Privacy Policy
Last Revision: April 2021
Centro, LLC and its affiliates (“Centro“, “we” or “us“) is committed to protecting the privacy of the users of its website at the address https://www.centro.rocks or any other website managed and controlled by Centro(the “Site“) and its online products, including the Centro and Grok™ service (each a “Service” and collectively the “Services“).A User may be either an entity which executed an agreement with Centro or with Centro’s resellers or distributors who provide Centro’s Services (“Customer“) or Customer’s users of the Services (“EndUser(s)“) or visitors of the Site (collectively “Users” or “you“).This Policy explains the types of information we may collect from you or that you may provide when you visit the Site or use the Services and our practices for collecting, using, maintaining, protecting, and disclosing that information, as well as your rights in determining what we do with the information that we collect and hold about you. GENERAL (THIS SECTION APPLIES FOR ALL SERVICES)
Please refer to the specific Section(s) about the Site or Services you use or plan to use for a complete review of the relevant practices.
A. CONSENT AND PRINCIPALS OF PROCESSING DATA
Centro processes data fairly, lawfully, in a transparent manner and in accordance with individuals’ rights(as applicable). The use of information collected through our Services shall be limited to the purpose of providing the service for which our Client has engaged Centro or, if collected through the website or other marketing means, to Centro’s legitimate interests, where we have considered these are not overridden by your rights.Centro may process data of an End User on behalf of the Controller when the Controller obtains consent from an End User or when there is another basis for doing so under applicable law. For purposes of this Privacy Policy, a Controller may mean a Customer or anyone acting a Customer’s behalf or, Centro (only in connection with information provided to it through the website or for marketing purposes). (the “Controller”), Customers who cause Centro to process Personal Information of an End User are obligated to hold all appropriate consents (if applicable) and may only utilize the Services pursuant to applicable law. We may transfer Personal Information between Controlling entities (Salesforce, Slack, and/or Gmail) that help us provide our Services. Transfers to subsequent third parties are covered by the service agreements with our Customers (the Controller). Furthermore, Centro supports End Users’ rights under certain laws, to retrieve any information retained on our servers which relates to such End User. Centro acknowledges that you may have the right to access your Personal Information. We have processes in place to accommodate an End User’s rights to delete data, amend erroneous data, access data and receive PersonalData or Sensitive Data in a machine readable commonly used format, all subject to reasonable technical restrains and abilities. For more information, please see the Section “Modification or Deletion of Data” under the applicable Site or Service Section. Centro will never discriminate against any person based on his/hers exercising of their rights hereunder.Personal Information or Personal Data is information by which an individual may be personally identified, including name, address, e-mail address, telephone number or any other information that is defined as Personal Information, Personal Data, or Personally IdentifiableInformation under an applicable law (hereinafter referred to as “Personal Information”)Users are not obligated to provide us with any information by law. However, we require certain information in order to operate properly. Under some jurisdictions (such as under certain applicable E.U. legal frameworks or California Laws), a User has a right to withdraw its consent at any time and in some cases (subject to applicable laws) to request cessation of any collection of Personal Information. In such a case, the withdrawal will not affect the lawfulness of processing based on consent before its withdrawal but certain services may not function without certain information provided.Please note that consent for the gathering and processing of data for one Service does not automatically mean that a User consents to the processing of data in connection with other Services.Controller should always make sure that the User’s consent is relevant, clear, valid, and to the extent reasonably possible, not “bundled” with any other written agreement (especially if required under applicable laws), unambiguous and if required under applicable law, affirmative and active (meaning not by virtue of any inaction).Centro aims to process only adequate, accurate and relevant data limited to the needs and purposes for which it is gathered.It also aims to store data for the time period necessary to fulfill the purpose for which the data is gathered. Centro only collects data in connection with a specific legitimate purpose and only processes data in accordance with this Privacy Policy.
