1. Introduction and Scope
 
1.1. This Privacy Policy describes how Pandoblox, Inc. (“Pandoblox”) collects, uses, discloses, and protects personal data in connection with the provision of its services, websites, applications, and related offerings (collectively, the “Services”).

1.2. This Privacy Policy applies to personal data processed by Pandoblox when:
        1.2.1. Individuals access or use the Services;
        1.2.2. Clients or Subscribers enter into subscription agreements with Pandoblox, and
        1.2.3. Pandoblox otherwise interacts with users, customers, or business partners in connection with the Services.

1.3. This Privacy Policy forms part of, and is incorporated by reference into, the applicable Subscription Agreement and related terms governing the use of the Services. In the event of any conflict between this Privacy Policy and the subscription agreement, the Subscription Agreement shall control, except where applicable data protection laws require otherwise.

1.4. This Privacy Policy does not apply to third-party websites, products, or services that may be linked to or integrated with the Services and are governed by their own privacy policies.

2. Definitions

2.1. For purposes of this Privacy Policy, the following terms have the meanings set forth below. Capitalized terms not defined in this Privacy Policy shall have the meanings given in the applicable Subscription Agreement or its referenced documents.
        2.1.1. “Applicable Data Protection Laws” means all laws and regulations applicable to the processing of Personal Data under this Privacy Policy, including, where applicable, GDPR, CCPA/CPRA, and other relevant privacy and data protection laws.
        2.1.2. “Data Subject” means any individual whose personal data is processed under this Privacy Policy.
        2.1.3. “Personal Data” means any information that identifies, relates to, describes, or could reasonably be linked directly or indirectly to an identified or identifiable individual.
        2.1.4. “Processing” means any operation or set of operations performed on Personal Data, whether by automated or non-automated means, including collection, recording, organization, structuring, storage, use, disclosure, transmission, or deletion.
        2.1.5. “Service(s)” means Pandoblox’s services, including the systems, infrastructure, and processes used to provide them and handle client, subscriber, and user data.
        2.1.6. “Subscriber” means the entity or individual that has entered into a Subscription Agreement with Pandoblox.
        2.1.7. “User(s)” are those individuals (e.g., employees, contractors, or agents of the Subscriber) who are authorized by the Subscriber to access and use the Services, and whose usage is accounted for within the quantitative limitations specified in the applicable Subscription Agreement.
        2.1.8. “Subscription Agreement” means the primary written agreement between Pandoblox and the Subscriber under which Pandoblox provides the Services, and to which this Security Policy is incorporated.

3. Information We Collect
 
3.1. Pandoblox collects and processes information in connection with the provision, operation, and improvement of the Services. The types of information collected may include the following:
       3.1.1. Personal Data. Personal Data may include information that identifies or is related to an individual, such as names, business contact information, account credentials, billing information, and other information provided by the Subscribers or Users in connection with the Services.
       3.1.2. Usage Data. Pandoblox may collect information relating to access to and use of the Services, including log data, usage metrics, device and browser information, system activity, and performance data generated through interactions with the Services.
       3.1.3. Cookies and Tracking Technologies. Pandoblox may use cookies and similar tracking technologies to operate the Services, enhance functionality, analyze usage, and improve user experience. Subscribers and Users may be able to control the use of cookies through their browser or device settings, subject to applicable limitations.
 
4. How Pandoblox Uses Information

4.1. Pandoblox uses the information collected in connection with the Services for the following purposes, and relies on the corresponding legal bases under Applicable Data Protection Laws (including, where applicable, the GDPR):
       4.1.1. Service Delivery. To provide, operate, maintain, and support the Services, including account administration, authentication, customer support, and fulfillment of contractual obligations. (Performance of a Contract)
       4.1.2. Billing and Payments. To process subscriptions, invoices, payments, and related financial transactions, and to manage billing inquiries and accounting. (Performance of a Contract)
       4.1.3. Analytics and Service Improvements. To monitor performance, analyze usage trends, diagnose technical issues, develop new features, and improve the reliability, functionality, and quality of Services. (Legitimate Interest)
       4.1.4. Legal and Regulatory Compliance. To comply with applicable laws and regulations, respond to lawful requests, enforce contractual rights, and protect the rights, property, or safety of Pandoblox, its subscribers, users, and others. (Legal Obligation)
 
5. Data Sharing and Disclosure
 
5.1. Pandoblox may share information collected in connection with the Services under the following circumstances:
       5.1.1. Service Providers. Pandoblox uses tools from third-party service providers to perform services on its behalf, such as hosting, data processing, analytics, payment processing, or customer support. These service providers are contractually obligated to process information only as necessary to provide their services and otherwise in accordance with this Privacy Policy.
       5.1.2. Business Transfers. In the event of a merger, acquisition, reorganization, sale of assets, or other business transfer, Pandoblox may transfer information as part of the transaction, provided that the recipient agrees to process such information in accordance with this Privacy Policy.
 
