Privacy Policy

  1. ABOUT THIS PRIVACY POLICY. This privacy policy sets out how and why Qumulo collects and uses your personal data when you visit this website, including any data you may provide through this website.The policy also explains how we protect your information and the privacy rights you have by law.It is important that you read this privacy policy together with any other privacy notice we may provide you when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements the other notices and is not intended to override them.We update this privacy policy from time to time. This version was last updated on 11/29/2018. When we make changes to our privacy policy, we will keep the prior version on our website and clearly show the changes between versions.
  1. WHO WE ARE AND OUR DATA PROTECTION REPRESENTATIVEQumulo is made up of the following legal entities: Qumulo, Inc., Qumulo Ltd., Qumulo GmbH, and Qumulo Storage Canada, Ltd. This privacy policy is issued on behalf of all of the Qumulo legal entities so when we mention “Qumulo”, “we”, “us” or “our” in this privacy policy, we are referring to the relevant legal entity responsible for processing your data. Qumulo, Inc. is the data controller and responsible for this website.Qumulo is the pioneer and leader in file storage for the cloud era. Qumulo File Fabric (QF2) gives data-intensive businesses the freedom to store, manage and access petabytes of file-based data in the data center and in the cloud at a global scale. Founded in 2012 by the inventors of scale-out NAS, Qumulo serves the modern file storage and management needs of Global 2000 customers.We have appointed a Data Protection Representative for managing our data protection matters and fielding questions about this privacy policy. The contact details of our Data Protection Representative are set out below in the Contact Details (section 16).
  1. THE TYPES OF DATA WE COLLECT AND HOW WE COLLECT ITTypes of Data.  We collect, use, store and transfer different types of both personal and non-personal information through our website.Personal data, or personal information means any information about an individual from which that person can be identified. It does not include data from which you cannot identify a person.We collect the following categories of personal data about you:
    • Identity Data collected via form fill and may include first name, last name, username or similar identifier, title, and company-related information.
    • Contact Data collected via form fill and may include billing address, delivery address, email address and telephone numbers.
    • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
    • Profile Data includes your username and password, your interests, preferences, feedback and survey responses.
    • Usage Data includes information about how you use our website, products and services.
    • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

    We also collect, use and share non-personal information such as statistical data for any purpose. This non-personal information may be derived from your personal data but is not considered personal data by the law as this data does not directly or indirectly reveal your identity.  For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.

    If we combine any non-personal information with your personal data so that you can be identified from it, we will treat the combined data as personal data which will be used and protected in accordance with this privacy policy.

    We do not collect any Special Categories of Personal Data about you (such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

    How we collect data. We collect data in different ways through our website. You may provide us the data directly when you:

    • register an account;
    • sign up to our newsletter or marketing materials;
    • request marketing to be sent to you; or
    • provide us with feedback or contact us.

    Additionally, through the use of cookies, server logs and similar technologies, we may automatically collect Technical Data about your equipment, browsing activity and patterns. Please see the section below on COOKIES and our Cookie policy for more information.

    We may also receive personal data about you from certain third parties as follows:

    • ZoomInfo
    • Leadspace
    • DataBees
    • Intentsify
    • Hotjar
    • Drift
    • Marketo
    • Qumulo Approved Channel Partners

    If you wish to find out more about how these third parties have acquired your information, and how they use it, please visit their websites.

  1. WHAT HAPPENS IF YOU FAIL TO PROVIDE PERSONAL DATA TO US? If you fail to provide personal data that we need to perform a contract with you or by law, then we may not be able to provide you with the product or service the contract relates to. We will notify you when this is the case.
  1. COOKIES We may use cookies on our website. For more information on how we may use cookies and how you can disable or refuse cookies, please see our cookie policy.
  1. HOW WE USE YOUR DATA – THE PURPOSES AND LAWFUL GROUNDS FOR PROCESSINGPurposes and Lawful Bases.  We will use your personal data only where we have a lawful basis for doing so. We process your personal data for a number of purposes. The lawful basis for processing your personal data will depend on the purpose for which it was obtained.  The table below sets out the purposes for which we may process your personal data and the relevant lawful basis/bases that allow for that processing:
    Purpose of Processing Type(s) of Data Our Lawful Basis for Processing
    Managing our relationship with you
    • Identity Data
    • Contact Data
    • Profile Data
    • Necessary to comply with a legal obligation
    • To perform a contract with you
    Administration purposes and the protection of our business and the website – e.g. troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data
    • Identity Data
    • Contact Data
    • Technical Data
    • Necessary for our legitimate interests* –  in running our business, the provision of administration and IT services, network security and fraud prevention and for business reorganisations or group restructuring exercises
    • Necessary to comply with a legal obligation

    Marketing and promotions:

    • Sending you marketing communications or newsletters
    • Asking you to complete a survey or leave a review
    • To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you
    • To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
    • To make suggestions and recommendations to you about goods or services that may be of interest to you
    • Identity Data
    • Contact Data
    • Profile Data
    • Usage Data
    • Marketing and Communications Data
    • Technical Data
    • Explicit Consent
    • Necessary for our legitimate interests* (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)
    • Necessary for our legitimate interests* (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
    • Necessary for our legitimate interests* (to develop our products/services and grow our business)

    *“Legitimate interests” means our legitimate interests in conducting and managing our business where these interests are not overridden by your fundamental rights, interests and freedoms.

