Stoplight may collect information in a variety of ways:
Contact information. A user is required to provide basic contact information (e.g., name and business email address) to create an account for the Services and identify you when you sign in to your account.
Account information. To administer, manage or update a Stoplight account, you or a Customer (the entity purchasing the Services if not an individual) supply Stoplight with names and email addresses for authorized users of the account, a domain and/or similar account details with respect to its users. In addition, self-service Customers that purchase a paid version of the Services provide Stoplight (or its payment processors) with billing details such as credit card information, and/or a billing address.
Log data. As with most technology services delivered over the Internet, our servers automatically collect information when you access or use our Site and record it in log files. This log data may include the Internet Protocol (IP) address, browser type and settings, the date and time the Services were used, and information about browser configuration and plugins.
Automated information collection. We also collect information using cookies, as described below under the “Cookies and Similar Technologies” section.
Stoplight uses information in furtherance of our legitimate interests in operating our Services, websites, and business. More specifically, Stoplight uses information:
- To provide, update, maintain and protect our Services, websites, and business. This includes use of information to support delivery of the Services to Customers, prevent or address service errors, security or technical issues, analyze and monitor usage, trends and other activities, or at a user’s request.
- To communicate with you by responding to your requests, comments, and questions.
- To consider you for possible employment with Stoplight in connection with an application that you submit through the Site, and communicate with you about your application.
- To investigate and help prevent security issues and abuse.
- For billing, account management, and other administrative matters. Stoplight may need to contact you for invoicing, account management, and similar reasons and Stoplight uses account data to administer accounts and keep track of billing and payments.
- To send emails and other communications. Stoplight may send you service, technical and other administrative emails, messages, and other types of communications. Stoplight may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices. These communications are considered part of the Services and you may not opt out of them. In addition, Stoplight sometimes sends emails about new product features, promotional communications, or other news about Stoplight. These are marketing messages so you can control whether you receive them. If you have additional questions about a message you have received from Stoplight please reach out through the contact mechanisms described below.
- As required by applicable law, legal process, or regulation.
Disclosures to Service Providers. Stoplight may engage third parties as service providers or business partners to process information and support our business. These third parties may, for example, provide cloud computing and storage services. To the extent necessary and applicable, these third-party service providers and partners will be bound by appropriate and commercially reasonable confidentiality obligations.
Disclosures for Legal Reasons. We may disclose collected information to a third party if we believe in good faith that such disclosure is necessary or desirable: (i) to comply with lawful requests or orders by public authorities; (ii) to address a violation of the law; (iii) to protect the rights, property, or safety of Stoplight, its users, or the public; or (iv) to allow Stoplight to exercise its legal rights or respond to a legal claim.
Disclosures to a Buyer of the Company. If our company or substantially all of our assets are acquired, or in the event of a merger or bankruptcy, information about you and/or information you provide to Stoplight may be among the transferred assets. You will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
With consent. Stoplight may share information with third parties when we have your consent to do so.
Most websites, including our Site, use a feature of your browser to set a small text file called a “cookie” on your computer. The site placing the cookie on your computer can then recognize the computer when you revisit the site to allow auto log in and track how you are using the Site.
When you visit our Site, our servers and/or those of our service providers automatically record certain information that your web browser sends, such as your web request, Internet Protocol address, browser type, referring/exit pages and URLs, landing pages, pages viewed, time and date of use, and other information.
You are free to decline cookies. You can configure your browser to accept all cookies, reject all cookies, erase cookies, or notify you when a cookie is set. Electing to reject or disable cookies may substantially limit your ability to use our Site.
- personalize your experience
- analyze which pages our visitors visit
- measure advertising effectiveness
- track which areas of our site you visit; in order to remarket to you after you leave
To disable or reject third-party cookies generally, please refer to the third-party’s relevant website.
Our Site contains electronic images known as “web beacons” (sometimes called single-pixel gifs) and are used along with cookies to compile aggregated statistics to analyze how our site is used and may be used in some of our emails to let us know which emails and links have been opened by recipients. This allows us to gauge the effectiveness of our Customer communications and marketing campaigns.
Stoplight gives you the opportunity to “opt out” of having your information used for certain purposes. If you no longer wish to receive our newsletter and promotional communications, you may opt-out of receiving them by following the instructions included in each newsletter or communication.