6. Data Retention
 
6.1. Pandoblox retains information collected in connection with the Services only for as long as necessary to fulfill the purposes described in this Privacy Policy, comply with legal obligations, resolve disputes, enforce agreements, or otherwise as permitted or required by applicable law.

6.2. After the applicable retention period, Personal Data will be securely deleted or anonymized, unless retention is otherwise required to meet legal or regulatory obligations.
 
7. Data Subject Rights

7.1. Subscribers and Users may have certain rights under applicable data protection laws with respect to their Personal Data. These rights may include, where applicable:
       7.1.1. Access: The right to request access to Personal Data held about them.
       7.1.2. Correction: The right to request correction of inaccurate or incomplete Personal Data.
       7.1.3. Deletion: The right to request deletion of Personal Data, subject to legal and contractual obligations.
       7.1.4. Restriction of Processing: The right to request restriction of processing of Personal Data.
       7.1.5. Data Portability: The right to receive a copy of Personal Data in a structured, commonly used, and machine-readable format, where applicable.
       7.1.6. Objection: The right to object to the processing of Personal Data based on legitimate interests or direct marketing.

7.2. Requests to exercise these rights should be submitted to Pandoblox using the contact information provided in Section 12. Pandoblox will respond to such requests in accordance with applicable data protection laws.

7.3. Subscribers and Users have the right to lodge a complaint with a competent supervisory authority if they believe that the processing of their Personal Data violates applicable data protection laws. Individuals are encouraged to contact Pandoblox first to seek resolution of any concerns.

8. International Transfers

8.1. Personal Data may be accessed by Pandoblox staff who are outside the country in which the data was originally collected.
 
8.2. When Personal Data is accessed internationally, Pandoblox will take appropriate measures to ensure such access is conducted in accordance with applicable data protection laws, including, where required, contractual safeguards or other legal mechanisms to protect the data.
 
9. Changes to Privacy Policy
 
9.1. Pandoblox may update this Privacy Policy from time to time to reflect changes in the Services, legal requirements, or business practices.

9.2. Material changes will be communicated to Subscribers or Users as required by applicable law, and continued use of the Services after such changes constitutes acceptance of the updated Privacy Policy.
 
10. Business Continuity and Disaster Recovery (BCDR)

10.1. Pandoblox maintains administrative, technical, and organizational measures designed to ensure the continuity, availability, and security of the Services in the event of disruptions, system failures, or disasters.

10.2. These measures are intended to minimize Service interruptions and protect data, but do not constitute a guarantee of uninterrupted service. Details regarding specific continuity and recovery procedures are maintained internally and may be provided to Subscribers upon request under a separate Security Policy.

10.3. Refer to Security Policy here: https://www.pandoblox.com/pandobloxsignalsecuritypolicy

 
11. GDPR / CCPA / CPRA Compliance

11.1. Pandoblox processes Personal Data in accordance with applicable privacy and data protection laws, including the General Data Protection Regulation and the California Consumer Privacy Act or California Privacy Rights Act, where applicable. In compliance with GDPR requirements, the legal basis for each processing purpose is specified in Section 4: How Pandoblox Uses Information and Legal Bases for Processing.

11.2. Subscribers and Users located in jurisdictions with these laws may have additional rights as described in Section 7: Data Subject Rights. Pandoblox will comply with such laws to the extent they apply to the processing of Personal Data in connection with the Services.

11.3. Children's Privacy. The Services are not intended for, nor directed at, individuals under the age of thirteen (13). Pandoblox shall not knowingly solicit or collect Personal Data from children under the age of 13. If Pandoblox becomes aware that it has inadvertently collected Personal Data from a child under 13 in violation of the Children’s Online Privacy Protection Act (COPPA), Pandoblox shall promptly take reasonable steps to delete such information.
 
12. Contact Information

12.1. For questions, requests, or concerns regarding this Privacy Policy or Pandoblox’s data processing practices, Subscribers and Users may contact Pandoblox using the following information:
          12.1.1. Email: legal@pandoblox.com
          12.1.2. Address: 14622 Ventura Blvd, Ste 2047, Sherman Oaks, CA 91403

12.2. Pandoblox will respond to inquiries regarding Personal Data and privacy-related matters in accordance with applicable laws.


End of Pandoblox Signal Pandoblox Signal Privacy Policy