Privacy Policy
Last updated on April 28, 2023
Cypress.io, Inc., (referred to herein as “Cypress”, “we”, “us” or “our”) strongly believes in maintaining the privacy of information we collect from individuals who visit our Site or make use of our Service (as each is defined herein). We want you to understand how and why we collect, use and disclose information about you through our Site and Service. This Privacy Policy provides you with information concerning our practices and procedures as they relate specifically to information we collect through our Site and Service. We provide this Privacy Policy in connection with, and as incorporated in its entirety in, our Terms of Use (the “Terms of Use”). Because the web is an evolving medium, we may need to change our Privacy Policy at some point in the future, in which case we will post the revised Privacy Policy on this website and update the “Last Updated” date above to reflect the date of the changes. Capitalized terms not defined herein shall have the meanings set forth in our Terms of Use. Please read this Privacy Policy carefully so that you understand our information practices. If you do not agree with the terms of this Privacy Policy, please do not use the Site or Services.
This Privacy Policy applies to our handling of information about site visitors, prospective customers, and customers and authorized users (in relation to their procurement of the services and management of their relationship with Cypress). We refer collectively to these categories of individuals as “User”, "you", or “your” throughout this Privacy Policy.
However, this Privacy Policy does not cover information about a customer’s end users that Cypress receives from customer, or otherwise processes on customer's behalf, in connection with the services provided by Cypress to the customer pursuant to an applicable services agreement (including the content of messages of customer end users ("End User Communications")). Cypress processes End User Communications and other information of customer’s end users under the instructions of the relevant customer, which is the "data controller" (or occupies a similar role as defined in applicable privacy laws), as described in the applicable services agreement between such customer and Cypress. Cypress’s obligations as a "data processor" or "service provider" with respect to such information are defined in such services agreement and applicable data protection addendum and are not made part of this policy.
If you are a customer’s end user and you have questions about how your information is collected and processed through the services, please contact the organization who has provided your information to us for more information. This Privacy Policy is split into sections. For your convenience, links to each of those sections follows:
Definitions
“Applicable Law” means any and all applicable federal, state and local laws, statutes, ordinances, regulations, rules, opinions, interpretive letters and other official releases of or by - any government, or any authority, department or agency thereof which are now in effect or which may come in to effect during the period in which you use the Services.
“Cypress Account” means your user account which you must register for through the Site in order to use the Service.
“Cypress Cloud” means Cypress’ online interactive software programs to which User’s upload or submit Test Data in order to receive Run Reports.
“Cypress app” means the Cypress desktop application which Users may download from the Site pursuant to the terms of a MIT License and which User’s may use to conduct Runs on Applications - in order to obtain Test Data.
“Person” means an individual, corporation, partnership, joint venture, limited liability entity, Governmental Authority, unincorporated organization, trust, association or other entity.
“Privacy Policy” means this statement of our information privacy practices, policies and procedures, as may be amended from time to time.
“Service” means the Site, Cypress Cloud, and Cypress app.
“Site” means our website located at cloud.cypress.io, www.cypress.io, & docs.cypress.io.
“User Information” means the information that you provide to us in order to make use of your Cypress Account, the Site or the Service, as further described in Section 6.1 of the Terms of Use.
Information we collect about you
Contact Information
, such as your name, phone number, company name, and physical address.
Registration Information
. When you register your Cypress Account, you will be required to provide certain information about yourself, in order to create a Cypress Account and make use of the Service, including your email and password.
Information you input into the Service
. You may provide information to Cypress as part of your use of the Service or Site, including for testing.
Correspondence
between you and us and records of such correspondence, such as the contents of emails you send us, support inquiries, or other feedback you provide directly to us.
Product Reviews and Surveys Information
, including information you post publicly about our Service or Site.
Marketing Preferences
, such as records of your requests to opt out of marketing communications.
