Akana Privacy PolicyLast revised: January 22, 2024Effective date: January 22, 2024 1. OverviewPerforce Software, Inc., a Delaware corporation, on its own behalf, and on behalf of each its subsidiaries, affiliates, and related organizations (including Rogue Wave Software, Inc., Puppet, Inc., and Perfecto Mobile Inc.) (collectively, “Perforce,” “we,” “us,” or “our”) is committed to protecting and respecting your privacy. We have developed this privacy policy (the “Policy”) to provide you with information on how we collect personal information from you, what we do – and do not do – with your personal information, and what your rights are with respect to such personal information provided to us. This applies to information we collect on any of our websites that link to this Policy as well as personal information we gather off-line. For the purposes of applicable data protection law, Perforce is a data controller that determines the purposes and means of processing with regard to the personal information processing described in this Policy. 2. Information we collect and how we collect itPersonal information (or “personal data”) is any information that can identify you, whether directly or indirectly. We process different types of personal information (for example, your name, company name, email address, home and/or work address, and/or telephone number). Most personal information that we process is collected from you voluntarily and directly such as: your name and contact information when you subscribe to our mailing lists and company newsletter;information you provide when interacting with our Public Depot, KnowledgeBase, Perfecto Services Platform, user lists, and weblog or when reporting a problem with the websites;contents of correspondence and conversations you have with us, including conversations using our chat bot feature and the contents of email messages and chat messages that you send us on any platform;information you provide registering with Gliffy, billing information for Gliffy Premium, and any feedback provided to us;details of any service requests such as customer support, technical support, interactive demos, training, and consulting;communications with you;credit card and billing information in case of online purchases or other payments;your access credentials, such as your login id and password; andinformation submitted in any testimonial, comment, or other feedback message on a blog or other public- forum hosted on the Websites.You are under no obligation to provide such information. However, certain services we provide may not function or may not function completely if you do not provide certain information. For example, we may be unable to provide customer support in the event that relevant contact details, or information related to the use of our products or services, is withheld. We also collect personal information about you indirectly by observing your activities and behavior on our websites. This includes:information about the devices you use to access our website, such as IP address, browser type and version, operating system type and version;the address of any webpage that referred you to us, the pages you access, and the date and time of such access; andinformation about your interests.Please note that we may use third-party tools in connection with the processing of this kind of personal information. We may also collect personal information about you from third-party public sources such as LinkedIn, the website of your company, or your employer. We may also collect personal information from partners who host webinars or other events in collaboration with us or on our behalf. We sometimes also collect personal information when you interact with us or our partners on platforms like Slack and MeetUp. We may combine personal information that you provide with information collected off-line or from third parties. We may use personal information from certain communications with you relating to customer support, and/or information drawn from such communications, for statistical and/or reference and training purposes.your name and contact information when you subscribe to our mailing lists and company newsletter;information you provide when interacting with our Public Depot, KnowledgeBase, Perfecto Services Platform, user lists, and weblog or when reporting a problem with the websites;contents of correspondence and conversations you have with us, including conversations using our chat bot feature and the contents of email messages and chat messages that you send us on any platform;information you provide registering with Gliffy, billing information for Gliffy Premium, and any feedback provided to us;details of any service requests such as customer support, technical support, interactive demos, training, and consulting;communications with you;credit card and billing information in case of online purchases or other payments;your access credentials, such as your login id and password; andinformation submitted in any testimonial, comment, or other feedback message on a blog or other public- forum hosted on the Websites. 3. Why we process your personal informationWe will only use your personal information for the purposes for which we collected it. These purposes include:Fulfilling orders and requests for products, services, or information;Entering into our End User Agreement with you (whether with you individually or on behalf of the company that you work for) and performing our obligations under it;Identifying you on our websites in order to customize your experience;Ensuring content from our websites is presented in the most effective manner;Providing you with promotional materials and advertising our products and services;Providing customer support, permit product evaluations, or otherwise manage our relationship with you;Conducting research and analysis;Allowing you to pay for our products and services;Administering our website, products, and services, including managing security, managing live communications (chat bot and messaging services), delivering