Privacy Policy
This privacy policy explains what personal information (also called “personal data”) Pythian collects from you, when you visit our website or otherwise interact with us, why we collect it and how we use it. We also explain the choices you have, so that you can exercise the rights to your personal information, as well as the impacts of choosing not to disclose certain information.
This privacy policy is provided in a layered format so you can click through to the specific areas set out below. You can also download a PDF version of the policy.
Who we are and how you can contact us
Pythian is made up of different legal entities: Pythian Services USA Inc., Pythian Services Inc., Agosto LLC., Pythian UK Limited, Pythian Australia Pty. Ltd., Pythian India Private Limited, ManageServe, Inc. and ManageServe Technologies (India) Private Limited. “Pythian” or “We” includes all these companies.
If you have any questions about this privacy policy or concerns related to your personal information, or if you wish to report any suspected privacy breach, please contact our Privacy Office by:
- sending an email at privacy@pythian.com or
- sending a letter to
Pythian Services Inc.
319 McRae Avenue, Suite 700
Ottawa, Ontario, Canada K1Z 0B9
We do not have a dedicated phone extension number for privacy matters, but we will respond to your emails in a timely manner.
Information covered by this privacy policy
Pythian is a Business-to-Business organization. This means that we offer services to companies and not to individuals. However, Pythian may collect information from you as an individual in connection with services we offer to a company you work for, or when you interact directly with us, whether as a representative of a company that is a Pythian customer or as a job applicant or as an individual interested in obtaining information that Pythian offers on its website. In any of these events, Pythian collects your personal information in the role of a controller. For the avoidance of any doubt, this privacy policy does not apply to the extent we process personal information in the role of a processor on behalf of our customers.
This privacy policy applies only to personal information. Personal information is any information relating to an identified individual or that can be used to identify an individual. Pythian collects personal information only as necessary to operate its business and provide you with services. Personal information protected by this privacy policy is information about a natural person (also called a “data subject”). In many instances the only information we collect about you is limited to name, work phone number, work email address and work address (“Business Contact Information”). In some jurisdictions, Business Contact Information constitutes personal information.
Personal information that Pythian collects from employees in connection with their employment is subject to Pythian’s employee privacy policy, so this privacy policy does not apply to that specific collection. Our website may contain links to services or products of third parties. If you use those links and provide personal information to those third parties, this privacy policy will not apply.
If identifiers are removed from the personal information so that you can no longer be identified from that information, then the data is said to be anonymized and it is not considered personal information. As such, anonymized information falls out of the scope of this privacy policy. Examples of anonymized information include, for example, demographic information without identifiers, blind information about how you use our services and about the transactions you perform using our websites or services and other information obtained through your access to or use of our websites that does not identify you personally.
Personal information we collect and how it is collected
Pythian collects personal information from job applicants, business contacts within potential client organizations, employees of existing Pythian customers, visitors to Pythian offices and website users. Depending on the nature of your interaction with Pythian, Pythian may collect, in addition to collecting your contact details (name, email address and phone number), additional information, as described below.In any event, we will not collect from you more than the information that is necessary for us to provide you the services you are requesting. We may collect from you or about you the following kinds of personal information, which we have grouped in the following categories:
- Business Contact Data
- Job Applicant-related Data
- Usage Data
- Marketing and Communications Data
We provide a detailed explanation about the above here.
We may collect this personal information either directly from you or indirectly through cookies or third parties.
Direct collection
You give Pythian personal information directly when you interact with our website, or interact with us in person or otherwise directly, including when you provide to us your Business Contact Data so that we can communicate with you as a representative of a Pythian customer or supplier. We collect this information directly from you, for example, when:
- you create an account on our website (where permitted) or otherwise provide your contact information on our website, whether it is to download a white paper, ask for information about our services or any other similar purpose;
- you work for a customer of Pythian and you provide your Business Contact Data to us in connection with the services we provide to your organization;
- you register with us for a sales event or a conference;
- you participate in forums, wikis or blogs;
- you contact us by phone, email, text or chat sessions relating to customer support or other matters;
- you apply to a job on our website.
