Privacy Policy

LaserData is an enterprise data infrastructure company. Customers may use the Services to process data, records, events, messages, files, schemas, logs, streams, tables, metadata, and other content called Customer Data. For Customer Data, LaserData generally acts as a processor, service provider, or similar role on behalf of the customer. The customer controls what Customer Data is submitted to the Services and is responsible for providing required notices, obtaining required consents, and responding to privacy requests relating to Customer Data.

This Privacy Policy primarily describes how LaserData handles personal information that we collect for our own business purposes, such as account registration, billing, support, website analytics, security, and marketing. If your personal information is contained in Customer Data processed by one of our customers, please contact that customer directly to exercise your privacy rights.

LaserData does not read, sell, rent, trade, monetize, or use Customer Data for advertising or unrelated business purposes. We do not use Customer Data to train, fine-tune, or improve artificial intelligence or machine learning models for the benefit of LaserData or third parties unless the customer expressly agrees in writing.

We access and process Customer Data only as necessary to provide, operate, maintain, secure, and support the Services; follow customer instructions and configurations; troubleshoot issues at the customer's request; prevent or investigate security incidents, fraud, abuse, or violations; comply with law, legal process, or enforceable government requests; and enforce our agreements and protect the rights, safety, and security of LaserData, customers, users, and third parties. Any necessary human access to Customer Data is limited to authorized personnel or contractors subject to confidentiality obligations and access controls.

The information we collect depends on how you interact with us. We may collect account and contact information such as name, business email address, phone number, company name, job title or role, mailing or billing address, country, state or region, username, workspace name, organization name, account identifiers, authentication information, SSO identifiers, and security settings.

We may collect workspace and user administration information such as users invited to a workspace, roles, permissions, access settings, API keys, tokens, certificates or credential metadata, identity provider configuration, workspace, project, connector, pipeline, destination, or resource names, region, environment, configuration settings, audit logs, and administrative activity.

For paid tiers, we may collect billing-related information such as billing contact name and email, billing address, tax identification number, plan, subscription, invoice, payment status, transaction history, usage and metering records, and limited payment method details provided by our payment processor, such as card brand, last four digits, expiration month/year, and payment token. We do not require a credit card for the Free Tier and do not store full credit card numbers on our own systems.

We may collect communications and support information when you contact sales or support, submit forms, request demos, participate in surveys, join waitlists, register for events, send emails or chat messages, provide feedback, or report bugs or security issues. This may include message contents, attachments, diagnostic information, support tickets, call notes, and, where disclosed or permitted, call recordings or transcripts.

When you use our websites or Services, we may automatically collect website, device, and usage information such as IP address, device identifiers, browser type, operating system, referring pages, pages viewed, date and time of access, approximate location derived from IP address, cookie identifiers, log data, API request metadata, feature usage, session duration, error reports, performance metrics, security events, usage volumes, throughput, storage, compute, jobs, connectors, and metering data.

Customers decide what Customer Data is submitted to the Services. Customer Data may contain personal information, confidential information, or other data controlled by the customer. LaserData processes Customer Data according to the customer's instructions, our agreement with the customer, and any applicable Data Processing Addendum.

We may receive information from employers or organizations that administer your account, resellers, referral partners, marketplace providers, cloud providers, integration partners, identity providers, payment processors, fraud prevention and security vendors, marketing, event, and analytics partners, and public sources such as company websites and professional profiles.

We may use Personal Information to create and manage accounts, authenticate users, provide dashboards, APIs, connectors, and platform functionality, process usage and metering, route, process, transmit, store, and display data according to customer configurations, provide support and troubleshooting, and maintain service reliability and performance.

We use information for security and abuse prevention, including monitoring for unauthorized access, credential compromise, fraud, malware, abuse, spam, and security threats; enforcing access controls; investigating security incidents; protecting customers, users, LaserData, and third parties; and maintaining audit logs and security records.

We use information for billing and account management, including processing payments, generating invoices, managing subscriptions, applying credits, calculating usage and overages, collecting unpaid amounts, verifying billing information, and communicating about account status.

