Last updated August 1, 2022
In providing our Services to subscribers of our Cloud and Colocation plans, or purchasers of our hardware (“Clients”), Lambda is a data processor as we process personal information on behalf and at the direction of the Clients. This Policy does not apply to Lambda’s processing when we are a data processor. If you have submitted personal information to a Client that is processed by us, you should directly contact that Client for assistance with any requests or questions relating to the processing of your personal information.
We may change this Policy from time to time at our sole discretion. We encourage you to frequently check this page for any changes to this Policy. Your continued use of our Services after any change in this Policy will constitute your acceptance of such change. If we change this Policy in a way that we believe materially affects how we process your personal information or reduce your rights, we will provide you with advance notice via email or by posting a prominent notice on our Sites.
Lambda collects certain personal information about you and your use of our Services. The definition of personal information (used interchangeably with “personal data” for European residents) depends on the applicable law based on your physical location. Only the definition that applies to your physical location will apply to you under this Policy. For purpose of this Policy, personal information does not include data that has been anonymized or aggregated so that it can no longer enable us, whether alone or in combination with other information, to identify you. From time to time, Lambda may release aggregated information by publishing a report on trends or usage on our Sites.
The personal information that Lambda collects falls into three primary categories: (1) information you voluntarily provide to us, (2) information we collect from you automatically, and (3) information we collect from third parties.
Information You Voluntarily Provide to Us. We, or service providers that assist us in providing, maintaining, and operating our Services, may collect the following types of personal information from you:
Information We Automatically Collect. To the extent permitted under the applicable law, we may collect certain types of information automatically, such as whenever you interact with the Sites or use the Services. We may collect the following types of information automatically from you:
Information We Collect From Third Parties. From time to time, we may obtain information about you from third party sources as required or permitted by law. These sources may include:
Cookies. When you visit our Sites or otherwise interact with our Services, we (or third-party data or ad networks we work with) may send one or more “cookies” to your computer or other devices. Cookies are alphanumeric identifiers stored on your computer through your web browser and are used by most websites to help personalize your web experience. Some cookies may facilitate additional site features for enhanced performance and functionality such as remembering preferences, allowing social interactions, analyzing usage for site optimization, providing custom content, allowing third parties to provide social sharing tools, and serving images or videos from third-party websites. Some features on the Sites will not function if you do not allow cookies. The following types of cookies may be used on our Sites:
Managing Cookies. You have the right to decide whether to accept cookies. If you do not want us to deploy cookies in your browser, you may exercise your preference by modifying your web browser setting to either (1) refuse some or all cookies or (2) notify you and ask for your permission when a website tries to set a cookie. If you choose to disable cookies in your browser, you can still use our Sites, although your ability to use some of the features may be affected. If you want to exercise your rights regarding personal information collected via cookies and similar tracking technologies, please see the Your Rights and Choices section below.
We use your personal information as described in this Policy for business and commercial purposes, or as disclosed to you prior to such processing taking place. We may process your personal information:
We share your personal information as needed to fulfill the purposes described in this Policy and as permitted by applicable law. We may disclose your personal information as described below.
We maintain our Services and all associated data with technical, administrative, and physical safeguards to protect against the loss, unauthorized access, destruction, misuse, modification, and improper disclosure of your personal information. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. We cannot guarantee the security of our databases or the databases of the third parties with which we may share such information, nor can we guarantee that the information you supply will not be intercepted while being transmitted over the Internet. In particular, email sent to us may not be secure, and you should therefore take special care in deciding what information you send to us via email (and please do not send us sensitive information, such as payment card information or government-issued IDs). If you have any questions about the security of your interaction with us (if, for example, you feel that the security of any account you might have with us has been compromised), you can reach out to us via the method identified in the “Contact Us” section below.
We will retain your personal information only for as long as is necessary for the purposes set out in this Policy. We will retain and use your personal information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your personal information to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies. We will cease to retain your personal information or remove the means by which the data can be associated with you as soon as it is no longer necessary for legal or business purposes.
Depending on the applicable law where you reside, you may exercise the right to access, or correct your personal information that we have collected or has been previously provided to us. If you would like to exercise your rights under applicable law, please contact us via the method identified in the “Contact Us” section below.
In your request, please make clear what personal information you would like to access, or change. We may seek to verify your identity when we receive your privacy rights request to ensure the security of your personal information.
Marketing Communications. When you no longer wish to receive these marketing messages from us, you can unsubscribe at any time by unsubscribing or following the instructions contained within such messages, emailing us via the method identified in the “Contact Us” section below.
Additional Rights for California Residents. You may have additional privacy rights if you are a California Residents, see Section 11 “Notice to California Residents” below for more information.
Additional Rights for Individuals in the European Economic Area, the United Kingdom, Switzerland and Brazil. You may have additional privacy rights if you use or access our Service from the European Economic Area, the United Kingdom, Switzerland and Brazil, see Section 12 “Notice to Individuals in the European Economic Area, the United Kingdom, Switzerland and Brazil” below for more information.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services, and this Policy does not apply to your activities on these third-party services or any information you disclose to these third parties. If you have any questions about how these other sites or services use information from or about you, you should contact them directly.