Indirect collection of information
Pythian also may collect some personal information from you through indirect means such as (a) cookies and similar technologies and (b) third parties:
(a) Collection through cookies and similar technologies
As many other websites do, Pythian website uses cookies that collect some information automatically and store it in log files. A cookie is a small text file that can be placed on your computer or mobile device when you visit a website. This information may include device location, browser type, operating system and other information relating to the use of Pythian website. Cookies allow you to navigate efficiently between pages within our website, and they also allow Pythian to remember your preferences, so we can provide you a better user experience.
Learn more about Cookies
You may manage your preferences with respect to our use of cookies and similar technologies. You have many choices to manage cookies on your computer. All major browsers allow you to block or delete cookies from your system. It is important that you understand that if you choose to block cookies, you may not be able to use certain services or features of a service, including logging into your account, download documents from our website or apply for a job.
(b) Collection through third parties
Pythian may obtain information about you from third parties, such as, for example:
- A company your work for, if that company is a customer of Pythian;
- third parties who are authorized by you, at the time of registering at an event or otherwise; to share your information with Pythian;
- services providers we use in order to process your requests or job applications;
- publicly available sources.
Any personal information about you that we receive from third parties will be treated by Pythian in accordance with this privacy policy, along with any additional restrictions imposed on us by the third party. However, the third party’s own use of your personal information will be governed by your own agreement(s) with the third party or by their own privacy policy. Before providing personal information to a third party, which you intend to reach Pythian, make sure to also review that third party’s privacy policy.
How personal information is used
Pythian may process your personal information to:
(a) provide, improve or develop the requested services to fulfill a request from you or fulfill our contractual obligations with the company you work for;
(b) send communications to you, including commercial electronic messages and promotional communications; and
(c) comply with legal requirements.
We provide a more detailed description of our purposes for collection here.
Disclosure to third parties
As almost every other company, we use third party service providers to manage many of our business operations. In some instances, these operations include our use of third party applications that will store your personal information on our behalf. Our use of these third party applications is necessary for us to complete a transaction with you or the company you work for or provide you with a service you requested or otherwise fulfill the purpose of our business relationship. These third parties do not use your personal information or have access to it for any purpose other than for cloud storage and retrieval or to provide the services Pythian has contracted from them in connection with Pythian’s business operations. For example, we use cloud service providers, such as Google, in order to connect with you via email, set up meetings on our calendar, and create documents and share them with you. We also use web-based software vendors, which address specific needs that facilitate our interactions with you.
View more detailed information about Disclosure to Third Parties.
Lawful basis for collection and retention
We rely on our legitimate interest to conduct our business when processing personal information about you, including granting third parties with access to your personal information. If the law requires that we obtain your consent for a specific disclosure, we will not collect your personal information unless you provide such consent.
View additional details on Lawful Basis for Collection.
Pythian will only retain your personal information for as long as necessary to fulfill the stated purposes, or for a period specifically required by applicable laws. When no longer required, Pythian will take steps to have the information deleted, destroyed, erased, aggregated or made anonymous.
Pythian does not sell or license your personal information.
Your rights and choices
Your rights and how to exercise them
When you provide personal information, the law recognizes certain rights that you may exercise with respect to that information as well as choices you can make to limit our use of your personal information. Pythian is subject to the Personal Information Protection and Electronic Documents Act (PIPEDA), the General Data Protection Regulation (GDPR), UK Data Protection Act, 2018 (including the UK GDPR) and the Privacy Act 1988 (Cth).
Your rights under privacy legislation to which Pythian is subject include:
- Right to know why we need your personal information and how we use it
- Right to access the personal information we hold about you
- Right to expect that we keep accurate, complete and up-to-date information about you and for your personal information to be corrected
- Right to get your personal information erased (right to be forgotten
- Right to restrict the processing of your personal information
- Right to obtain and reuse your personal information for your own purposes across different services
- Right to object to our processing of your personal information based on certain legal basis or for direct marketing or for purposes of scientific/historical research and statistics
- Right not to be subject of a decision that is based solely on automated means
If you want to learn more about your rights in any of these jurisdictions, view additional information.