You may change any of your information in your account by editing your settings within your account or by sending an email to us at the address listed below. You may request deletion of your Personal Data by us, and we will use commercially reasonable efforts to honor your request, but please note that we may be required to keep such information and not delete it (or to keep this information for a certain time, in which case we will comply with your deletion request only after we have fulfilled such requirements). We cannot delete your Personal Data except by also deleting your user account.
Security is critical to Stoplight’s mission, and Stoplight takes security of data seriously. Stoplight uses industry-standard technical and organizational measures to protect information from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the information Stoplight collects, processes, and stores, and the current state of technology. Given the nature of communications and information processing technology, Stoplight cannot guarantee that information in our care will be absolutely safe from intrusion by others during transmission through the Internet or while stored on our systems or otherwise. When you click a link to a third-party site, you will be leaving our site and Stoplight doesn’t control or endorse what is on third-party sites.
If you are a resident of the EEA, the UK, or Switzerland, the following information applies.
Purposes of processing and legal basis for processing: As explained above, we process Personal Data in various ways depending upon your use of our Sites. We process Personal Data on the following legal bases:
- with your consent;
- as necessary to perform our agreements to provide Services;
- as necessary for compliance with a legal obligation to which we are subject; and
- as necessary for our legitimate interests in providing the Site where those interests do not override your fundamental rights and freedom related to data privacy.
Right to lodge a complaint: Users that reside in the EEA, the UK, or Switzerland have the right to lodge a complaint about our data collection and processing actions with your local data protection authority.
Transfers: Personal Data we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our service providers maintain facilities. Per the applicable requirements of the General Data Protection Regulation (“GDPR”), we will ensure that transfers of Personal Data to a third country or an international organization are subject to appropriate safeguards as described in Article 46 of the GDPR, such as the EU Standard Contractual Clauses.
Individual Rights: If you are a resident of the EEA, the UK, or Switzerland, you are entitled to the following rights under the GDPR. Please note: In order to verify your identity, we may require you to provide us with Personal Data prior to accessing any records containing information about you.
- The right to access, correction, and restriction of processing. You have the right to request access to, and a copy of, your Personal Data at no charge, as well as certain information about our processing activities with respect to your data. You have the right to request correction or completion of your Personal Data if it is inaccurate or incomplete. You have the right to restrict our processing if you contest the accuracy of the data we hold about you, for as long as it takes to verify its accuracy.
- The right to data portability. To the extent relevant based on the limited Personal Data we maintain, you have the right to ask for a copy of your data in a machine-readable format. You can also request that we transmit your data to another entity where technically feasible.
- The right to request data erasure. You have the right to have your data erased from our Site if the data is no longer necessary for the purpose for which it was collected, you withdraw consent and no other legal basis for processing exists, or your fundamental rights to data privacy and protection outweigh our legitimate interest in continuing the processing.
- The right to object to our processing. You have the right to object to our processing if we are processing your data based on legitimate interests or the performance of a task in the public interest as an exercise of official authority (including profiling); using your data for direct marketing (including profiling); or processing your data for purposes of scientific or historical research and statistics.
In accordance with the Guidelines on the concepts of controller and processor in the GDPR promulgated by the European Data Protection Board (the “EDPB”) on 7 July, 2021, Stoplight is an independent controller of the Personal Data processed in conjunction with its provision of the Services, as it decides the purposes and means of the processing of this limited Personal Data (i.e. name and business email for purposes of authentication to the Services).
Stoplight complies with the provisions of the GDPR as to any information in its possession regarding data subjects (as such term is defined in the GDPR). As such, Stoplight only processes personal information on data subjects where it has a lawful basis to do so, which may include the consent of the person (especially in the case of website visitors who provide their information), performance of a contract, compliance with a legal obligation, or the legitimate interest as the controller with respect to the provision of the Services. Stoplight provides notice to all data subjects as required by GDPR Article 13 or 14, as appropriate, and honors the rights of data subjects provided in Articles 12-23, including the right to be forgotten. For any opt-out requests or other inquiries related to privacy, please email [email protected]
Our Site is not directed to or intended for individuals under the age of 16. We do not knowingly collect or use any Personal Data from users of our Site who are under the age of 16. No Personal Data should be submitted to our Site by individuals who are under 16 years of age. If we learn that we have collected information from someone who is under 16, we will take steps to delete the Personal Data as soon as possible. If you believe we may have collected Personal Data from someone under 16, please contact us at [email protected].
Stoplight, Inc. 411 W Monroe St, #31 Austin, TX 78704 Attn: Legal Department