Privacy Policy

CartoDB Privacy Policy

Welcome to CartoDB, owned and operated by CartoDB, Inc. (“CartoDB”), a New York corporation. This Privacy Policy explains the information collected and stored at CartoDB and associated applications, web services, and other mechanisms associated with CartoDB (collectively, the “Service”). The Privacy Policy also explains how we use the information collected on the Service.

How you accept this Policy

By visiting the CartoDB website (the “Site”) or using the Service, including by registering, or by otherwise providing us with personally identifiable information (such as an email address), you agree to the terms and conditions of this Privacy Policy.

Information we collect that is not personally identifiable:

We collect information that is not personally identifiable in connection with use of the Site or the Service, such as login and device-related information (examples are: browser type, your IP address, and the date and time of day of your use).

How we use information that is not personally identifiable.

We may use collected information to enhance the visitor experience of the Service, to operate and maintain the Service, to investigate and understand how our Service is used, to monitor and protect the security and integrity of the Service, and to analyze our business.

We analyze traffic to the site in various ways, including using a service called Google Analytics. Google Analytics is subject to the privacy policy of Google which you can find on Google’s website. By visiting the Site or using the Service, you are agreeing to the terms of the Google Privacy Policy that apply to Google Analytics. (We are not responsible for any changes made to the Google Privacy Policy or of advising you of such changes.) We use this information to generate statistics and to measure activity to improve the usefulness of the Site and the Service. We reserve the right to change analytical service providers at any time without notice.

Cookies:

We use cookies to make interactions with the Site easy and meaningful. When you visit the Site, our servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself by opening an account, or filling out a form, you remain anonymous to us.

What we collect that is personally identifiable:

We collect personal information (“PI”) from those that choose to purchase our paid plan (i.e. Name, address, email address, phone number, credit card information and organization information).

For customers that use the free version of CartoDB we collect the following information: Name, email, password and some social media information (e.g. Twitter handle) that you may choose provide to us.

We also may collect PI if you contact us or otherwise give it to us (e.g., in an email).

How we use and disclose PI:

We may use PI to enhance the visitor experience of the Service, to operate and maintain the Service, to investigate and understand how the Service is used, to monitor and protect the security and integrity of the Service, and to analyze our business.

The Company may also use information you provide to contact you to further discuss your interest in the Services and to send you information regarding CartoDB.

We may disclose PI as required by law or in response to service of legal process, such as a court order, summons, subpoena, or the like.

We may share PI with our corporate affiliates and with business partners who provide services related to the Service (such as website hosting or payment processing). These business partners do not have the right to use this PI for any purpose other than those related to the Service.

Information about our users, including PI, may be disclosed or transferred to entities now or in the future affiliated with CartoDB or as part of any merger, acquisition, change of control, debt financing, insolvency, bankruptcy or sale of our assets. Such information may be used in the businesses of any entity so receiving it.

Except as provided above, we will not sell or transfer your PI to third parties.

Do Not Track:

Currently, various browsers offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Web sites' visited by the user about the user's browser DNT preference setting. We do not currently commit to responding to browsers' DNT signals with respect to the Site, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. However, we will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

How you can access or change the PI that we have collected:

Once you have registered with us, you can access your profile, review the information that is stored, and revise that information. We may not immediately delete residual copies of outdated information from our active servers and may not remove information from our backup systems.

Customer data:

Customer data is all the information including PI, text, images, location data or any other files that the customers provide, or are provided on your behalf, to the Company through your use of the Service. We inform you that you will be the only responsible of the provision of PI. In regard to the compliance of the Privacy rules, you shall notify the provision of PI to the Company through the address provided below.

The Company will not collect this PI. We will only process the PI for the provision of the Service and it will not be processed for any other purposes.

Children:

We do not target, market to, or knowingly collect PI from children under the age of thirteen years.

Date Retention:

We retain you PI for 2 years after which it is destroyed.

Data Security:

We use industry standard physical, managerial, and technical safeguards to preserve the integrity and security of your PI. We cannot, however, ensure the security of any information you transmit to the Service, and you do so at your own risk. Depending on where you live, you may have a legal right to receive notice of a security breach in writing or by emailing us at [email protected].

Your California Privacy Rights:

Residents of California have the right to request from a business, with whom the California resident has an established business relationship, certain information with respect to the types of PI the business shares with third parties for those third parties’ direct marketing purposes and the identities of the third parties with whom the business has shared such information during the immediately preceding calendar year. To exercise your rights, you may make one request each year by emailing us at [email protected]. Your request should specify your full name and the email address you used when submitting PI to us.

International Visitors:

This Service is hosted in the United States. If you are an international visitor, you should note that by providing your PI, you are: (i) permitting the transfer of your PI to the United States which may not have the same data protection laws as the country in which you reside; and (ii) permitting the use of your PI in accordance with this Privacy Policy.

Changes to this policy:

If we make any changes to this policy, we will post such changes here. You are encouraged to check this page on a regular basis to determine if there have been any changes.

Contact:

Please contact use with any questions you may have at [email protected] or at: CartoDB, 201 Moore Street, Brooklyn, NY 11206, USA.

Contact Us

Have a question about using CartoDB? Contact us by email.