This Privacy Statement was updated on November 19, 2019.
Rails Machine, LLC., a Georgia corporation ("RM"), operates this web site. RM regards the privacy and security of user information as a critical component of the service that we offer to our users. The following information explains our information gathering and dissemination practices.
When you access certain areas of our web site, we may ask you to give us information about yourself ("Registration Data").
We use Registration Data to tailor our site and service to your particular needs. We also use Registration Data to send you information about our company, products and services and to keep you informed of enhancements and complementary products in which you might be interested. We use demographic and profile information to tailor your experience at our site, showing you the content that we think you might be interested in as well as displaying the content according to your preferences. You may choose to stop receiving future communications from us. Please see the Opt-Out and Discontinue Section below.
IP addresses are used by your computer every time you are connected to the Internet. Your IP address is a number that is used by computers on the network to identify your computer. IP addresses are automatically collected by our web server as part of demographic and profile data known as "traffic data" so that data (such as the Web pages you request) can be sent to you. RM will not use your IP address to attempt to identify your personal information.
A Referer is the information passed along by a web browser that references the Web URL you linked from, and is automatically collected by our web server as "traffic data". This information is used by RM to identify broad demographic trends that may be used to provide information tailored to your interests. You will not be personally identified from this information.
System information we collect as part of "traffic data" includes time, the type of web browser being used, the operating system/platform, and CPU speed. This information is sent automatically by your web browser when you are connected to a web site. This information is used by RM in identifying broad demographic trends and may be used to provide information appropriate for your computer system. You will not be personally identified from this information.
RM feels strongly that your personal data should only be seen by you, unless you choose to share it with others. We will never sell, rent, license or exchange personally identifiable data with a third party without your permission. No personally identifiable data or information will be shared with advertisers or partners without your permission. Some of your information may be shared on an aggregate basis only, as a part of a larger set of statistics (for example, statistics that indicate the percentage of our members that are female), but that information will not be sufficient to permit the recipient to identify you. Notwithstanding the forgoing, RM will only disclose personally identifiable data without your permission in the following limited circumstances: (i) if RM is required to do so by law, or (ii) if RM has the good faith belief that such action is necessary to conform to applicable laws or comply with legal process served on RM, or to protect and defend the rights or property of RM or another subscriber or to enforce the Terms of Service.
This web site contains links to other web sites. RM advertisers may also have links on this web site. The privacy practices of those advertisers or web sites linked to RM are not covered by this privacy statement and RM is not responsible for the privacy practices or the content of such web sites. Additionally, if you make a purchase from a store or merchant listed on or linked to the RM web site, any information that you give, such as your credit card number and contact information, is provided to those merchants. These merchants have separate privacy and data collection practices and RM has no responsibility or liability for these independent policies. You should be careful to review any privacy policies posted on any linked sites before signing up with and using them.
We do not collect any registration information form users who indicate they are under the age of thirteen (13). If a user under the age of thirteen (13) attempts to register with RM, RM notifies the user that he or she is not eligible to become a member of RM's service and we do not collect or use any personal information from that child. Except in those limited instances described above, RM will not share personally identifiable information about our users with third parties without your permission, and we do not sell, license or rent personal information about any of our members, regardless of age.
Information collected by RM is stored in secure operating environments that are not available to the public. All of our employees are dedicated to maintaining and upholding your privacy and security and are aware of our privacy and security policies. Unfortunately, no data transmission over the Internet can be guaranteed 100% secure. As a result, while we strive to protect your personal information, RM cannot ensure or warrant the security of any information you transmit to us from our online products or services, and you do so at your own risk. Once we receive your transmission, we make our best efforts to ensure its security on our systems.
At any time, our customers may request access to the personal information stored at RM by sending an email to firstname.lastname@example.org. Our team can provide that information and assist you with updating or removing any information at the customer or authorized representative's request.
You may elect to avoid future communications from RM by sending us an email at email@example.com indicating your Username and E-mail address and requesting to opt-out and discontinue future communications. Under urgent circumstances, RM may be required to send you information about the service or your account, but RM will not send you unsolicited communications regarding any commercial offers or advertisements if you have opted out or discontinued the service.
The Global Data Protection Regulation applies to all entities and individuals based in the EU and to any individuals that process the personal data of individuals residing inside the EU. These laws control how businesses collect, process, store, and destroy all manner of personal and personally identifiable data to ensure it is handled lawfully, and with privacy and best interest of the individual in mind.