    Changes to the Purposes of Processing. We will only process your personal data for the purpose(s) for which we collected it. If we do need to use your personal data for a new purpose, we will notify you of this and explain the lawful basis we will be relying on.

    Please be aware that we may process your personal data without your knowledge or consent where this is required or permitted by law.

  1. MARKETING. We will send you marketing communications if you have requested information from us or purchased goods or services from us, or if you have provided us with your details when registering for a promotion, and in each case, where you have not opted out of receiving that marketing.You can opt out of receiving marketing communications by following the opt-out or unsubscribe links on any marketing message sent to you or by contacting us at any time.
  1. HOW WE SHARE YOUR PERSONAL DATA AND WITH WHOM. We may need to share your information with certain third parties – these third parties are as follows:
    • Other companies in the Qumulo Group and who provide IT and system administration services and undertake leadership reporting.
    • Our suppliers acting as processors including Marketo, Google, Microsoft, LinkedIn, Facebook, Hotjar and Chatlio.
    • Our professional advisers that may be acting as processors or controllers (whether jointly with us or independently) including lawyers, bankers, auditors, insurers who provide us with professional services based in the United States, the United Kingdom and/or Germany.
    • Regulators such a HM Revenue & Customs and other authorities that may be acting as processors and joint controllers based in the United Kingdom, the United States and/or Germany who require information about our processing activities from us.
    • Our distributors, resellers and partners that may be acting as processors or controllers (whether jointly with us or independently) including Hewlett Packard Enterprise Company in the United States, and other Hewlett Packard Enterprise Company affiliates in various countries, who require information about our processing activities from us to sell, provide services and conduct marketing activities.
  1. THIRD PARTY LINKS. This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our website, we strongly recommend you read the privacy policy of every website you visit
  1. REQUESTING ACCESS TO YOUR PERSONAL DATA. Under data protection law, individuals have the right to request access to information about them that we hold. To make a request for your personal data please contact:Email: dataprivacyoffice@qumulo.comIn writing:Qumulo, Inc.
    Attn: Data Privacy Office
    1501 4th Ave., Suite 1600
    Seattle, WA 98101
    We share your personal data in certain ways that will involve transferring your personal data to countries outside of the United States and/or the European Economic Area to countries whose laws do not afford the same level of protection to personal data as within the EU.  We do this in the following ways:


    • to other entities within the Qumulo Group in the United States and Canada;
    • to our distributors, resellers and/or partners located in the United States, Canada and various European countries.

    Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by putting in place the following safeguards:

  1. DATA SECURITY. Whilst we store and use your personal data we will ensure the appropriate security of your personal data including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach as is required by the law.
  1. RETENTION OF YOUR DATA. We will not keep your personal data longer than is necessary for the purpose for which we use it. We will retain your personal data for the length of any contractual relationship, as is required by the law and as necessary to administer our business, and will delete or destroy it when it is no longer required.In some circumstances, we may anonymise your personal data (so that it can no longer identify you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
  1. YOUR OTHER PRIVACY RIGHTS. By law you have certain additional privacy rights. These are to:
    • be informed of how we are processing your personal data – this privacy policy serves to explain this you but please do get in touch if you have any questions;
    • have your personal data corrected if it is inaccurate or incomplete;
    • have your data erased (the right to be forgotten) in certain circumstances – e.g. where it is no longer needed by us the purpose for which it was collected or you have withdrawn your consent. Please note however, that in certain circumstances, we may not be able to comply with your request of erasure for legal reasons. If this is the case, we will notify you at the time you request erasure.;
    • restrict the use of your data in certain circumstances e.g. where you have told us the data is inaccurate and we are in the process of checking this. In such circumstances we will continue to store your data but will not process it further until we have checked and confirmed whether the data is inaccurate;
    • object to the processing of your data in certain circumstances – e.g. you may object to processing of your data for direct marketing purposes;
    • object to decisions being taken by automated means; and
    • to withdraw your consent at any time to processing where we are relying on consent as the lawful basis – e.g. to receiving marketing communications. Please note if you withdraw your consent, we may not be able to provide certain products and services to you – We will let you know if this is the case at the time you withdraw your consent.

    If you have any concerns about the way we are collecting or using your personal data, please contact us in the first instance. You also have the right to lodge a complaint with the UK’s supervisory authority for data protection matters –  the Information Commissioner’s Office at

  1. CHANGES TO YOUR PERSONAL DATA. It is important that the personal data we hold about you is accurate and current. Please let us know if your personal data changes and we need to update our records.
  1. CONTACT DETAILS. If you have any questions about this privacy policy or about your legal rights, please contact the data privacy representative using the details set out below.Qumulo, Inc.
    Attn: Data Privacy Office
    1501 4th Ave., Suite 1600
    Seattle, WA 98101 USA