Global Privacy Policy

I. Introduction

This Global Privacy Policy (“Privacy Policy”) sets forth the principles and practices by which MinIO, Inc. and its affiliates (“MinIO”, “We”, “Our”, or “Us”) processes, collects, uses, discloses, and protects personal data in connection with your (“Your” or “You”) use of MinIO products, services, websites, events, and business promotions.

This Privacy Policy does not apply to situations where we act on behalf of our customers, generally in the role as “data processor” or “service provider”, as defined by applicable data protection laws, in relation to the data our customers submit, manage, use, or process through or as part of our services.

‍

II. What Personal Data Does MinIO Collect?

When We use the term “personal data” in this Privacy Policy, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual. The term does not include aggregate or de-identified data that is maintained in a form that is not reasonably capable of being associated with or linked to an individual and does not apply to other information that is excluded from privacy protections under applicable data protection law. 
We collect Your personal data in four ways: (i) Personal Data Provided Directly by You, (ii) Personal Data Automatically Collected, and (iii) Personal Data from Third Parties. More detail is provided below. 

MinIO may collect the following categories of personal data:

1. Personal Data Provided Directly by You:
   • We collect personal data that You provide when you contact or interact with Us, such as your name, mailing address, email address, telephone number, account login credentials, information submitted via web forms or event registrations, and other information you provide to us in connection with your participation in free trials and evaluations of Our products and services, webinars, community and help forums, surveys, research and promotions. 
   • We may collect other information you choose to provide when submitting a request, such as Your employer name, questions, comments, feedback, or requests. 
   • When You make a purchase on our websites or with Our staff, including the purchase of MinIO products and services, We collect information about the purchase, such as contact information, billing and payment information, items You have purchased, and professional information. 
   • We collect data and information You voluntarily provide to Us in Your use of our support services portal (“SUBNET”) such as Your name, username, email, cluster information and other personal data You provide to Us via SUBNET to complete the request or solve the issue.
2. Personal Data Collected Automatically:
   • We use cookies and similar technologies to operate, analyze, and help improve Our website. For example, We use cookies to remember your language preferences and login information, as well as to analyze our website traffic patterns. To learn more about our use of cookies, please see our Cookies Policy. We will obtain your consent to Our use of cookies where required by applicable law. 
   • We collect certain device and network connection information when You access and interact with Our website. This information includes: IP addresses, approximate geolocation, date and time of requests (including time zone), URL requests and related metadata, browser and operating system details, referring URL and interaction history, other identification numbers associated with Your device, and other data necessary to provide the website to You.  
   • When you download or use Our products or interact with our support services, including through SUBNET, we collect certain usage and technical information, such as Usage Data (as defined in Your applicable agreement with MinIO), cluster and node configuration, status and performance information, usage metrics, software related logs, operating information, support ticket attachments, account information, and other information You may voluntarily provide via SUBNET.
3. Personal Data from Third Parties:
   • We obtain personal data from our service providers and business partners, which We may combine with personal data We collect automatically or directly from You. Such third parties may include Your employer or organization, Our service providers, analytics providers, advertising networks, or integrated third-party tools, social media platforms (if You choose to link or engage with MinIO profiles), and Our customers or business partners who provide information in connection with the use of Our services. 

III. How We Use Personal Data

MinIO uses personal data for the following purposes:

1. Product and Service Provision:
   • To operate, provide, and improve the products, services, and website 
   • To contact You regarding informative communications regarding the products and contracted services when necessary or reasonable for their implementation, including security updates
   • To process and complete transactions and send related information including invoices 
   • To respond to Your inquires, manage Your account, deliver products and services to You, and provide customer service and support 
   • To send You transactional messages, such as responses to Your comments, questions, and requests; and send You technical notices, updates, security alerts, and support and administrative messages 
2. Product and Service Improvement:
   • To analyze usage patterns, debug issues, and optimize content and functionality within Our services and website 
3. Security:
   • To detect, investigate, and prevent unauthorized use, fraud, abuse, or suspicious or illegal activity, and to ensure the stability and security of MinIO’s services, products, and website 
4. Legal Compliance:
   • To comply with applicable laws, regulations, and legal obligations including court orders, and to protect MinIO’s legal rights and the security of Our products, services and website 
5. Marketing and Communications:
   • To send updates, promotional offers and communications, or newsletters, including providing You with information about us and Our partners and customers, unless You have opted not to receive such information 
   • To monitor and analyze trends, usage, and activities in connection with our website and services, and Your use of our content, including for marketing or advertising purposes 
   • From time to time, We may post testimonials on Our website that may contain personal data. We will obtain your consent to post Your name along with your testimonial. If You wish to update or delete your testimonial, You can contact us at compliance@minio.io 
   • You may manage Your preferences or withdraw consent at any time 
6. Events:
   • To complete your requests as they relate to events held or sponsored by Us, such as registration, to enable Your participation and access, to assist with Your purchase of an event ticket, and all other marketing purposes.

