Effective Date: 20 March 2019
What Personal Information Do We Collect?
We collect personal information as necessary to provide any Services you request and otherwise operate our business.
We generally collect personal information directly from you. For example:
- In order to register for Services you will need to provide your name, username, email address, and (depending on the Services) your mailing address and your industry or corporate affiliation. If you are registering on behalf of a business (for example, your employer) you will also be required to provide the name of the business on whose behalf you are registering.
- We collect payment card information or other billing information as necessary and send it to our payments processor to process payments for Services on our behalf. We do not store payment card information or use it for any other purpose.
- We may, as part of the Services, offer you the opportunity to communicate with us or with other users, such as by participating in a community forum or sending questions, comments, or support requests to us. We may collect any additional information you provide in connection with these communications, such as your contact information and the contents of your communications.
- We may, as part of the Services, offer you the opportunity to link your account to third-party software-hosting services, like GitHub. If you do, we may collect your username for that service and information about your public repositories and commit history.
- We may collect personal information in other circumstances with your consent, or as permitted or required by law.
We may also collect certain information automatically when you access or use our Services. We collect this information using various means, such as cookies and other tracking technologies. The information we collect may include usage statistics, unique device identifiers, IP addresses, version numbers of relevant software, and information on which tools and services are being used in connection with Services. We use this information to recognize and authenticate you when you use Services, to monitor your use of Services, to enforce the terms of our contracts with you, to detect and prevent fraud, and for safety and security purposes.
How Do We Use Personal Information?
We use personal information:
- For our legitimate interests, namely:
- To provide our Services;
- To process payments and collect amounts owing to us;
- To respond to your requests and questions and provide customer support;
- To manage everyday business needs;
- To analyze or improve our Services and our tools, software and products;
- To detect and prevent fraud and for safety and security purposes;
- To protect D-Wave, its affiliates, our Services and users; and
- To monitor your use of our Services and your compliance with any contracts you have with us and to enforce the terms of any contracts you have with us;
- To perform a contract to which you are subject;
- To comply with our legal obligations, including to comply with all applicable laws and regulations;
- Where you have provided your consent, for example where you have agreed to us sending you promotional materials.
If we rely on your consent for us to use personal information in a particular way, but you later change your mind, you may withdraw your consent by contacting us and we will stop doing so. However, if you withdraw your consent, this may impact the ability for us to be able to provide Services to you.
Sharing of Information
We may share personal information with service providers (including our affiliates acting in this capacity) that perform services on our behalf, such as marketing, analytics, payment processing, website hosting, customer support, information technology and/or data hosting or processing services or similar services. We may do so where necessary for our legitimate interests in providing Services or for performance of a contract.
We, and our service providers and affiliates, may disclose personal information where required by law, including as required by the laws applicable to our service providers and affiliates located outside of your country of residence.
We may disclose personal information in other circumstances, with your consent. If you have given your consent for us to use your personal information in a particular way, but later change your mind, you should contact us and we will stop doing so.
If you are a user in the European Economic Area (EEA), we may transfer your personal information to Canada pursuant to an adequacy decision. We may transfer your personal information to Privacy Shield-certified processors in the United States. In any case where an adequacy decision or Privacy Shield-certified processor is not available, we will only transfer your personal information outside of the European Union in accordance with the European Commission’s Model Clauses.
We collect and retain personal information in an identifiable format for the amount of time necessary for the purposes for which it was collected, including providing any Services you request and otherwise meeting our legal and regulatory obligations, unless it is in our legitimate business interests and not prohibited by law to maintain the personal information for longer periods.
If you are a user in the European Economic Area (EEA), Switzerland or Canada, you may benefit from certain rights granted by applicable law but subject to limitations therein. These rights may include a right of access, rectification, restriction, opposition, erasure or portability, or the right not to be subjected to automated decision-making.
If you want to exercise any of the rights available to you or find out more, please contact us. We handle requests in line with the timeframes set by applicable laws. We may need to request additional information from you for the purpose of identifying you. Certain exemptions may apply to your request; if so, we will inform you when responding to your request.
Personal information is maintained on our servers or those of our service providers and is accessible to our authorized employees, representatives and agents. We maintain technical, physical, and administrative security measures designed to provide appropriate protection for your information against loss, misuse, unauthorized access, disclosure, and alteration. The security measures include firewalls, data encryption, physical access controls to our data centers, and information access authorization controls.
We do not knowingly collect information from individuals under the age of 18 or other individuals who are not legally able to use Services. If we obtain actual knowledge that we have collected information from a minor who is under the age of 18, we will promptly delete it, unless we are legally obligated to retain such data. If you believe that we have mistakenly or unintentionally collected information from a child, please contact us.
Users in the European Economic Area (EEA), Switzerland and Canada have the right to lodge a complaint with the Supervisory Authority or Commissioner for data protection in their country, should they find that we did not appropriately address their question or concern.