FederateWave, Inc. ("we," "us," "our," or "Company") is the data controller responsible for your personal information. Our registered office is located at 123 Market St, San Francisco, CA 94105, USA. Our Data Protection Officer can be reached at [email protected]. For GDPR-related matters, our EU representative is located in Dublin, Ireland.
We collect information you provide directly (name, email, phone, organization, job title) during account registration and contact form submissions. We also collect technical data (IP address, browser type, device ID, operating system) through automated means including cookies, pixels, and server logs. When you use the FederateWave platform, we collect anonymized RF telemetry and network configuration hashes per your privacy settings. Additionally, we collect payment information (credit card number, billing address) through Stripe, which we do not store directly.
We process your personal data based on the following legal grounds: (a) Contract performance — to provide you with FederateWave services and fulfill your platform requests; (b) Legitimate interests — to improve our services, ensure security, and conduct analytics; (c) Consent — for marketing communications and non-essential cookies; (d) Legal obligation — to comply with laws such as GDPR, CCPA, and tax regulations; (e) Vital interests — to protect the safety and security of our users and platform.
We use your data to: (1) Provide and operate the FederateWave platform and services; (2) Process payments and billing; (3) Communicate with you about account status, platform updates, and service announcements; (4) Send you marketing emails, webinars, and product updates (with your consent); (5) Conduct technical support and customer service; (6) Perform analytics to understand usage patterns and improve the platform; (7) Detect and prevent fraud, abuse, and security threats; (8) Comply with legal obligations and regulatory requirements; (9) Enforce our Terms of Service.
We do not sell your personal data to third parties. We share data with: (a) Service providers (cloud hosting, payment processing, analytics) under strict data processing agreements; (b) Law enforcement if required by court order or legal process; (c) Other tenants on the FederateWave platform, but only anonymized RF telemetry and hashed identifiers per your consent; (d) Potential buyers in the event of a merger or acquisition (with notice); (e) Business partners for co-marketing initiatives (with your opt-in consent).
We retain your personal data for as long as necessary to provide services and fulfill the purposes outlined in this policy. Account data is retained for the duration of your subscription plus 30 days after cancellation. RF telemetry data is retained for 90 days for analytics, then anonymized. Transaction records are retained for 7 years to comply with tax and accounting regulations. Marketing data is retained until you unsubscribe. You may request deletion at any time subject to legal retention requirements.
FederateWave operates globally with servers in the United States, Europe, and Asia-Pacific. If you are located outside the United States, your data will be transferred to and processed in the US and other countries. For EU/UK residents, we rely on Standard Contractual Clauses (SCCs) and other adequacy mechanisms to ensure your data receives equivalent protection. We comply with GDPR requirements for adequacy and have implemented supplementary measures to address any data transfer risks.
You have the right to: (a) Access your personal data and request a copy in a portable format; (b) Correct inaccurate or incomplete data; (c) Delete your data (right to be forgotten) subject to legal obligations; (d) Restrict processing of your data in certain circumstances; (e) Object to processing based on legitimate interests; (f) Withdraw consent at any time; (g) Lodge a complaint with your national data protection authority. You can exercise these rights by contacting us at [email protected]. We will respond within 30 days.
We implement comprehensive security measures to protect your data: (1) AES-256 encryption for data at rest; (2) TLS 1.3+ encryption for data in transit; (3) Role-based access control (RBAC) limiting employee access; (4) Multi-factor authentication (MFA) for all platform accounts; (5) Regular security audits and penetration testing; (6) Compliance with SOC 2 Type II and ISO 27001 standards; (7) Incident response plans and 24/7 security monitoring. However, no system is completely secure. We cannot guarantee absolute security of your data.
Our website and platform may contain links to third-party services (analytics providers, payment processors, social media platforms). We are not responsible for the privacy practices of these third-party services. We encourage you to review their privacy policies independently. The presence of a link does not imply our endorsement or responsibility for their content or practices.
FederateWave services are not intended for children under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete such information and terminate the child's account. Parents or guardians who believe their child has provided personal information to FederateWave should contact us immediately at [email protected].
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by email or by posting the updated policy on our website. Your continued use of FederateWave after such changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically to stay informed about how we protect your data.