Information from Third-Party Sites
. In order to display information to you or to facilitate your access and use of the Service, we may collect, on your behalf, other information from third party websites that you link to your Cypress Account via the Service. We also may collect information when you interact with our social media pages, such as by “liking” our page or posting comments or replies to our content, we may collect certain information about you, consistent with your privacy settings on that platform. If you do not wish for us to collect information from these third parties, please do not interact with us via third-party platforms. See the “Social media platforms and websites” section for more information.
Information Collected by Cookies and Web Beacons
. We use various technologies to collect information, and this may include sending cookies to your computer or mobile device. Cookies are small data files that are stored on your hard drive or in device memory by a website. Among other things, cookies support the integrity of our registration and log in process, retain your preferences and account settings, and help evaluate and compile aggregated statistics about user activity. We may also collect information using web beacons. Web beacons are electronic images that may be used in our Service or emails. We may use web beacons to deliver cookies, count visits, understand usage, and determine whether an email has been opened and acted upon.
Technical and Navigational Information
. We may collect your computer browser type, Internet Protocol address, pages visited, location preferences, identification numbers associated with your personal devices, date and time stamps of transactions, average time spent on our Site, and other interactions with the Site and Services. This information may be used, for example, to alert you to software compatibility issues, or it may be analyzed to improve our web design and functionality.
Session Information
. We, our service providers, and our vendors may use technologies such as cookies, beacons, and scripts to collect information on how you use our Site and/or Services, such as information about your browsing behavior, page visits, clicks and cursor movements, searches on the Site, customer service interactions, and screen recordings.
Our use of your information
We may use the information you provide to us as necessary (i) to provide, operate, administer, and troubleshoot the Service, (ii) to respond to your inquiries about the Service or provide you with updates regarding the Service, (iii) to offer or suggest other products, services, or promotional offerings that we believe may be of interest to you, including, but not limited to, by contacting you about discounts, promotions, updates, special offers, and joint marketing efforts via email or direct mail, (iv) to personalize your experience when using the Services, (v) for internal research, reporting and data analytics, (vi) to improve the Services and/or develop new Services, (vii) to allow us and our advertising partners to personalize the content and advertising that you see on the Site and on third-party platforms, (viii) to comply with applicable laws and regulations, (ix) for internal auditing and recordkeeping purposes, (x) to protect the safety of ourselves, our customers, and the public; and (xi) to enforce the legal or contractual terms that govern your use of the Platform or defend our legal rights..
We may also combine information that we collect from you with information we obtain about you from third parties. We may aggregate and/or de-identify any information collected through the Services. We may use de-identified and/or aggregated data for any purpose, including without limitation for research and marketing purposes, and may also disclose such data to any third parties.
How we disclose information
We may disclose information about you as follows:
With your consent and approval provided through your use of the Service, to our trusted third-party service providers, as necessary to enable such trusted third party service providers to - provide the Service to you;
In connection with, or during the negotiation of, any merger, sale of company stock or assets, financing, acquisition, divestiture, or dissolution of all or a portion of our business;
To deliver to you any administrative notices, alerts and communications relevant to your use of the Service;
To respond to subpoenas, court orders, or legal process;
To improve our Site or the Service;
In order to investigate, prevent, defend against, or take other action regarding violations of our Terms of Use, illegal activities, suspected fraud, or situations involving potential - threats to the legal rights or physical safety of any Person or the security of our Site or Service;
To respond to claims that any posting or other content violates the rights of third parties;
In an emergency, to protect the health and safety of our Site’s users or the general public; or
As otherwise required by Applicable Law.
"Do Not Track (DNT)" Browser Signals
Do Not Track (“DNT”) is an optional browser setting that allows you to express your preferences regarding tracking by advertisers and third parties. Currently, neither the Site nor the Service recognizes or takes any automated action in response to browser “do not track” signals. Alternatively, if you have a legally-recognized browser-based opt out preference signal turned on via your device browser, we recognize such preference in accordance with applicable law.
