Apollo Privacy Policy

Apollo Graph, Inc. (“Apollo”, “we”, “us”, “our””) is committed to protecting the privacy of individuals with whom it interacts. This Privacy Policy sets out how we collect and process personal information when you visit our websites (e.g. apollographql.com, graphql.com), when you use our Apollo GraphQL services (our “Services”), or when you otherwise do business or make contact with us.
Please read this policy carefully to understand how we handle and treat your personal information.

What information do we collect?

We may collect and process the following personal information from you for our legitimate interests or the legitimate interests of third parties, as described in this Privacy Policy:

What information do we collect?

We collect personal information when you voluntarily provide us with such information in the course of using our website or Services. For example, when you register to use our Services, we will collect your name, email address, password, organization information, and billing details. We also collect information you provide to us when you participate in any communications service on our websites (as explained in more detail in our Corporate Website Terms of Use), including your username, password and any content you provide. We also collect personal information from you when you subscribe to our newsletter, register for an event, or respond to a survey. If you make an inquiry through our website, or contact us in any other way, we will keep a copy of your communications with us.

Information you provide to us

We may process your personal information when you do business with us – for example, as a customer or prospective customer, or as a vendor, supplier, consultant, or other third party. For example, we may hold your business contact information and financial account information (if any) and other communications you have with us for the purposes of maintaining our business relations with you.

Personal information where we act as a data processor

In certain rare cases, we also process personal information on behalf of our customers in the context of supporting our products and services. Where a customer uses our Services to process data, they will be the ones who control what event data is collected and stored on our systems. In such cases, we are data processors acting in accordance with the instructions of our customers, who are the data controllers. You will need to refer to the privacy policies of our customers to find out more about how such information is handled by them. If you are unable to contact the relevant customer, please contact us at the addresses provided below.

Information we automatically collect

We may also collect certain technical information, which in some cases is personal information, by automatic means when you visit our website, such as IP address, browser type and operating system, referring URLs, your use of our website, and other clickstream data. We collect this information automatically through the use of various technologies, such as cookies and request headers.

What are the legitimate interests for which we use your information?

The personal information we collect from you may be used in one of the following ways:

  • To deal with your inquiries and requests

  • To facilitate your communication with other users of the communication service on our websites

  • To create and administer records about any online account that you register with us

  • To provide you with information and access to resources that you have requested from us

  • To provide you with technical support (your information helps us to better respond to your individual needs)

  • To improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from you), including to improve the navigation and content of our sites

  • For website and system administration and security

  • For general business purposes, including to improve customer service (your information helps us to more effectively respond to your customer service requests and support needs), to help us improve the content and functionality of our Services, to better understand our users, to protect against wrongdoing, to enforce our Terms of Service, and to generally manage our business

  • To process transactions for the provision of the Services and to otherwise provide Services to our customers and end-users

  • For recruitment purposes, where you apply for a job with us

  • To administer a contest, promotion, survey, or other site features

  • To improve advertising campaigns, primarily in an effort to prevent targeting of impressions via third-party channels when they are not relevant

  • To send periodic emails. The email address you provide for order processing will only be used to send you information and updates pertaining to your order. Where it is in accordance with your marketing preferences, we will send occasional marketing emails about our products and services, which you can unsubscribe from at any time using the link provided in the message.

How do we protect your personal information?

We implement common industry-standard security measures to maintain the safety of your personal information when you enter, submit, or access your personal information. We offer the use of a secure server. All user data is transmitted via Secure Socket Layer (SSL) technology and then encrypted for storage only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. After a transaction, your private information (e.g., credit cards, social security numbers, financials) will not be stored on our servers.

Do we use cookies or other tracking mechanisms?

Yes. Cookies are small files that a site or its service provider transfers to your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.

Some of our website’s pages may contain electronic images known as Web beacons, which are also called single-pixel gifs. These images allow us to count users who have visited those pages and to deliver co-branded services. We also may include Web beacons in promotional e-mail messages or newsletters in order to count how many messages have been opened and acted upon. Web beacons are not used to access your personal information but they are a technique we use to compile aggregated statistics.

We use cookies to understand and save your preferences for future visits, to advertise to you on other sites (including but not limited to services such as Google AdWords and Facebook), and to compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

You may refuse to accept cookies by activating the setting on your browser that allows you to refuse the setting of cookies. However, if you choose to disable cookies, you may be unable to access certain parts of our site. A banner asking you to accept our cookies policy will be displayed upon the first visit to our website (or the first visit after you delete your cookies). Unless you have adjusted your browser setting so that it will refuse cookies and/or you have not accepted our cookies policy, our system will issue cookies when you log on to our site.

You may also disable Web beacons by disabling HTML images in your email program, which may also affect other images in emails you receive.

We may use third party service providers to help us analyze certain online activities. For example, these service providers may help us analyze visitor activity on our websites. We may permit these service providers to use cookies and other technologies to perform these services for Apollo.

These services include (but are not limited to) Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyze how users use the Site and enhance your experience when you use the Service. For more information on how Google uses this data, go to www.google.com/policies/privacy/partners/. You may also download the Google Analytics opt-out browser add on, available here: https://tools.google.com/dlpage/gaoptout.

Some parts of our websites may include social media features, such as the Facebook “like” button, and widgets, such as the “share this” button. These social media features are either hosted by a third party or hosted directly on our Service. When you use these tools, the party that provides the tool, the third party that operates the social media services, and/or we may receive information about you. By using these tools or by communicating with us through social media services, you acknowledge that some information, including personal information, from your social media services will be transmitted to us, and that information is therefore is covered by this Privacy and Security Policy, and some information, including personal information, may be shared with the third party services, and that information is therefore governed by their privacy policies.