We use information for communications, including responding to questions and support requests, sending technical notices, product updates, security alerts, administrative messages, invoices, service communications, notices about changes to the Services, Terms, or policies, and requests for feedback.

We may use Account Data, Operational Data, aggregated data, or de-identified data to understand how the Services are used, improve performance, reliability, usability, and security, develop new features, and conduct analytics. We do not use Customer Data content for product improvement unless you expressly authorize us in writing or the data has been aggregated or de-identified so that it does not identify you, your users, or Customer Data.

We may use Account Data for sales and marketing, including providing requested demos or information, sending newsletters or product announcements, inviting you to events, personalizing website content, measuring marketing effectiveness, and managing customer relationships. You can opt out of marketing emails at any time. We may still send non-marketing service, security, billing, and account communications.

We may disclose information to vendors and service providers that help us operate our business and provide the Services, including cloud hosting providers, infrastructure providers, data storage providers, security and monitoring vendors, payment processors, billing and accounting vendors, customer support tools, email and communications providers, analytics providers, CRM and sales tools, fraud prevention vendors, and professional advisors. These providers may access information only as needed to perform services for us and are subject to contractual obligations.

If your account is provided by your employer or another organization, administrators of that organization may access and manage your account, workspace, usage, logs, permissions, and related information. When you connect the Services to Third-Party Services, such as cloud providers, databases, data warehouses, identity providers, applications, or APIs, we may disclose information as directed by your configurations. Third-Party Services are governed by their own terms and privacy policies.

We may disclose information to affiliates; in connection with a merger, acquisition, financing, reorganization, sale of assets, bankruptcy, or similar corporate transaction; if disclosure is necessary to comply with law or legal process, respond to lawful requests, protect the rights, safety, and security of LaserData, customers, users, or third parties, investigate fraud, abuse, security incidents, or violations, or enforce our agreements and policies; and with your consent or at your direction.

LaserData does not sell Customer Data. LaserData does not sell Personal Information for money. We do not use Customer Data for cross-context behavioral advertising, targeted advertising, or third-party marketing. Our website may use analytics or advertising cookies. Depending on applicable law, disclosure of certain website identifiers to advertising or analytics partners may be considered a sale, sharing, or targeted advertising. You can manage cookie preferences as described in this Policy.

We may use cookies, pixels, web beacons, local storage, SDKs, and similar technologies to operate the website, remember preferences, authenticate users, analyze website usage, improve performance, understand marketing effectiveness, and protect against fraud and abuse. You can control cookies through browser settings and, where available, our cookie preference tool. Some cookies are necessary for the website or Services to function. We may honor legally required browser-based opt-out signals, such as Global Privacy Control, where applicable.

Paid tiers require payment information. Payments are processed by a third-party payment processor, such as Stripe or other processor. We do not store full credit card numbers on our own systems. Our payment processor may collect and process payment information, billing details, fraud signals, and transaction data according to its own terms and privacy policy. The Free Tier does not require a credit card.

If you are located in the European Economic Area, United Kingdom, Switzerland, or another jurisdiction requiring a legal basis, we process Personal Information under one or more legal bases: contract, to provide the Services, manage accounts, process payments, and provide support; legitimate interests, to secure, improve, market, and operate our Services, prevent fraud and abuse, and manage business relationships; consent, for certain cookies, marketing communications, or other activities where consent is required; legal obligation, to comply with laws, legal process, tax, accounting, and regulatory requirements; and vital interests or public interest where necessary in rare circumstances to protect safety or comply with public obligations. For Customer Data, our customer determines the legal basis for processing.

We retain Personal Information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, maintain security, prevent fraud, and conduct legitimate business operations. Retention periods vary depending on the type of information: account information is retained while your account is active and for a reasonable period afterward; billing, tax, and accounting records may be retained as required by law; security logs may be retained to protect the Services and investigate incidents; support communications may be retained for service quality, training, dispute resolution, and recordkeeping; and marketing information is retained until you opt out or request deletion, subject to legal exceptions.