Social media platforms and websites
Any information, communications, or material of any type or nature that you submit to our Site or Service through the use of social media integration (including, but not limited to any of our websites or profiles contained on a social media platform or website such as Facebook or Twitter) by email, posting, messaging, uploading, downloading, or otherwise (collectively, a “Submission”), is done at your own risk and without any expectation of privacy. We cannot control the actions of other users of any social media platform or website and we are therefore not responsible for any of your Submissions contained on such sites and platforms. By accessing or making use of any part of the Site or Service that is contained on a social media platform or website, you are representing and warranting to us you have reviewed the applicable privacy policy and terms of use of such platform or website and that you will abide by all such provisions contained therein.
Additionally, in the event that any one part of the Site or Service offers a message board or any other interactive or feature or platform of a social or public nature on a website administered directly by us, please be aware that these areas may allow you to publicly post, and disclose to other users, certain messages, content, or other information (e.g., stories, pictures, ingredients, tips, etc.). Although we may take certain precautions to protect those who use these areas of our Site or Service, we encourage you to be wary of giving out any information in such public forums. The information you post can be collected and used by people you do not know. We cannot guarantee the privacy and safety of these areas and are therefore not responsible for any information you choose to post. Your use of these features is fully at your own risk.
Information collected from children
Our Site and Service are intended for use only by persons who are 18 years old or older and our Terms of Use expressly prohibit access or use of the Site or Service by any Person under 18 years old. Consistent with the Children’s Online Privacy Protection Act, we will not knowingly collect any information from children under the age of 13.
We appreciate your questions and comments about our Site or Service and welcome your email messages to mailboxes listed on our Site. We will disclose your messages to those within our organization that are most capable of addressing the issues contained in your message. We will keep a copy of your message until we have had an opportunity to address your concerns. We may archive your message for a certain period or discard it, but your email address will not be used for any other purpose.
Confidentiality and security
We restrict access to information collected about you through the Service to our employees, our affiliates’ employees, our authorized and trusted third party service providers, or others who need to know that information in order to provide the Service to you or to conduct our normal business operations. While no web site can guarantee security, we maintain appropriate physical, electronic, and procedural safeguards to protect your information collected via the Site or Service. We protect our databases with various physical, technical and procedural measures and we restrict access to your information by unauthorized persons. We also advise all Cypress employees about their responsibility to protect customer data and we provide them with appropriate guidelines for adhering to Cypress’s business ethics standards and confidentiality policies. While we implement these and other security measures on the Service, please note that 100% security is not always possible. We cannot guarantee that the security measures we have in place to safeguard information will never be defeated or fail, or that those measures will always be sufficient or effective.
Data retention
We keep your information for the time necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and your choices, after which time we may delete and/or aggregate it. We may also retain and use this information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Links to other sites
For your convenience we may provide links to other websites and web pages that we do not control. We cannot be responsible for the privacy practices of any websites or pages not under our control and we do not endorse any of these websites or pages, the services or products described or offered on such sites or pages, or any of the content contained on those sites or pages.
We are not responsible for any damages arising from and we expressly disclaim any liability associated with how such third parties collect, store, use or disclose your personal information.
Your data rights and choices
Promotional emails. From time to time, we may send you emails with promotional offers relating to your use of the Site or Service. If you would no longer like to receive these emails, please click on the “Unsubscribe” link at the bottom of the email and follow the “Unsubscribe” instructions. Please allow us a reasonable period of time in order to satisfy your request, as some promotions may already be in process. We may also use your information to notify you in connection with any contests or promotions that you choose to participate in through the Site or Service. Even though you may opt-out of receiving marketing-related communications from us, we may still send you important administrative and transactional messages.