Rails Machine's Data Center is located in the United States but provides service for customers all over the world. For this reason, we have taken reasonable steps to ensure GDPR compliance where possible. Ultimately we cannot control how a customer uses an individual instace, but provide assistance wherever possible to those customers in meeting and maintaining GDPR compliance.
RM acts as both data processor and data controller under the GDPR.
As Data Processor, RM Customers in and out of the EU may use our services to process EU personal data. In those instances it is up to the customer to comply with specific GDPR legal obligations, and the RM Team is available to assist with any part of that process. RM will only process information housed on customer instances at the direct request and under the supervision of the customer, and exclusively pursuant to our role in supporting that customer.
As Data Controller, RM will store only such information provided by customers as is necessary to provide their security and support along with technical and administrative contact information. This information would include such items as Customer Names, authorized contacts, phone numbers, email addresses, and IP addresses. This data is stored securely, only used in the scope of providing services and security, and may be updated or removed at any time on request.
By agreeing to our Terms of Service and Master Service Agreements, you have automatically accepted our DPA. A copy of our DPA is available here for your reference.
Rails Machine, LLC. complies with the EU‑U.S. Privacy Shield Framework set forth by the United States Department of Commerce with respect to the collection, use and retention of Personal Data transferred from the European Union and the United Kingdom to the United States as further described in the Scope section below. This Privacy Shield Policy outlines our commitment to the Privacy Shield Principles (the “ Principles”) and our practices for implementing the Principles. If there is any conflict between the terms in this Privacy Shield Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield Framework, please visit the Department of Commerce’s dedicated Privacy Shield website, located here.
Rails Machine provides hosting and managed services for customers around the world, however we only collect such data as is willfully provided by the customer for the performance of our support duties. The data hosted on machines provided by Rails Machine, LLC. to our customers, are the sole property of the customer, and Rails Machine personnel will only interact with that data at the request of and under the direct supervision of that customer. Data intentionally collected by RM is limited to Customer/Client data for billing and technical support contacts and are used soley for that purpose. No data is shared with any other entities unless at the request of the customer specifically, or unless required to do so by law or legal process. This may include requests to meet national security or law enforcement requirements. Onward transfers to other third parties will only be completed under the written request and under the supervision of the requesting customer. As Rails Machine does not inspect this data, we can not be held liable for onward transfers to third parties requested by our customers of their data. It is the responsibility of the customer to make the necessary precautions and notifications for their organization's Privacy Shield and GDPR compliance.
In the context of an onward transfer Rails Machine, LLC has responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its customer's behalf. Rails Machine, LLC. shall remain liable under the Principles if it processes such personal information in a manner inconsistent with the Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
Individuals in the European Union generally have the right to access their Personal Data. As an agent processing Personal Data on behalf of its Customers, Rails Machine does not own or control the Personal Data that it processes on behalf of its Customers or their Users and does not have a direct relationship with the Users whose Personal Data may be processed in connection with providing the Service. Since each Customer is in control of what information, including any Personal Data, it collects from its Users, how that information is used and disclosed, and how that information can be changed, Users of our hosting and support service should contact the applicable Customer administrator with any inquiries about how to access or correct Personal Data contained in Customer Data. To the extent a User makes an access or correction request to Rails Machine, we will refer the request to the appropriate Rails Machine Customer and will support such Customer as needed in responding to any request. To access or correct any General Information Customer has provided, the Customer should contact the Rails Machine representative directly or by using the contact information indicated below.
If Rails Machine, LLC. maintains your personal data in of it's services or customer's services within the scope of our Privacy Shield Certification, you may direct inquiries or complaints concerning that compliance to support @ railsmachine.com. Rails Machine, LLC personnel shall respond within 45 days. If your complaint cannot be resolved through our internal processes, Rails Machine will cooperate with JAMS pursuant to the JAMS Mediation Rules available here. The mediator, Customer, or User, may also refer the matter to the U.S. Federal Trade Commission, which has Privacy Shield investigatory and enforcement powers over Rails Machine, LLC. Under certain circumstances, Customers and Users may be able to invoke binding arbitration to address complaints about Rails Machine’s compliance.
Rails Machine, LLC
Submit a Support Request : support.railsmachine.com