Chef Privacy Policy

March 31st, 2017

This privacy policy (“Policy”) explains how Personal Information is collected, used, and disclosed by Chef Software Inc. (“Chef, “we” or “us”) with respect to use by website users, training and event registrants/participants, newsletter/information recipients, promotion participants, online community participants, those making product or purchase inquiries and others (collectively referred to as “You” or “Customers” or “Users”) of any Web sites operated by Chef that link to this Policy, including without limitation Chef.io, inspec.io and habitat.sh (collectively the “Sites”) and any services or products provided to you by Chef (the “Services”). It also describes your choices regarding use, access and correction of your personal information.

We reserve the right to change the provisions of this Policy at any time. We will alert you that changes have been made by indicating on the Policy the date it was last updated. We encourage you to review this Policy from time to time to make sure that you understand how any Personal Information you provide will be used.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Sites or Services. By accessing or using the Sites or Services, you agree to this privacy policy. Your continued use of the Sites or Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.

IMPORTANT NOTE FOR EUROPEAN USERS AND CUSTOMERS

Please note that information covered by this Privacy Policy will be hosted and stored in the United States of America, which does not have similar data protection laws as the European Union and that, due to differing laws and legal practice, law enforcement agencies in the United States may have access to your Personal Information.

EU-U.S. Privacy Shield

Chef (and its subsidiary companies Chef Software GmbH and Chef Software UK Ltd.) participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework.  Chef is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles.  To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.

Chef is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to third parties acting as an agent on its behalf.  Chef complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Chef is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Chef may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.  

Under certain conditions, more fully described on the Privacy Shield website, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.  

U.S. – Swiss Safe Harbor Framework

Chef complies with the U.S. – Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from Switzerland. Chef has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Chef’s certification, please visit http://www.export.gov/safeharbor.

WHAT IS PERSONAL INFORMATION?

As used herein, the term “Personal Information” means information that specifically identifies an individual (such as a name, address, telephone number, mobile number, e-mail address, or credit card or other account number); information about that individual’s location or activities, such as information about his or her use of the Sites and Services, when directly linked to personally identifiable information; and demographic information such as date of birth, gender, geographic area and preferences when such information is linked to other Personal Information that identifies you. Personal information does not include “aggregate” information, which is data we collect about the use of the Sites or about a group or category of products, services or users, from which individual identities or other Personal Information has been removed. In other words, information about how you use a Service may be collected and combined with information about how others use the same Service. Aggregate data helps us understand trends and our users’ needs so that we can better consider new features or otherwise tailor our Sites. This policy in no way restricts or limits our collection and use of aggregate information.

WHAT PERSONAL INFORMATION DO WE COLLECT?

Active Collection: We may collect certain information you voluntarily provide to us which may contain Personal Information. For example, we may collect your name, user name, address, email address, telephone number, other contact and demographic information when you register and set up an account, fill out a form, submit a comment or contact us by e-mail or other means. We may also collect billing information, such as your credit card number, when you purchase Services or other items through the Sites. Personal and demographic information may also be collected if you provide such information in connection with creating a profile, leaving comments, posting content, sending an email or message to another user or otherwise participating in any interactive forums or community features on the Sites.

Automatic Collection: When you use the Sites, some information is also automatically collected, such as your Internet Protocol (IP) address, your operating system, the browser type, the address of a referring web site, and your activity on the Site. We treat this information as Personal Information if we combine it with or link it to any of the identifying information mentioned above. Otherwise, it is used in the aggregate only. When you use our Software, we will (if available) be able to see the relevant software licence key. If the Software is licensed by us, we will be able to link that information with a specific license for the Software you are using. As for when you use our Sites, when you use our Software, we will automatically collect your IP address and operating system information. We also collect information on features used (such as API) and information on how frequently our Software is used.

The Software will generate a unique ID code for each user but we will not be able to link this unique ID code to an individual

Cookies:  We may automatically collect certain information through the use of “cookies” and similar tracking technologies. Please see our Cookie Policy at https://www.chef.io/cookie-policy/

We also partner with third party partners to display advertising on our website. Our third party partner may use cookies or similar technologies in order to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising click here or if located in the European Union click here. Please note you will continue to receive generic ads.