Rights regarding your information. Depending on your jurisdiction, you may have the right, in accordance with applicable data protection laws, to make requests related to your “personal information” or “personal data” (as such terms are defined under applicable law, and collectively referred to herein as “personal information”). Specifically, you may have the right to ask us to:
Inform you about the categories of personal information we collect or disclose about you; the categories of sources of such information; the business or commercial purpose for collecting - your personal information; and the categories of third parties with whom we disclose personal information.
Provide you access to and/or a copy of certain personal information we hold about you.
Correct or update personal information we hold about you.
Delete certain personal information we have about you.
Provide you with information about the financial incentives that we offer to you, if any.
Restrict or object to certain uses of your information.
Opt you out of the processing of your personal information for purposes of profiling in furtherance of decisions that produce legal or similarly significant effects, if applicable.
Certain information may be exempt from such requests under applicable law. For example, we need certain information in order to provide the Services to you.
You may also have the right to opt out of “sales” of your information and “sharing” or processing of your information for targeted advertising as described below.
We also need to take reasonable steps to verify your identity before responding to a request, which may include, at a minimum, depending on the sensitivity of the information you are requesting and the type of request you are making, verifying your name and email address. If we are unable to verify you, we may be unable to respond to your requests. To exercise any of these rights, you can use the form located here or email us at [email protected] with your name and type of request you are making.
You may be able to designate an authorized agent to make requests on your behalf. In order for an authorized agent to be verified, you must provide the authorized agent with signed, written permission to make such requests or a power of attorney. We may also follow up with you to verify your identity before processing the authorized agent’s request.
Depending on applicable law, you may have the right to appeal our decision to deny your request, if applicable. We will provide information about how to exercise that right in our response denying the request. You also have the right to lodge a complaint with a supervisory authority.
As provided in applicable law, you have the right to not be discriminated against for exercising your rights.
Notice of right to opt out of sales of personal information and sharing or processing personal information for targeted advertising purposes. Depending on your jurisdiction, you may also have the right to opt out of the “sale” of your personal information and “sharing” or processing of your personal information for targeted advertising.
As explained in the “How we disclose your information” section above, we sometimes disclose information to unaffiliated third parties we collaborate with or that provide offers that we think may be of value to you. We also provide information to third-party advertising providers for targeted advertising purposes or use advertising analytics partners to assist us in analyzing use of our services and our user/customer base. Under applicable law, the disclosure of your personal information to these third parties to assist us in providing these services may be considered a “sale” of personal information or the “sharing” or processing of personal information for targeted advertising purposes.
If you would like to opt out of the disclosure of your personal information for purposes that could be considered “sales” for those third parties' own commercial purposes, or “sharing” or processing for purposes of targeted advertising, please visit the following link, which is also available in the footer of our Site: "Cookie Preferences" and use the "Do Not Sell or Share My Personal Information" toggle at the bottom of the tool. Note that you will need to opt out on each device you use to access the Services. We do not knowingly sell the personal information of minors under 16 years of age.
Notice to California residents
If you are a California resident, California law requires us to provide you with some additional information regarding how we collect, use, and disclose your “personal information” as defined in the California Consumer Privacy Act (“CCPA”).
We describe the categories of information we collect, our business purposes for collecting such information, the sources and uses of such information and the entities with which we disclose such information in the “Information we collect about you”, “Our use of your information,” and “How we disclose your information” sections of this Privacy Policy. We provide additional information required by the CCPA below.
A. Categories of Personal Information we collect, use and disclose
Throughout this Privacy Policy, we discuss in detail the types of information we collect from and about users and discuss how we use and disclose such information. The following are the “categories” of personal information under the CCPA that we collect from California consumers and that we may, as discussed throughout this Privacy Policy, use and disclose for our business purposes:
Identifiers (such as name, address, email address); commercial information (such as transaction data); financial data (such as credit card information processed by our payment processor); device identifiers (such as IP address and unique device identifiers); internet or other network or device activity (such as browsing history); general geolocation data derived from IP addresses; any user-generated content or feedback that you provide; and username and password (which is considered “sensitive” personal information under California law).