The Services are not directed to, and we do not knowingly collect personal information from individuals under the age of 16 (or other age as required by applicable local law). If you are under 16, please do not attempt to fill out our forms, make a purchase, or send any personal information about yourself to us. If you are the parent or guardian and believe your child has provided us with personal information, please reach out via the method identified in the “Contact Us” section below. If we become aware that a child under 16 has provided us with personal information, we will terminate the user’s access to our Services and take steps to delete such information from our systems, unless we have a legal obligation to keep it.
Lambda’s business operates on a global scale. When you access or submit information to us, your personal information may be transferred to, processed, maintained, and used on computers, servers and systems located where the data protection laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we may transfer your personal information to the United States for further processing. We will take appropriate contractual or other steps to protect the relevant personal information in accordance with applicable laws.
We rely primarily on the European Commission’s Standard Contractual Clauses to facilitate the international and onward transfer of personal information collected in the European Economic Area (“EEA”), the United Kingdom and Switzerland (collectively “European Personal Information”), to the extent the recipients of the European Personal Information are located in a country that the European Countries consider to not provide an adequate level of data protection. We may also rely on an adequacy decision of the relevant regulatory body confirming an adequate level of data protection in the jurisdiction of the party receiving the information, or derogations in specific situations.
Lambda is responsible for the processing of personal information it receives and subsequently transfers to a third party acting as an agent on its behalf. Before we share your information with any third party, we will enter into a written agreement that the third party provides at least the same level of protection for the personal information as required under applicable data protection laws.
This section applies only to California residents. The purpose of this section is to inform California residents (“consumers” or “you”), at or before the time of collection of personal information, about our data collection practices and your privacy-related rights under California law, including the California Consumer Privacy Act of 2018, as amended (“CCPA”) and the California Privacy Rights Act (“CPRA”). Your “right to know” about personal information collected, used, and disclosed by Lambda includes what categories of personal information we collect from you and the purpose for its collection; how we use those categories of personal information; and how we share the personal information you entrust to us. For purpose of this section, the term “personal information”, as defined under the CCPA, is used.
Categories of Personal Information Collected
The chart below describes the categories of personal information we have collected in the preceding 12 months, the sources and purpose of such collection, and the parties to whom the information was shared for business purpose.
Your Rights Under California Law
Access to Specific Information and Data Portability Rights. Subject to certain exceptions, if you are a California resident you have the right to request a copy of the personal information that we collected about you during the 12 months before your request. Once we receive your request and verify your identity, we will disclose to you:
Sale of Personal Information. To the extent we sell your personal information to third parties, you have the right to request that we disclose to you:
Deletion Requests. You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions
Non-Discrimination. We recognize and respect that you have the right to not receive discriminatory treatment by the business for exercising any of your CCPA rights.
Shine the Light Law. If you are a California resident, you may opt out of us disclosing your personal information to third parties for direct marketing purposes. In your request, please specify that you want a “California Shine the Light Notice.”
Do Not Track. Some Internet browsers, such as Internet Explorer, Firefox, and Safari, include the ability to transmit “Do Not Track” or “DNT” signals. Since uniform standards for “DNT” signals have not been adopted, our Site does not currently process or respond to “DNT” signals.
Exercising Access, Data Portability and Deletion Rights. To exercise the access, data portability and deletion rights described above as a California resident, please submit a request to us by contacting us as described in the “Contact Us” section below. Before fulfilling your request, as required by law, we may ask you to verify personal information we already have on file to confirm your identity. If we cannot verify your identity based on the information we have on file, we may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes.
Use of an Authorized Agent to Submit a Request. Only you or a person you formally authorize to act on your behalf, may make a verifiable consumer request related to your personal information as a California consumer. If you use an authorized agent to submit such a request, we will require written proof that the authorized agent has been authorized to act on your behalf or a copy of the power-of-attorney document granting that right.
This section only applies to individuals using or accessing our Service while located in the European Economic Area, the United Kingdom, Switzerland (collectively, the “European Countries”), or Brazil at the time of data collection. Pursuant to the European Union’s General Data Protection Regulation, the UK General Data Protection Regulation (collectively, the “GDPR”), and Brazil’s General Personal Data Protection Act (“LGPD”), for the sake of clarity, references to personal information in this Policy concerns personal data in the sense of the GDPR.
We may ask you to identify which country you are located in when you use or access some of the Services, or we may rely on your IP address to identify which country you are located in. If any terms in this section conflict with other terms contained in this Policy, the terms in this section shall apply to individuals in a European Country or Brazil.
Legal Bases for Processing Your Personal Information
Individual Rights. We provide you with the rights described below when you use our Services. We may limit your individual rights requests: (a) where denial of access is required or authorized by law; (b) when granting access would have a negative impact on other’s privacy; (c) to protect our rights and properties; or (d) where the request is frivolous or unrealistic. If you would like to exercise your rights, please submit your request via the method identified in the “Contact Us” section below.