partner-hosted webinars, and improvement planning;Resolving disputes and troubleshooting problems;Preventing potentially fraudulent, prohibited, or illegal activities;Allowing you to participate in interactive features of our service when you choose to do so;Notifying you about changes to our services; andPerforming our obligations as may be required by law.We will obtain your consent to send you marketing emails. Note that you can withdraw your consent at any time by clicking on the unsubscribe link contained in each email, by sending an email to privacy-request@perforce.com or under one of the other methods set forth in Section 14, “Contact Us and How We Communicate with You,” below.4. Sharing your personal information with third partiesWe occasionally hire service providers to process personal information on our behalf. We require such third parties to maintain the confidentiality of any personal information processed by them and to refrain from using our personal information for any purposes other than those we direct.We also share personal information with analytics providers to help us understand our websites’ effectiveness and how to improve our websites. Likewise, we share personal information with behavioral advertising networks so that we can maintain a marketing relationship with individuals who may be interested in our products or services.Some of our products and services are co-branded and/or offered in conjunction with services and products developed by other third-party companies. This may occur, for example, where software that we develop is sold by a third party in a package with their own software that complements ours. We may share with those third parties such personal information collected in conjunction with the co-branded products and services.In addition, we may share your personal information with:Our parent company, Perforce Software Holdings, Inc., and the affiliates and subsidiaries it controls, in order to support our provision of services to you.Companies that may acquire our business or any part of it. Should a combination occur, we will require that the new combined entity, or the acquiring entity, follow this Policy with respect to your personal information. If your personal information is intended to be used contrary to this Policy, you will receive prior notice and the opportunity to communicate preferences you may have, if applicable.Please note that the contents of conversations with our chatbot are shared with the service provider, Drift. As set forth in the chatbot window and in our Terms of Service, your use of the chatbot feature constitutes your consent to this sharing.Law enforcement, government officials, or other third parties if Perforce is compelled to do so by law, such as under a subpoena or court order, when it is necessary to do so to comply with applicable laws, where the disclosure of personal information is reasonably necessary to prevent physical harm or financial loss, to report suspected illegal activity, to investigate violations of the Perforce licensing agreements, or as otherwise required by law. 5. Retention and deletion of personal informationWe will only retain data for as long as is necessary and in accordance with our data retention procedures. We will retain your personal information if you are a customer for as long as is needed to manage any account held with us and to be compliant with legal and regulatory requirements.We will retain your personal information if you are a prospective customer (for example, if you have inquired about our products and services), or if you have joined our marketing list for one year from our last communication with you unless you request otherwise (as described under Section 10, “Your Privacy Rights,” below). 6. Where we store your personal informationWe are based in the United States, but we also have servers located in several other countries. The data we collect from you, regardless of where you are located, may, therefore, be transferred to, and stored at, locations both inside and outside the United Kingdom and the European Economic Area (“EEA”).We take appropriate steps to ensure that the personal information we collect under this Policy is processed according to the provisions of this Policy and the requirements of applicable law no matter where the data is stored. When we transfer your personal data outside the UK or EEA, we will take all steps reasonably necessary to ensure that any such transfer is made securely and that there is adequate protection in place in order to protect your personal data.7. CookiesCookies are text-only pieces of information that Websites transfer to an individual’s hard drive or other Websites- browsing equipment for record-keeping purposes. Cookies allow the Websites to remember important information that will make your use of the Websites more convenient. A cookie will typically contain the name of the domain from which the cookie has come, the “lifetime” of the cookie, and a randomly generated, unique number or other value. Certain cookies will be used on the Websites regardless of whether you are logged in to your account or not. When you use and access the Websites, we may place a number of cookie files in your web browser. To view our cookie policy, please click this link:https://www.perforce.com/cookies-policy8. Protecting children's privacyWe are committed to protecting children's privacy on the internet. We do not knowingly collect personal information from children under the age of 18.9. Compliance with this Policy and regulatory frameworksWe regularly review our compliance with this Policy. If we receive a formal written complaint, we will contact the person who made the complaint to follow up and investigate the matter. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal information that we cannot resolve with our users directly. If you are dissatisfied with our adherence to any aspect of this Policy, or any of our data processing obligations, you may make a complaint to a data protection supervisory authority.10. Your privacy rightsIf we hold your personal information, depending on the jurisdiction in which you reside, you may have some or all of the following legal rights with respect to your personal information:Request to confirm the personal information we process about you or to review such personal information;Request that we correct any errors, outdated information, or omissions in the personal information that we hold about you;Request that we no longer send marketing or promotional e-mails, post, phone, or mobile marketing communications;Object to the processing of your personal information in certain circumstances;Request that we delete your personal information;Request to opt-out of the selling of your personal information;Request to opt-out of the use of your personal information for behavioral advertising;Request to opt-out of the processing of sensitive personal information that is not necessary for us to provide our services to you (note, however, that we already restrict our use of sensitive personal information in this way; you do not need to make such a request to us); andAppeal the action we take in response to any request you make to exercise the above rights.To exercise any of these rights, please provide your request and current contact information so that we can get back to you through one of the contact methods listed under Section 14, “Contact Us and How We Communicate with You,” below.Please note:For your protection, we may need to verify your identity before implementing any request made to exercise your rights detailed above; andIn some cases, if your request concerns deletion of data, we may not be able to entirely remove your content or personal information, in which case we will let you know if we are unable to do so and why. For example, we may need to retain certain information for record-keeping purposes and/or to complete any transactions that you began prior to requesting such deletion.Where permitted by law, we may refuse your request if you have made excessive requests in the past twelve (12)-month period.If you are appealing our response to a request you have made to exercise your rights, please tell us what rights you wished to exercise and explain why you disagree with our response.We will provide a response to an access request within the timeframes required by law. If we cannot substantively respond to your request in a timely manner, we will notify you and provide the reason for the delay.Please note that our websites respond to the “Do not track” signal for cookies that are not needed for the websites to function, but none of our products and services currently respond to the “Do not track” signal for cookies. 11. SecurityWe employ reasonable organizational and technical security measures to protect personal information and we require our service providers to do the same. Unfortunately, no data transfer or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please immediately notify us in accordance with the methods listed under Section 14, “Contact Us and How We Communicate with You” below.12. California Consumer Privacy Act (CCPA) Privacy NoticeThis section of the privacy notice is for California residents and applies solely to visitors, users, and others who reside in the State of California (“consumers” or “you”) to address their rights under the California Consumer Privacy Act (“CCPA”) and other California privacy laws.A. Collection of Personal InformationThe following tables show the categories of personal information we have collected in the last twelve (12) months and indicates whether each category of personal information has been shared for a business purpose or sold to a third party. CategoryCollectedA. Identifiers.YesB. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).YesC. Protected classification characteristics under California or federal law.NoD. Commercial information.YesE. Biometric information.NoF. Internet or other similar network activity.YesG. Geolocation data.YesH. Sensory data.NoI. Professional or employment-related information.NoJ. Non-public education information NoK. Inferences drawn from other personal information.Yes B. Disclosure of Personal Information In the past twelve (12) months, we have sold or shared information for cross-contextual behavioral advertising purposes to third parties as described in the table below. CategoryIf sold or shared, Categories of RecipientsDisclosed for a Business PurposeA. Identifiers.Third-party analytics providers and network advertisersService providersB. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))Third-party analytics providers and network advertisersService providersC. Protected classification characteristics under California or federal law.Not sold or sharedService providersD. Commercial information.Not sold or sharedService providersE. Biometric information.Not sold or sharedService providersF. Internet or other similar network activity.Third-party analytics providers and network advertisersService providersG. Geolocation data.Not sold or sharedService providersH. Sensory data.Not sold or sharedService providersI. Professional or employment-related information.Not sold or sharedService providersJ. Non-public education informationNot sold or sharedService providersK. Inferences drawn from other personal information.Not sold or sharedService providers Please refer to Section 4, above, for more information on our privacy practices with regard to service providers. Please note that we do not collect sensitive personal information and have not done so within the last twelve (12) months. C. Your RightsYou have the right to direct us to not sell or share your personal information at any time (the “right to opt-out”). To exercise the right to opt-out, you (or your authorized representative) may visit Do Not Sell or Share My Personal Information. You do not need to create an account with us to exercise your opt-out rights. We will only use personal information provided in an opt-out request to comply with the request. You also have the right to request that we restrict our processing of