For other purposes for which we obtain Your consent, or for any other purpose disclosed at the time of collection. 

‍

IV. How We Share Your Personal Data

• We share your personal data as necessary to provide the products, services, and website to You. 
• We may share your personal data to Our authorized resellers and technology partners for the reasons provided above. 
• We provide Your personal data to contractors, service providers, and other third parties to support Our business, which are bound by obligations to keep personal data confidential and use it only for the purposes for which we disclose it to them. For any data subject request please contact compliance@minio.io. 
• We may disclose your personal data to third parties (e.g., a buyer or other successor) in connection with a corporate transaction, such as a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of a bankruptcy, liquidation, or similar proceeding, in which personal data held by Us in the capacity of Data Controller is among the assets transferred. 
• We may access, preserve, and share Your personal data with third parties when required by law or if We have good faith belief that it is necessary to: 
  • comply with applicable law, legal process, or government requests, as consistent with international recognized standards;
  • comply with a subpoena, court order, or legal process served on Us; 
  • establish or exercise our legal rights or defend against legal claims; or 
  • protect the property, interests, or personal safety of our agents, employees, customers, or the public. 
• Under such circumstances, We may be prohibited by law, court order, or other legal process from providing notice of the disclosure, and We reserve the right to not provide such notice in Our sole discretion. 
• We may share Your personal data for other purposes for which we obtain Your consent. 

‍

V. Your Rights and Choices

MinIO is committed to upholding Your rights in connection with your personal data, in accordance with applicable global data protection laws. 
Depending on your jurisdiction, You may have the following rights with respect to your personal data:

• Access: Request confirmation as to whether MinIO processes your personal data and, if so, obtain a copy of such data and information about its processing 
• Correction (Rectification): Request correction of inaccurate or incomplete personal data held by MinIO. 
• Deletion (Erasure): Request deletion of Your personal data where permitted by law, such as when the data is no longer necessary for the purposes for which it was collected. 
• Restriction of Processing: Request that MinIO restrict the processing of Your personal data under certain circumstances, for example, if You contest the accuracy of the data or object to its processing. 
• Objection to Processing: Object to the processing of Your personal data where processing is based on legitimate interests or for direct marketing purposes. 
• Data Portability: Request to receive Your personal data in a structured, commonly used, and machine-readable format, and to have that data transmitted to another controller where technically feasible. 
• Withdrawal of Consent: Where processing is based on your consent, You have the right to withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. You may manage Your preferences or withdraw consent for marketing communications at any time by following the instructions provided in such communications or by contacting MinIO directly.
• Complaint: Lodge a complaint with a competent data protection authority if You believe your rights have been violated or if you are dissatisfied with MinIO’s response to Your request. 

To exercise any of Your rights described above, please contact MinIO at compliance@minio.io. Please note that you may not be able to benefit from all features of our website if You request the deletion of Your personal data or object to or withdraw your consent to such processing. If You are not satisfied with how we have responded to any of Your rights requests, You also have the right to lodge a complaint with Your local supervisory authority. 

‍

VI. Our Legal Bases for Processing Your Personal Data

MinIO processes personal data only where permitted by applicable law and in accordance with recognized legal bases under global data protection frameworks. The lawful grounds for processing personal data may include, but are not limited to, the following:

• Consent: Where required by applicable law, MinIO will obtain Your explicit consent before processing Your personal data for specific purposes, such as for marketing communications or the use of certain cookies and tracking technologies. You may provide Your consent when signing up for events, newsletters, or requesting a demo of our services. You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal. 
• Contractual Necessity: MinIO may process personal data as necessary to enter into or perform a contract with You, including the provisioning of products and services, enabling account management, purposes of enabling you to become a customer or partner, communicating with You regarding orders, providing customer support, and enforcing our terms and policies. This basis applies when processing is required to fulfill our contractual obligations or to take steps at your request prior to entering into a contract. 
• Legal Obligation: Processing may be necessary for MinIO to comply with legal or regulatory obligations, such as employment, taxation, record-keeping, responding to lawful requests from authorities, or fulfilling statutory requirements under applicable data protection laws. 
• Legitimate Interests: MinIO may process personal data where it is necessary for the purposes of legitimate interests pursued by MinIO or a third party, provided that such interests are not overridden by Your fundamental rights and freedoms. Legitimate interests may include ensuring the security and functionality of our services, preventing fraud or abuse, improving our offerings, and maintaining business operations. Where processing is based on legitimate interests, MinIO will conduct a balancing test to ensure that Your privacy rights are respected. 