When we interact with you on social media services, the information you share with us which can be seen by anyone other than you, us and the relevant social media service is not covered by this Privacy Policy. Only information you share with us privately (i.e., through direct messages, private chat, etc.) is covered by this Privacy Policy.

Do we disclose any information to outside parties?

We will only share your personal information with third parties in certain circumstances:

  • Any personal information you may make available in the communications services on our websites or in communications with us in publicly viewable areas of social media platforms is public by design. Do not share any personal information in those services that you do not want to be made public.

  • We engage certain trusted third parties to perform functions and provide services to us, including cloud hosting services, off-site backups, email service providers, live chat vendors, data analysis vendors, and customer support providers. We will only share your personal information with third parties to the extent necessary to perform these functions, in accordance with the purposes set out in this Privacy Policy and applicable laws.

  • In the event of a corporate sale, merger, reorganization, dissolution, or similar event, your personal information may be sold, disposed of, transferred, or otherwise disclosed as part of that transaction.

  • We may also disclose information about you to third parties where we believe it necessary or appropriate under law, for example: (1) to protect or defend rights, legitimate interests, or property belonging to us or third parties (for example, to enforce our Terms of Service); (2) to respond to valid legal process or lawful requests from public or government authorities, including for national security and law enforcement purposes; or (4) to prevent or investigate possible wrongdoing in connection with the Services or to maintain the security of our Services.

  • We may use and share aggregated non-personal information with third parties for marketing, advertising, and analytics purposes.

Third Party Links

Occasionally, at our discretion, we may include or offer third party products or services on our website. If you access other websites using the links provided, the operators of these websites may collect information from you that will be used by them in accordance with their privacy policies. These third party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Do Not Track

We do not respond to the Do Not Track setting in your browser. While we do not use cookies to collect personally identifiable information or track users’ online activities over time or across different web sites, certain of the third party tracking providers we use (e.g., Google, Facebook) may be able to do so, though we do not have access to that information. For information regarding Do Not Track mechanisms, see http://allaboutdnt.com.

International Transfers

If you are visiting our website or using our Services from outside the United States (U.S.), please be aware that you are sending personal information to the U.S. where our servers are located. The U.S. may not have data protection laws that are as comprehensive or protective as those in your country of residence. However, our collection, storage, and processing of your personal information will at all times be in accordance with this Privacy Policy.

Privacy Laws

Under the applicable laws in certain jurisdictions, you may have certain rights concerning your personal information, such as under European Union, Canadian, or California law, the right to access to, rectification or erasure of, and/or restriction or objection to certain processing of your personal information, and the right to data portability.

You may choose to exercise these rights by sending a written request to the contact email address provided below. In some cases, these access rights may not apply, if the requests are unreasonably burdensome or expensive. We may request specific personal information in order to confirm your identity and protect our other customers, prior to addressing any requests under this section.

If you are a resident in the European Union, you also have the right to at no cost to lodge a complaint with European Union data protection authorities. This right may also exist in other countries. If you have questions please send us an email at the address below, or ask the relevant data protection authority in your country.

Lawful Basis for Processing

To the extent applicable laws in certain jurisdictions require us to state the lawful basis for our processing of your personal information:

  • That lawful basis for processing is generally the legitimate interest listed above under the heading “What are the legitimate interests for which we use your information?”

  • Specifically with respect to marketing communications, we typically rely on your express or implied consent, where consent is implied by your providing us with your contact information in a context in which it is reasonable for to assume implied consent to receiving marketing communications relevant to that context. For example, if you purchase or inquire about our Services, we may provide marketing communications to you related to the Services and similar or related offerings.

Your Choices

You may have the right to request restriction of or object to processing of your personal information, including the right to opt in or opt out of the sale of your personal information to third parties, if applicable, where such requests are permitted by law.

You can opt out of most communications from us by clicking the opt-out link in emails or by emailing us at support@apollographql.com. However, as long as you have an account with us, we will need to send you certain administrative communications, so you can’t opt out of receiving those communications.

Data Retention

We may retain your personal information as long as you continue to use the Services, have an account with us, or for as long as is necessary to fulfil the purposes outlined in this Privacy Policy. You can ask to close your account by contacting us at support@apollographql.com, and we will delete your personal information on request. When you request that we delete your account, your personal information will be permanently expunged from our primary production servers and further access to your account will not be possible. However, portions of your data, consisting of aggregate data derived in part from your personal information, may remain on our production servers indefinitely. Your personal information may also remain on a backup server or media until we overwrite it or deleted according to our standard practices. We keep these backups to ensure our continued ability to provide the Services in the event of malfunction or damage to our primary production servers.

We may, however, retain personal information for an additional period as is required under applicable law or regulations, for prudent tax and accounting purposes consistent with good business practice, or for legal reasons, including as necessary to resolve disputes and enforce our agreements.

Changes to our Privacy Policy

We reserve the right to modify this Privacy Policy at any time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make material changes to this Privacy Policy, you will be notified via email (if you have an account where we have your contact information) or otherwise in some manner through the Service that we deem reasonably likely to reach you (which may include posting a new privacy policy on our website—or a specific announcement on this page or on our blog). Any modifications to this Privacy Policy will be effective upon our posting of the new terms and/or upon implementation of the new changes on the Service (or as otherwise indicated at the time of posting) or on the Effective Date set forth in the modified Privacy Policy. In all cases, your continued use of the Service or Website after the posting of any modified Privacy Policy indicates your acceptance of the terms of the modified Privacy Policy.