Please read this Policy carefully. It applies to all interactions you have with Theta Lake’s products and services, including the Theta Lake Security and Compliance Suite (“Services”) and this website. Agreements you execute with Theta Lake may contain more specific privacy provisions, and in that event, those agreements will control. If you have any questions about this Policy, please contact us using the information provided below.
Personal Information Theta Lake Collects
We collect the following personal information to provide and maintain our Services.
Website and Events. If you are interacting with us on this website by entering personal information for informational, marketing, or employment purposes, or requesting details from us, we may collect personal information you provide such as an email address, phone number, employer, job title, resume, and other professional details. Theta Lake may also collect this type of personal information at in-person or virtual events.
Cookies. Theta Lake use technologies like cookies and pixel tags to provide, improve the functionality of, protect, and promote our website and the Services. For example, cookies help us with things like remembering your username for your next visit. You can set your browser to not accept cookies, but this may limit your ability to use the Services and our website. We use third-party service providers that set cookies and similar technologies on our website to promote Theta Lake through retargeting. You can learn more about how cookies and similar technologies work, as well as how to opt out of the use of them for advertising purposes, here.
Theta Lake Security and Compliance Suite. We collect personal information as part of your use of the Services and to provide customer support. This includes the personal information you provide to us as a customer like data from collaboration or chat platforms, login and profile personal information (name, employer, job title, email address, and username), computer information (IP address, browser, device), and usage information (review status, comments, suggestions about Service improvements, and annotations) to make use of the Services, which is more fully described in your agreement for the Services.
We sometimes contact people who don’t have a Theta Lake account. If you receive an email and no longer wish to be contacted by Theta Lake, you can unsubscribe and remove yourself from our contact list via the message itself.
In certain circumstances, if you decline to provide your personal information or ask us to delete it, we may be unable to continue to provide relevant Services or related support.
Purposes for which Theta Lake Processes Personal Data
Theta Lake processes your personal information:
- to provide and maintain the Services pursuant to its agreements;
- in furtherance of its legitimate interests in operating Services and our business;
- with consent;
- to secure the Services, including conducting routine audits and performance monitoring;
- to vet prospective employees as part of the hiring process;
- to comply with any applicable law, legal process, or regulation;
- to protect any person from death or serious bodily injury; and
- to carry out a task in the public interest.
Examples of Theta Lake’s personal information processing activities include to:
- Operate the Services by providing access;
- Provide support and troubleshooting for the Services;
- Recordkeeping for the proper and necessary administration of our business;
- Responding to unsolicited communication from you to which we believe you would expect a response;
- Communicate with you by email, social media, postal mail, telephone, or other means about promotions, upcoming events, and Theta Lake news;
- Protect and assert the legal rights of any party.
Disclosure of Personal Information
To provide the Services, Theta Lake relies on trusted third-party subprocessors with whom it maintains agreements that contain relevant confidentiality, privacy, and security provisions. A list of subprocessors is available on Theta Lake’s support portal.
Theta Lake does not sell information to third parties.
Security and Retention of Data
Theta Lake has a team dedicated to keeping personal information secure and testing for vulnerabilities. Theta Lake develops features to keep personal information safe and the Services encrypt data in transit and at rest. The Services include optional security controls like two-factor authentication.
Theta Lake conducts annual SOC 2, Type II and PCI DSS audits. We map our SOC 2, Type II controls to ISO 27001 and HIPAA. See our Security Architecture webpage for an overview of Theta Lake’s security practices.
Theta Lake retains personal information only for as long as is necessary to fulfill the business purpose it was collected. We retain and use your personal information, consistent with this Policy, for as long as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. In certain circumstances we may retain personal information after you have closed your account for legal, internal compliance and audit, and recordkeeping purposes.
Customers have control over data retention settings in the Services and can apply multiple retention periods to their data. Theta Lake retains data backups for business continuity and disaster recovery purposes.
Control of, and Access to, Your Data
With respect to the personal information Theta Lake collects, you can ask us to:
- Validate whether personal information about you is being processed;
- Request details about how we process personal information;
- Correct, update or delete personal information that we maintain; and
- Withdraw your consent allowing us to process your personal information or restrict the way we process it.
Theta Lake offers self-service capabilities in the Services to facilitate search, retrieval, updating, preservation, and deletion of personal information. Capabilities for redaction and remediation of content are also available in the Services. Requests related to personal information collected from the website or conferences can be submitted using the contact details provided below or, for Theta Lake customers, pursuant to the protocols that may be outlined in your agreement.
Transfers of Personal Information
Theta Lake enters into a Data Processing Addendum, including the EU’s Standard Contractual Clauses or UK IDTA, as appropriate, with relevant customers, subprocessors, and others to facilitate cross-border transfer of personal information consistent with European Union and United Kingdom standards. Agreements are further modified on an as needed basis to comply with other global privacy laws and regulations.
Changes to the Privacy Statement
Theta Lake may amend this Privacy Statement from time to time. In the event there are material changes, we will highlight those changes on this webpage and, if necessary, send emails alerting users about changes.
Individuals with inquiries or complaints regarding this Policy should contact Theta Lake at:
Theta Lake, Inc.
1221 Chapala St Suite 6
Santa Barbara, CA, 93101
Last updated: August 1, 2023.