B. How we use these categories of personal information
We and our service providers may use the categories of personal information we collect from and about you for the following business and commercial purposes (as those terms are defined in applicable law).
Our or our service providers’ operational purposes;
Auditing consumer interactions on our site (e.g., measuring ad impressions);
Detecting, protecting against, and prosecuting security incidents and fraudulent or illegal activity;
Bug detection and error reporting;
Customizing content that we or our service providers display on the Services (e.g., contextual ads);
Providing the Services (e.g., account servicing and maintenance, customer service, advertising and marketing, analytics, and communication about the Services);
Improving our existing Services and developing new services (e.g., by conducting research to develop new products or features);
Other uses that advance our commercial or economic interests, such as third-party advertising and communicating with you about relevant offers from third party partners;
Other uses about which we notify you.
We may also use the categories of personal information for compliance with applicable laws and regulations, and we may combine the information we collect (“aggregate”) or remove pieces of information (“de-identify”) to limit or prevent identification of any user or device. We may also disclose this information to third parties for legal, compliance or security purposes, or in connection with a business transfer, as described further in “How we disclose your personal information” above.
C. Sale/Sharing of Personal Information
The CCPA sets forth certain obligations for businesses that “sell” personal information or “share” personal information for cross-context behavioral advertising purposes. Under the CCPA, “sale” and “sharing” are defined such that they may include allowing third parties to receive certain information for advertising purposes. We “sell” or “share” the following categories of information to third-party advertising partners and vendors that support our advertising efforts (such as advertising analytics services):
Identifiers (such as name, address, email address); commercial information (such as transaction data); internet or other network or device activity (such as browsing history and usage information).
If you would like to opt out of our use of your information for such purposes that are considered a “sale” or “sharing” for cross-context behavioral advertising purposes under California law, please click the following link, which is also available in the footer of our Site: "Cookie Preferences" and use the "Do Not Sell or Share My Personal Information" toggle at the bottom of the tool.
We do not knowingly sell the personal information of minors under 16 years of age.
D. Additional Privacy Rights
In addition to the rights section before in section C above, California residents may make certain requests about their personal information under the CCPA as set forth in “Your data rights and choices” section above.
Moreover, if we ever offer any financial incentives in exchange for your personal information, we will provide you with appropriate information about such incentives.
In the limited circumstances that we process sensitive personal information as defined in the CCPA, we do not use or disclose it other than for disclosed and permitted business purposes for which there is not a right to limit under the CCPA.
E. Shine the Light
California Law permits customers who are California residents to request certain information once per year regarding our disclosure of personal information to third parties for such third parties’ direct marketing purposes. We do not disclose personal information to third parties for their own direct marketing purposes.
Using the service from outside the United States
If you are accessing or otherwise making use of the Service from outside the United States, please be aware that your information may be transferred to, stored or processed in the United States, where our servers are located and our central database is operated. The data protection and other laws of the United States and other countries might not be as comprehensive as those in your country, but please be assured that we take steps to protect your privacy. By accessing or otherwise making use of the Service, you acknowledge and agree that we have the express right to transfer your information across jurisdictions and international borders to our facilities and to those third parties with whom we disclose it as described in this Privacy Policy.
Updates to the Privacy Policy
This Privacy Policy may be updated periodically and without prior notice to you to reflect changes in our information practices. Whenever we make a significant change to our Privacy Policy, we will refresh the date at the top of this page and take any other appropriate steps to notify you.
By continuing to use the Site or Service or by providing us with your information after we post any such changes, you agree to the Privacy Policy as modified. Your access to the Site or Service for the limited and exclusive purpose of reviewing this Privacy Policy does not constitute an agreement to this Privacy Policy unless you engage in any further access or use of Site or Service.
Contact us
If you wish to contact us, please send an email to: [email protected]