Information You Provide to Us: You also may provide information in your profile, recipe pages, blogs, bulletin boards, forums and other community areas of the Sites (the “Community Areas”), to be transmitted to other users of the Sites or third parties, as well as any information you share with individuals through the Sites (collectively, “User Contributions”). Your User Contributions are posted on and transmitted to others at your own risk. We cannot control the actions of other users of the Sites with whom you may choose to share your User Contributions. Therefore, we cannot and do not guarantee that your User Contributions will not be viewed by unauthorized persons. You understand that when you use the Community Areas, your User Contributions will be available to other users and in some cases may be publicly available. We recommend you be cautious about giving out Personal Information to others or sharing Personal Information in Community Areas, whether designated as public or private. We are not responsible for the Personal Information you choose to share in these Community Areas or for the actions of any third parties with whom you share Personal Information.

HOW DO WE USE THE PERSONAL INFORMATION WE COLLECT?

In general, we use Personal Information to process your requests or transactions; to provide you with information, products or Services you request; to inform you about other information, events, promotions, products or services we think will be of interest to you; to facilitate your use of, and our administration and operation of, the Site; and for the purpose for which the information was provided. For example, we may use the information we collect:

  • To send you a welcoming email and to contact you about your use of the Site;
  • To provide the services, products or information you request and to complete any transactions and process any payments in connection therewith;
  • To respond to your emails, submissions, comments, requests or complaints;
  • To request feedback and to enable us to develop, customize and improve the Sites and our products and services;
  • To analyze data and trends and to personalize and improve site content and features and your experience on the site, such as providing content or features to match your profile and interests;
  • To contact you about our or our third party’s services, products, activities, special events or offers, and for other internal marketing, informational, product development and promotional purposes
  • To present our Sites and its contents to you
  • To provide you with information, products or services that you request from us
  • To fulfill any other purpose for which you provide it
  • To provide you with notices about your account or subscription, including expiration and renewal notices
  • To carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection
  • notify you about changes to our Sites or any products or services we offer or provide though it
  • To allow you to participate in interactive features on our Sites.
  • In any other way we may describe when you provide the information

Personal Information provided online may be linked together or merged with other Personal Information so that we may better understand your needs and inform you about our products or services and those of our partners. In addition, if we receive information from third parties with whom we have business relationships, we may combine this information with the other Personal Information we maintain about you.

Chef may store and process Personal Information in the United States and other countries.

WHAT PERSONAL INFORMATION DO WE SHARE WITH OTHER PARTIES?

We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.

We will not share the Personal Information we collect from you through the Sites with third parties except as described in this Policy, as it may be revised from time to time. We may share Personal Information with vendors, consultants and other service providers (“Service Providers”) who are engaged by or working with us in connection with the operation of the Sites or the services we provide and who need access to such information to carry out their work for us. For example, Chef may use a third party to manage credit card processing. In some cases, the Service Provider may be directly collecting the information from you on our behalf. These companies are authorized to use your personal information only as necessary to provide these services to us.  

We may also share Personal Information with other third parties when you give us your consent to do so. We are not responsible for the actions of  third parties, nor are we responsible for any additional information you provide directly to any third parties, and we encourage you to become familiar with their practices before disclosing information directly to them. Nothing herein restricts the sharing of aggregate information, which may be shared with third parties without your consent.

We may disclose Personal Information in the good faith belief that we are lawfully authorized or required to do so, or that doing so is reasonably necessary or appropriate to comply with the law or with legal process or authorities, respond to any claims, or to protect the rights, property or safety of Chef, our users, our employees or the public, including without limitation to protect Chef or our users from fraudulent, abusive, inappropriate or unlawful use of our Sites. If you send us a notification of claimed infringement under the Digital Millennium Copyright Act, any Personal Information in your notification may be shared with the person or entity who you claim is infringing your copyrighted material. Information about our users, including Personal Information, may also be disclosed or transferred as part of, or during negotiations of, any merger, sale of company assets, financing or acquisition or in any other situation where Personal Information may be transferred as one of the business assets of Chef.