B. MINORS
We do not knowingly collect or solicit information or data from children under the age of 18 or knowingly allow children under the age of 18 to register for the Centro Service. If you are under 18, do not register or attempt to register for any of the Centro Service or send any information about yourself to us. If we learn that we have collected or have been sent Personal Information or Personal Data from a child under the age of 18, we reserve the right to delete that Personal Information or Personal Data as soon as reasonably practicable. If you believe that we might have collected or been sent information from a child under the age of 18, please contact legal@Centro.rocks as soon as possible.
C. INFORMATION SECURITY
We take great care in implementing, enforcing and maintaining the security of our Services, Site and Users’ information. Centro implements, enforces and maintains security policies to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of Personal Information or Personal Data and to monitor compliance of such policies on an ongoing basis. The information is hosted on the AmazonCloud in the United States which provides advanced security features and is compliant with the ISO 27001 standard. All information is stored with logical separation from information of other Customers. However, we do not guarantee that unauthorized access will never occur.We use a combination of processes, technology and physical security controls to help protect Personal Information andPersonal Data from unauthorized access, use, or disclosure. When PersonalInformation or Personal Data is transferred over the Internet, we encrypt it using Transfer Layer Security (TLS) encryption technology or similar technology. Each server is protected by a firewall, exposing it only to the minimum ports necessary. However, no security controls are 100% effective, and we cannot completely ensure or warrant the security of your PersonalInformation.Unless otherwise agreed with the Customer and subject to applicable law, Centro shall act in accordance with its policies to promptly notify Customer in the event that any Personal Information or PersonalData processed by Centro on behalf of a Customer is lost, stolen, or where there has been any unauthorized access to it.Centro may share and use your personal information with third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run the Centro Service. Where practical, we seek to obtain confidentiality agreements that are consistent with this Privacy Policy and that limit others’ use or disclosure of your Personal Information and PersonalInformation.
D. CHANGES TO THE PRIVACY POLICY
The terms of this Privacy Policy will govern the use of the Site and Service and any information collected in connection therewith, however, Centro may amend or update this Privacy Policy from time to time. The most current version of this Privacy Policy will always be posted at https://www.Centro.rocks/privacy. We will endeavor to provide notice of material changes to this policy on the homepage of the Site and/or via an e-mail. Such material changes will take effect thirty (30) days after such notice was provided on ourSite or sent by email. Otherwise, all other changes to this Privacy Policy are effective as of the stated “Last Revised” date and your continued use of the Site and/or Services will constitute your written acceptance of, and agreement to be bound by, the changes to the Privacy Policy.
E. EU-US PRIVACY SHIELD AND SWISS-U.S.PRIVACY SHIELD
Centro, LLC. participate in and have certified their compliance with the E.U.-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. Centro,LLC. remains committed to subjecting all personal data received from EuropeanUnion (E.U.) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, and to view our certification, visit the U.S. Department of Commerce’sPrivacy Shield List. https://www.privacyshield.gov/list. Centro LLC. is responsible for the processing of personal data it receives, under each Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Centro, Inc. remains compliant with the Privacy Shield Principles for all onward transfers of personal data from the E.U. and Switzerland, including the onward transfer liability provisions.With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Centro may be subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Centro may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.You can direct any questions or complaints about the use or disclosure of your E.U. Personal Data to legal@Centro.rocks. We will investigate and attempt to resolve any complaints or disputes regarding the use or disclosure of your E.U. Personal Data within 45 days of receiving your complaint.If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
F. QUESTIONS, CONTACT INFORMATION AND COMPLAINTS
If you have any questions (or comments)concerning this Privacy Policy, you are welcome to send us an email or otherwise contact us at the following address and we will make an effort to reply within a reasonable timeframe.E.U. citizens have the right to lodge a complaint with a supervisory authority (Data Protection Authority in your jurisdiction) in case of a breach of any E.U. data protection and privacy regulations.If the supervisory authority fails to deal with a complaint or inform you within the time frame set under applicable law, you have the right to an effective judicial remedy. Please do not hesitate to contact us:
legal@Centro.rocks
Centro, LLC.
1495 Canyon Blvd
LL 26
Boulder, CO 80302
USA