MinIO will identify and document the applicable legal basis for each processing activity, as required by applicable law.

‍

VII. California Privacy Rights (CCPA/CPRA)

MinIO does not sell personal information as defined under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) unless permitted by applicable law and provided You have consented. Unless You have provided Your consent, We do not share personal information for cross-context behavioral advertising purposes. California residents have the right to opt-out of the sale or sharing of their personal information. If You are a California resident, You may exercise Your privacy rights by contacting us at compliance@minio.io.

‍

VIII. International Data Transfers

MinIO may transfer personal data to jurisdictions outside of your country of residence, including to the United States and other countries where MinIO or its service providers operate. Such transfers are conducted in compliance with applicable data protection laws and are subject to appropriate safeguards to ensure the protection of Your personal data. Personal data may be transferred to, processed in, or accessed from countries that may not provide the same level of data protection as Your home jurisdiction. These transfers are necessary for the provision of MinIO’s products and services, including support, security, and operational functions. 

1. Legal Mechanisms. To facilitate international transfers of personal data, MinIO implements one or more of the following legally recognized mechanisms, as appropriate: 
   
   • ‍EU Standard Contractual Clauses (SCCs): For transfers from the European Economic Area (EEA), MinIO relies on the European Commission’s Standard Contractual Clauses (2021 version) to ensure an adequate level of data protection.
   • ‍UK International Data Transfer Addendum: For transfers from the United Kingdom, MinIO incorporates the UK International Data Transfer Addendum to the SCCs, as required by UK data protection law. ‍
   • Adequacy Decisions: Where applicable, MinIO may transfer personal data to countries that have been recognized by relevant authorities (such as the European Commission or UK government) as providing an adequate level of data protection.
   • Additional Safeguards: In addition to contractual measures, MinIO implements technical and organizational safeguards, including encryption, access controls, and data minimization, to further protect personal data during and after transfer. 

IX. Data Retention

MinIO retains personal data only for as long as necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy, or to comply with legal, contractual, or regulatory obligations, and for the exercise or defense of legal claims. The retention periods will be different depending on the type of personal data and the purposes for which we use the personal data. 

‍

X. Security Measures

MinIO is committed to safeguarding personal data through the implementation of robust technical and organizational security measures. These measures are designed to protect data against unauthorized access, disclosure, alteration, loss, or destruction, and to ensure the ongoing confidentiality, integrity, and availability of personal data processed, accessed, or used by MinIO.

MinIO regularly reviews and updates its security measures to address new risks, technological advancements, and changes in regulatory requirements. Security practices are integrated into product development and operational processes in accordance with privacy by design principles.

For questions or concerns regarding security measures, or to report a potential security incident, please contact MinIO at compliance@minio.io↗.

‍

XI. Children’s Privacy

MinIO’s products, services, and websites are not intended for use by children under the age of 13 (or under 16 where required by applicable law, such as in the European Union). MinIO does not knowingly collect, process, or store personal data from children below these age thresholds without verifiable parental consent, as required by law. MinIO is committed to complying with all applicable laws and regulations regarding children’s privacy and to protecting the personal data of minors in accordance with industry best practices. If You believe We might have any information from or about a child under 13, please contact us at compliance@minio.io↗.

‍

XII. Internet-Based Advertising

We may partner with third-party advertising networks and service providers to display ads on our services and other websites you visit. These partners may use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing activities across websites and devices. Where required by applicable law, We will obtain Your consent before engaging in interest-based advertising. You may opt out of interest-based advertising through: (i) the Digital Advertising Alliance at www.aboutads.info/choices (US), (ii) the European Interactive Digital Advertising Alliance at www.youronlinechoices.eu (EU), (iii) the Digital Advertising Alliance of Canada at youradchoices.ca (Canada), (iv) the Network Advertising Initiative at www.networkadvertising.org/choices, or (v) Your mobile device settings for app-based advertising.

‍

XIII. Links to Other Websites

Our website may contain links to other websites. We are not responsible for the privacy practices of any websites other than Our own. This Privacy Policy applies only to information collected by Us on Our website and not to any third-party websites. We encourage You to review the privacy statements of any such websites to understand their information practices. 

‍

XIV. Policy Updates

MinIO may update or revise this Privacy Policy from time to time, in Our sole discretion, to reflect changes in legal requirements, business practices, or technological advancements. Any such changes to this Privacy Policy will become effective when they are posted on this page.  The “Last Updated” date at the top of this Privacy Policy will always indicate the most recent version. 

‍

XV. Contact and Support

For questions, concerns, or to exercise Your rights under this Privacy Policy, please contact MinIO using the information below:

Email:

compliance@minio.io↗

Mailing Address:

MinIO, Inc. ℅ Compliance Department
275 Shoreline Drive, Ste. 100
Redwood City, CA 94065