For Example, we may disclose Personal Information that we collect or you provide as described in this privacy policy:

  • To our subsidiaries and affiliates
  • To contractors, service providers and other third parties we use to support our business and who are bound by contractual obligations to keep Personal Information confidential and use it only for the purposes for which we disclose it to them
  • To third parties we have engaged as partners to facilitate the sale of our Services
  • To a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Chef’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Information held by Chef about our Sites users is among the assets transferred
  • To fulfill the purpose for which you provide it
  • For any other purpose disclosed by us when you provide the information
  • With your consent

We may also disclose your Personal Information:

  • To comply with any court order, law or legal process, including to respond to any government or regulatory request.
  • To enforce or apply our terms of use, terms of sale, trademark policy and other agreements, including for billing and collection purposes.
  • If we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Chef, our customers or others.

WHAT STEPS DO WE TAKE TO PROTECT YOUR INFORMATION ONLINE?

Chef has implemented measures designed to secure Your Personal Information from accidental loss, and from unauthorized access, use, alteration, and disclosure. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, you can contact us at privacy@chef.io   We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.

The safety and security of Your information also depends on You. Where Chef has given You (or where You have chosen) a password for access to certain parts of the Sites, You are responsible for keeping this password confidential. We ask you not to share your password with anyone, and we urge you to be careful about giving out information in public areas of the Sites like message boards. The information You share in public areas may be viewed by any user of the Sites.

WHAT CHOICES DO YOU HAVE REGARDING THE USE OF YOUR INFORMATION?

You may opt out of receiving promotional emails from Chef by following any instructions in those emails. You may also send requests about your contact preferences and changes to your information by emailing support@chef.io. However, if you opt out, this will not affect our ability to send you service and account related emails, or other non-promotional emails, or to use your Personal Information as otherwise described in this Policy.

LINKS TO OTHER WEB SITES

Our web site may contain links to other web sites. Any Personal Information you provide on the linked pages is provided directly to that third party and is subject to that third party’s privacy policy. We are not responsible for the content or privacy and security practices and policies of web sites to which we link. Links from our web site to third parties or to other sites are provided for your convenience. We encourage you to learn about their privacy and security practices and policies before providing them with Personal Information.

HOW CAN YOU CORRECT AND UPDATE YOUR PERSONAL INFORMATION OR OBTAIN ADDITIONAL INFORMATION

If you wish to verify, correct, update or delete any Personal Information we have collected, you may do so by emailing privacy@chef.io. Requests to access, change, or delete your information will be handled within 30 days. Questions regarding this Policy or the information practices of the Company’s Web sites should be directed to Chef Privacy by clicking here or by mailing Chef, Attn: Legal Department, 619 Western Avenue, Suite 400, Seattle, WA 98104.

CHILDREN UNDER THE AGE OF 13

Our Sites are not intended for children under 13 years of age. No one under age 13 may provide any information to or on the Sites. We do not knowingly collect Personal Information from children under 13. If you are under 13, do not use or provide any information on the Sites or on or through any of its features, make any purchases through the Sites, use any of the interactive or public comment features of this Sites or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or user name you may use. If we learn we have collected or received Personal Information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at legal@chef.io.

YOUR CALIFORNIA PRIVACY RIGHTS

California Civil Code Section § 1798.83 permits users of our Sites that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to marketing@chef.io or write us at: Chef Inc., 619 Western Avenue, Suite 400, Seattle, WA 98104.

CHANGES TO OUR PRIVACY POLICY

It is our policy to post any changes we make to our privacy policy on this page. If we make material changes to how we treat our users’ Personal Information, we will notify you by e-mail to the primary e-mail address specified in your account and/or through a notice on the Site’s home page. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable e-mail address for you, and for periodically visiting our Sites and this privacy policy to check for any changes.

CONTACT INFORMATION

To ask questions or comment about this privacy policy and our privacy practices, contact us at: legal@chef.io.

Chef Software Inc. 619 Western Avenue, Suite 400 Seattle, WA 98104.