Frostbase Technologies S.A.C. — Privacy Policy
Last updated: May 27, 2025
This Privacy Policy ("Policy") is a legal agreement between you ("you," "your," or "Customer") and Frostbase Technologies S.A.C. ("Frostbase," "we," "us," or "our"). It governs our collection, use, disclosure and protection of your personal data when you use our websites, applications, or services (collectively, the "Services"). By accessing or using the Services, you agree to the terms of this Policy.
1. Definitions
"Personal Data" means any information relating to an identified or identifiable individual.
"Processing" means any operation performed on Personal Data (collection, storage, use, disclosure, deletion).
"Controller" is Frostbase, determining the purposes and means of Processing your Personal Data.
"Data Subject" is you, the individual whose Personal Data is processed.
2. Scope & Applicability
This Policy applies to all Personal Data we collect about you in connection with the Services, including via:
- Account registration, profile management, billing and support.
- Use of Sentinel monitoring or Cloud Hosting dashboards and APIs.
- Contact forms, live chat, email, phone support.
- Marketing communications and surveys.
It does not apply to third-party websites, applications, APIs or services to which we link.
3. Data We Collect
A. Data You Provide
- Account & Profile Information: name, email, company, phone, billing address, payment method.
- Contact & Support: form submissions, chat transcripts, email exchanges, call recordings (where permitted).
- User-Generated Content: any content you upload or create via our Services.
B. Automatically Collected Data
- Usage Data: pages viewed, feature usage, API calls, timestamps, error logs.
- Device & Connection Data: IP address, browser type/version, device identifiers, OS version, geo-location (approximate).
- Performance Metrics: resource usage (CPU, memory, I/O) collected by Sentinel for your monitored hosts.
C. Cookies & Tracking Technologies
- Session cookies, persistent cookies and similar technologies to maintain sessions, preferences and analytics.
- Third-party cookies from analytics providers (e.g. Google Analytics) and marketing partners.
4. Purposes & Legal Bases for Processing
| Purpose | Data Category | Legal Basis |
|---|
| Account creation, authentication, billing | Account & Profile | Performance of contract |
| Service delivery (provisioning, monitoring) | Performance Metrics | Legitimate interest |
| Customer support & troubleshooting | Contact & Support | Legitimate interest |
| Marketing communications (email, newsletters) | Account & Profile | Consent (opt-in) |
| Service improvement & analytics | Usage & Device Data | Legitimate interest |
| Compliance with legal obligations | Account & Profile | Legal obligation |
5. Data Sharing & Disclosure
We do not sell your Personal Data. We may disclose it to:
- Service Providers & Sub-processors: payment processors, email hosts, analytics, infrastructure partners—under binding confidentiality and security obligations.
- Affiliates & Subsidiaries: for internal business operations under the same standards.
- Legal & Regulatory Authorities: when required by law, court order, or to protect rights, safety, or property.
- Prospective Buyers or Investors: in connection with a merger, acquisition or financing, subject to confidentiality safeguards.
6. International Data Transfers
Your Personal Data may be stored and processed in Peru or other jurisdictions. We ensure transfers comply with applicable law by:
- Using standard contractual clauses.
- Relying on jurisdictions with adequacy decisions.
- Implementing additional safeguards (encryption, restricted access).
7. Data Retention
- Account & Billing Data: retained for the duration of your account plus seven years for tax and legal compliance.
- Support Records: retained for up to two years.
- Usage & Performance Metrics: raw logs up to one year; anonymized aggregates indefinitely.
- Cookies: per your browser settings or up to 24 months for persistent cookies.
8. Security Measures
We employ industry-standard organizational, technical and physical safeguards, including:
- TLS encryption in transit and AES-256 at rest.
- Firewalls, intrusion detection, vulnerability scanning.
- Role-based access controls and regular security audits.
- Employee training on data protection.
However, no system is completely secure. You must protect your account credentials and enable two-factor authentication where offered.
9. Your Rights & Choices
Depending on your jurisdiction, you may have the right to:
- Access your Personal Data.
- Correct or update inaccuracies.
- Delete or restrict Processing of your Personal Data.
- Object to Processing based on legitimate interest.
- Data portability (receive your data in a structured format).
- Withdraw consent where Processing is based on consent.
- Opt out of marketing communications at any time via unsubscribe links or by contacting [email protected].
To exercise rights, email [email protected] with "Data Subject Request" in the subject line.
10. Children's Privacy
Our Services are not intended for children under age 16. We do not knowingly collect Personal Data from minors. If you become aware of any such collection, please contact us to have the data removed.
11. Changes to This Policy
We may update this Policy for legal, technical or business reasons. We will post the revised Policy on our website with a new "Last updated" date and, for significant changes, notify you by email or in-app banner. Continued use constitutes acceptance.
12. Contact Information
Data Controller:
Frostbase Technologies S.A.C.
C. Jose de Acosta 226, San Isidro, Lima, Peru
Email: [email protected]
Phone: +51 904 016 714
If you have questions, complaints or requests regarding this Policy or our data practices, please contact us at [email protected]. We aim to respond within 30 days.