Privacy Policy

This Privacy Policy ("Policy") describes how Datanto, Inc., a Delaware corporation with its principal place of business at 2261 Market Street STE 76320, San Francisco, CA 94114, United States ("Company," "we," "us," or "our"), collects, uses, discloses, and safeguards personal data in connection with our website located at https://datanto.com ("Website") and our waitlist service at https://auth.datanto.com/waitlist. This Policy applies to all visitors and users from the United States, the European Union, and any other jurisdiction in which we operate, to the extent applicable under local law.

1. Data Controller and Contact Information

For purposes of the EU General Data Protection Regulation (Regulation (EU) 2016/679) ("GDPR"), Datanto, Inc., a Delaware corporation, is the Data Controller for the personal data collected via our Website. You may contact us regarding this Policy at:

Email: privacy@datanto.com
Address: 2261 Market Street STE 76320, San Francisco, CA 94114, United States

2. Information We Collect

We collect only the minimum personal data necessary to operate our services:

• Email Address – voluntarily submitted when you join our waitlist to request future access to our platform or receive updates.
• Automatically Collected Information – limited technical information such as IP address, browser type, and basic usage data, collected through essential cookies and server logs, strictly necessary for the functioning and security of the Website.

3. Legal Bases for Processing

For individuals in the European Economic Area (EEA), United Kingdom, and Switzerland, we rely on the following lawful bases under the GDPR:

• Consent – when you voluntarily provide your email address via our waitlist form.
• Legitimate Interests – to maintain and improve the Website's performance and security, provided such interests are not overridden by your fundamental rights and freedoms.

For individuals in the United States, we process personal data in accordance with applicable state and federal laws, including, where applicable, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

4. How We Use Your Information

We use your personal data exclusively for the following purposes:

• Managing and administering our waitlist.
• Communicating with you regarding early access, updates, and service-related announcements.
• Ensuring the security and proper functioning of the Website.
• Complying with legal obligations.

5. Data Sharing and Disclosure

We use third-party service providers to manage parts of our infrastructure, including user identity and waitlist registration. Specifically, our waitlist functionality is provided through a third-party identity platform operated by Clerk, Inc. ("Clerk"), which acts as a data processor on our behalf.

When you submit your email address to join our waitlist at https://auth.datanto.com/waitlist, your information is collected and processed using Clerk's infrastructure. Clerk does not access or use your personal data for its own purposes but acts solely under our instructions, in accordance with a Data Processing Agreement (DPA) and applicable law.

Clerk, Inc. is headquartered in the United States and processes personal data pursuant to standard contractual clauses or other appropriate safeguards under the GDPR. For more details about Clerk's practices, please consult their Privacy Policy.

We do not sell personal data. We may share your information only in the following limited circumstances:

• Service Providers – with trusted vendors who assist in hosting, email delivery, and website maintenance, bound by confidentiality and data protection obligations.
• Legal Compliance – where required by law, regulation, or court order, or to protect our legal rights.
• Business Transfers – in the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity, subject to this Policy.

6. International Data Transfers

Where we transfer personal data outside of the EEA, UK, or Switzerland, we ensure such transfers are protected by appropriate safeguards, including the use of Standard Contractual Clauses approved by the European Commission.

7. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes described in this Policy, or as required by law. You may request deletion of your data at any time by contacting us at privacy@datanto.com.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Request correction or rectification of inaccurate data.
• Request deletion of your data ("Right to be Forgotten").
• Restrict or object to certain processing activities.
• Withdraw consent where processing is based on consent.
• (EEA/UK) Data portability rights under applicable law.
• (California) Opt-out of the sale or sharing of personal data (note: we do not sell data).

9. Cookies and Similar Technologies

Our Website uses only strictly necessary cookies for core functionality and security. Any use of additional cookies or tracking technologies will be disclosed in our separate Cookie Policy.

10. Security

We implement commercially reasonable technical and organizational measures to protect personal data from unauthorized access, disclosure, alteration, or destruction. However, no method of transmission or storage is entirely secure.

11. Changes to This Policy

We may update this Policy from time to time to reflect changes in our practices or legal obligations. The updated version will be posted on this page with a revised "Last update" date.

12. Contact

If you have any questions, concerns, or requests regarding this Policy, please contact us at: privacy@datanto.com.