sensitive personal information to only that which is necessary to deliver our products and services to you. We already limit our processing of sensitive personal information in this way. If you have any questions or requests relating to this topic, please contact us using one of the described methods in Section 14, “Contact Us and How We Communicate with You,” below. The CCPA provides California residents with certain data subject rights regarding their personal information:Right to request disclosure of data collection and sales practicesYou have the right to request a disclosure ofThe categories of personal information collected;Categories of sources from which the personal information is collected;The purpose for collecting or selling personal information; andThe categories of third parties with whom we share personal information. Right of accessYou have a right to know what information has been collected, used, or shared about you within the past twelve (12) months.If requested, this information shall be provided in a readily useable format. Right of deletionYou have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions.Once we receive and confirm your verifiable consumer request, we will delete your personal information from our records, unless an exception applies. For example, we may need to retain certain information for record-keeping purposes and/or to complete any transactions that you began prior to requesting such deletion. Right to correctionYou have the right to make a request for the correction of errors or inaccuracies in your personal information. Right to non-discriminationWe will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:Deny you goods or services.Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.Provide you with a different level or quality of goods or services.Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services. “Shine the Light”You have the right to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. You may exercise your rights through someone that you authorize to make a request on your behalf. You can exercise your rights by contacting us via one of the described methods in Section 14, “Contact Us and How We Communicate with You,” below.13. GDPR Privacy NoticeThis section of the privacy notice is for residents of the United Kingdom and the EEA and applies solely to such individuals. Please note that if we need to process your personal information for a purpose other than those described in this Policy, we will notify you and indicate the legal basis or bases for such processing. Where necessary, we may request your consent for such processing.We process your personal information with your consent or on the basis that it is necessary:for the performance of any contract that we enter with you or to take steps at your request prior to entering into a contract;for the purposes of our legitimate interests in ensuring that we provide you with the best service possible in all our interactions with you, which includes providing you with information about products or services that are in line with your interests; andfor compliance with any legal obligation to which we are subject, for example, if a regulator requires us to disclose information to them.The GDPR provides individuals with certain rights relating to their personal data. To allow individuals to exercise such control, the GDPR provides the following data subject rights:Right of accessYou have the right to request copies of your personal data. We may charge you a small fee for this service.Right to rectificationYou have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.Right to be forgottenYou have the right to request that we erase your personal data, under certain conditions.Right to restriction of processingYou have the right to request that we restrict the processing of your personal data under certain conditions.Right to data portabilityYou have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.Right to objectYou have the right to object to our processing of your personal data under certain conditions.Right not to be subject to automated decision making To exercise these rights, please contact our Data Protection Officer by sending an email to privacy-request@perforce.com, or via one of the other described methods in Section 14, “Contact Us and How We Communicate with You,” below. Please also specify in your request the Perforce company to which your request pertains, otherwise we will treat your request as pertaining to Perforce. If your request or concern is not satisfactorily resolved by us, you may contact your local data protection authority.14. Contact Us and How We Communicate with You. Contact UsIf you have questions regarding our privacy practices, or this Policy, please contact us at privacy-request@perforce.com, call us at +1 (855) 584-2870, or write us at:Perforce Software, Inc. Attention: Privacy 400 North First Avenue, Suite 400 Minneapolis, Minnesota 55401 USA For knowledge/deletion requests, click here, or by submitting a request to us at privacy-request@perforce.com. For requests not to “sell” your personal information, click here, or contact us via email at privacy-request@perforce.com For general questions or concerns related to this Privacy Policy or our information practices, contact us via email at privacy-request@perforce.comHow we will communicate with youIf you have a business account with Perforce, we will communicate with you through the business account contact details. For all requests for communication with Perforce, please provide us with your contact information, and we will reach out to you through those provided contact details.15. Changes to this PolicyWe will review this Policy every twelve (12) months. In the event of any changes to our personal information processing practices, we shall publish an amended Policy.16. Acceptance of this PolicyYou should read this Policy carefully to ensure that you are happy with its contents. If you do not agree with this Policy, you should refrain from using our websites and our products.