Your choices
You have choices about the information that is collected about you. You can refuse to provide Pythian with your personal data; however, there is a minimum amount of personal information needed so that you can complete any specific transaction, access any particular area of the site, register a user account and/or access certain features of our services. If you choose not to provide the minimum personal information required, you may not be able to register an account or use the applicable service.
You can also choose whether you wish to receive marketing or promotional messages from Pythian (commercial electronic messages) by using the unsubscribe mechanism made available to you in the message or by otherwise contacting the Privacy Office.
Security of your personal information
Pythian has implemented and maintains administrative, technical and physical security measures for the safeguard of your personal information from unauthorized access, alteration, loss, theft or disclosure. These measures include computer safeguards, as well as secured files and buildings. We store your personal information on computer systems that have limited access and are located in secure facilities. In the event we share information with third party service providers, we restrict the ability of such parties to use or disclose the information we furnish. We also require such parties to apply appropriate security measures to protect information. We use reasonable measures to strive to safeguard and secure the personal information we collect. Transfers of personal information over the internet are done using encryption technologies. Any transmission of personal information by you to Pythian is at your own risk. Technology such as Transport Layer Security (TLS) or Secure Shell (SSH) is used to enhance security and reduce risk of loss. We update and test our security technology on an ongoing basis. We restrict access to your personal information to those personnel who need to know that information to provide services to you. In addition, we train our personnel about the importance of confidentiality and maintaining the privacy and security of your information. You also have an obligation to safeguard your personal information. Our security practices, processes and technology do not guarantee absolute security of your information and you can reduce the risk of unauthorized access to your personal information by using common sense security practices. Some security best practices include, but are not limited to:
- control access to your computer systems;
- create a strong password;
- use different passwords for different services;
- use up-to-date antivirus software;
- keep passwords confidential (no sharing);
- close browsers;
- avoid using public networks (e.g., internet cafes, etc.)
International operations and onward transfers
Pythian maintains major data centers in Canada and the United Kingdom. To be able to provide and support the functioning of our services, your personal information may be collected, used, processed, transferred or stored by or on behalf of Pythian in multiple jurisdictions, including countries that may be outside of the region where you are located. When we process your personal information, we take steps to make sure that the processing complies with this privacy policy. If you are a resident of the European Economic Area and you provide us your personal information, we many need to transfer it for storage or other necessary processing activity outside of your country of residence. When we do so, we use different mechanisms permitted by law, including contracts with third party service providers, to make sure your personal information is protected in accordance with this privacy policy and the EU data protection legislation.
View more information
Parents and children
We do not knowingly collect personally identifiable information from children under 16. We will cancel the registration of any user account initiated by a child upon becoming aware of any such registration. Parents have the right to terminate the registration of a child under 16. Please contact Pythian at privacy@pythian.com to instruct such termination.
Third party websites
This privacy policy includes links to third party websites that contain information useful to you. We are not responsible for those third party websites or for the information those third parties collect from you. We recommend that you review the privacy policies of those third parties to understand the information they collect when you visit their websites and how they use it.
Filing a complaint
The law applicable in your jurisdiction may grant you rights to make a complaint at any time to a supervisory authority with respect to data protection issues. Some examples:
- In Canada you may contact the Office of the Privacy Commissioner of Canada at https://www.priv.gc.ca/en/contact-the-opc/.
- In Australia, you may contact the Office of the Australian Information Commissioner, at https://www.oaic.gov.au/privacy/privacy-complaints/.
- In the UK you may contact the Information Commissioner’s Office at www.ico.org.uk and other countries in the European Union will offer a similar supervisory authority.
- In a member state of the EEA, you may contact the supervisory authority in the relevant member state. You can find information about local date protection authorities in the EEA countries at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
IMPORTANT: before making any complaint about Pythian, please communicate your concerns to us. Pythian welcomes ethical vulnerability and bug disclosures to securityreview@pythian.com.
COMPLAINTS OR CONCERNS NOT SUBJECT TO THIS POLICY - We evaluate all submissions and only vulnerabilities which are new and unknown to Pythian will receive a response. You can assume vulnerabilities discovered using commonly available scanning tools have already been submitted and reviewed. Vulnerabilities submitted to privacy@pythian.com will not be actioned and will be deleted.