use this data to develop aggregate analysis and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.
- We may collect information about you, as our customer, from publicly-available sources so we can understand our customer base better.
Information We Receive from Third Parties.
- Third-Party Accounts - If you choose to link our Service to a third-party account, we will receive information about that account, such as your authentication token from the third-party account, to authorize linking. If you wish to limit the information available to us, you should visit the privacy settings of your third-party accounts to learn about your options.
How your Account Information is used
We will not share or sell your personal information and will only use your information for managing your account, providing support or improving the quality of service we provide. We use the information we collect in various ways, including to:
- Provide, operate, and maintain our Services;
- Improve, personalize, and expand our Services;
- Understand and analyze how you use our Services;
- Develop new products, services, features, and functionality;
- Communicate with you to provide you with updates and other information relating to the Service, and for marketing and promotional purposes;
- Process your transactions;
- Find and prevent fraud; and
- For compliance purposes, including enforcing our Terms of Service, or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency.
Customer Content ownership
- Any data collected and stored by you the customer and your users is entirely yours. You control your data; how you release it or use it is up to you. We don’t sell your information to anyone and we don’t use the information stored in your Service for any purpose other than to provide support to you and your users. But we do comply with the law, so under limited circumstances we could be required to release your information (e.g., if we are compelled by an order or subpoena).
- MantisHub will never access Customer Content unless required to for support reasons. Support staff may log into your account to access settings related to your support issue. In rare cases we may need to pull a clone of your data, this will only be done with your consent. When working on a support issue we do our best to respect your privacy as much as possible, we only access the files and settings needed to resolve your issue.
Responsibilities regarding your Customer Content
- You act as the data controller for any personal data collected and stored in your MantisHub service. We enable you to satisfy compliance statements regarding data handling and privacy. As such, you are responsible for honoring requests regarding this data including those under EU privacy regulations.
- We act as a data processor for any personal data collected and stored in your MantisHub service. Our platform enables you to securely view, update and delete information. For deletion of any backup data, you can contact firstname.lastname@example.org to request such actions. Also refer to our Data retention section for more information on this.
Your rights under the General Data Protection Regulations (GDPR)
If you are a resident of the EEA, you have certain data protection rights under GDPR. How to exercise these rights is detailed in the following article:
You may also find more information on MantisHub and GDPR compliance here on our website.
Third party providers
We may share information with sub-processors who assist in providing the MantisHub services, such as our infrastructure and billing provider. An up-to-date list of our sub-processors is located here.These providers are limited to only accessing or using this data to provide services to us and must provide reasonable assurances they will appropriately safeguard the data.
Plugin & Integrations
Some plugins and integrations may need to access or collect some of your information, including personal information. If you choose to use these, MantisHub will share your information with integration partner to allow you to use the integration or plugin. MantisHub does not control integration partners’ use of your information and their use of your information will be in accordance with their own policies. If you do not want your information to be shared with an integration partner, then you should not use the integration or plugin.
We retain account information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).
When we have no ongoing legitimate business need to process your account information, we will either delete or anonymize it or, if this is not possible (for example, because your information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Customer Content will be purged 30 days after expiration or cancellation of the Service.
MantisHub is committed to protecting your information. To do so, we employ a variety of security technologies and measures designed to protect information from unauthorized access, use, or disclosure. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. However, please bear in mind that the Internet cannot be guaranteed to be 100% secure. See answers to FAQs regarding security.
MantisHub may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your MantisHub account or by placing a prominent notice on our Site. If we materially change the ways in which we use or share personal information previously collected from you through our Services, we will notify you through our Services, by email, or other communication