Free Tier accounts may be deleted after 14 consecutive days of inactivity. Deletion may include workspaces, configurations, credentials, projects, logs, and Customer Data associated with the Free Tier account. Deletion from backups, archives, logs, and disaster recovery systems may occur on a delayed schedule. We may retain limited account, billing, security, legal, and operational records as needed for legitimate business or legal purposes.

We use commercially reasonable technical, administrative, and physical safeguards designed to protect Personal Information and Customer Data under our control. Safeguards may include encryption, access controls, least-privilege permissions, network security, monitoring, logging, vulnerability management, incident response procedures, employee confidentiality obligations, and vendor security reviews. No method of transmission or storage is completely secure. We cannot guarantee absolute security. You are responsible for securing your account credentials, devices, networks, integrations, cloud accounts, identity providers, and configurations.

LaserData may process and store information in the United States and other countries where we, our affiliates, service providers, or subprocessors operate. If we transfer personal information from regions that require transfer safeguards, we will use appropriate mechanisms where required, such as standard contractual clauses, data processing agreements, adequacy decisions, or other lawful transfer mechanisms.

Depending on your location and applicable law, you may have the right to access your Personal Information, correct inaccurate information, delete Personal Information, receive a copy of Personal Information in portable format, object to or restrict certain processing, withdraw consent where processing is based on consent, opt out of marketing communications, opt out of certain targeted advertising, sale, or sharing activities, and appeal a denial of a privacy request where applicable. To exercise rights, contact [email protected].

We may need to verify your identity before fulfilling a request. We may deny or limit requests where permitted by law, including where necessary to protect security, comply with legal obligations, protect others' rights, maintain business records, or process Customer Data on behalf of a customer. If your request relates to Customer Data controlled by one of our customers, we may direct you to contact that customer.

You may unsubscribe from marketing emails by following the unsubscribe instructions in the email or contacting [email protected]. Even if you opt out of marketing, we may send service-related communications, such as security alerts, invoices, account notices, product changes, and support messages.

Residents of certain U.S. states may have additional privacy rights. The categories of Personal Information we may collect include identifiers, such as name, email address, IP address, account ID, and billing information; commercial information, such as subscription, transaction, invoice, and plan information; internet or network activity, such as website usage, logs, device data, and Service usage; approximate geolocation, such as location inferred from IP address; professional information, such as company name, role, and job title; financial information, such as limited payment method details processed through our payment processor; communications information, such as support tickets and messages; and inferences from Account Data, such as product interests or account preferences.

We collect these categories from you, your organization, your use of the Services, third-party partners, service providers, and public sources. We use and disclose them for the purposes described in this Privacy Policy. We do not sell Customer Data or Personal Information for money. We may use website analytics or advertising tools that could be considered sharing, sale, or targeted advertising under certain state laws. You may opt out using our cookie preference tool or by contacting [email protected]. We do not knowingly sell or share Personal Information of children under 18 and will not discriminate against you for exercising privacy rights.

Because Customer Data is controlled by our customers, individuals seeking access, correction, deletion, or other rights regarding personal information contained in Customer Data should contact the relevant customer directly. If we receive a request relating to Customer Data, we may forward the request to the customer, instruct the requester to contact the customer, or assist the customer according to our agreement and applicable law.

The Services are not directed to children under 18. We do not knowingly collect Personal Information from children under 18. If you believe a child has provided us Personal Information, contact [email protected], and we will take appropriate steps to delete it.

Our websites and Services may link to or integrate with Third-Party Services. We are not responsible for the privacy, security, or data practices of Third-Party Services. Review their privacy policies before providing information to them.

We may update this Privacy Policy from time to time. We will post the updated version on our website and update the Last Updated date. For material changes, we may provide additional notice, such as by email, account notice, or website notice. Your continued use of the Services after an updated Privacy Policy becomes effective means you acknowledge the updated Policy.

For privacy questions or requests, contact LaserData, Inc. at [email protected]. For security issues, contact [email protected]. For legal notices, contact [email protected].