JFrog’s Privacy Policy

Last updated October 6, 2021

1. What information do we collect and how?
2. How do we use the information collected?
3. How can you control your information?
4. Who do we share information with?
5. How do we protect your information?
6. Where is your information stored and for how long?
7. Third-party websites and social media features
8. Changes to this Privacy Policy
9. Our policy towards children
10. Got any questions?

JFrog (including our subsidiaries and affiliates worldwide – collectively, “JFrog“, “us”, “our” or “we”) is on a mission to enable continuous updates through liquid software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime.

This Privacy Policy (“Policy”) applies to JFrog’s solution, products, platform, and services (the “Platform”) and describes how we collect, use, and disclose your information. We respect the privacy of our customers, users, partners, and websites visitors (collectively – “you”, or “your”) and are committed to protecting the personal information that you share with us. We have taken efforts to make our Policy as clear and informative as possible and we encourage you to carefully read it.

Please note that this Policy applies to the information provided by you through our Websites that link to this Policy, including, for example, by registering and/or attending events and meetups, (the “Websites”), through our Platform, or as you may otherwise interact with us (together with the Websites and Platform – the “Services”). By accessing and/or using our Services you agree to this Policy, including to the collection and processing of your personal information. In case you disagree with any of these terms please do not provide us with any personal information and avoid contacting us or using our Services.

1. What information do we collect and how?

Directly and indirectly from you when using our Platform or visiting our Websites. For example, usage details collected automatically during your interaction with our Services, such as the type of browser you use, IP address, device ID, cookies installed on the device, date/time stamp, referring/exit pages, clicked pages, the actions you take on the Services and any other information your browser may send us.

We use industry standard tools and software to monitor your navigation and usage of the Services, your usage pattern-logs and other communications information. We may also use cookies and/or similar technologies (“cookies”), which stores certain information on your computer, and which allows us to enable automatic activation of particular features and improve your experience. Most browsers will allow you to erase such cookies, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you block or erase cookies, or change the applicable settings, your experience on our Services may be limited. For more information, please see our Cookies Policy.

Directly from you or via our customer (i.e., your employer or the organization you are related to). For example, if you fill out a form or communicate with us through our Websites, or when your organization subscribes and engages with JFrog to receive Services. This includes information such as business contact details – first and last name, job title, email or physical address, phone number, professional needs and interests, and your interactions with us, including posting comments or feedback on our forums, session recordings, correspondence or calls recordings and associated transcriptions (if applicable).

From external providers that contract with us or interact with us in connection with the Services we perform. For example, from vendors and partners such as social media sites and analytics providers that integrate their services with ours or provide us access to their services.

At all times, you may choose whether to provide or disclose your personal information. If you choose not to provide such personal information, you may still visit parts of the Websites or receive limited Services, but you may be unable to access certain options, programs, offers, and services that involve our interaction with you.

 2. How do we use the information collected?

We will only collect and process your personal information in order to abide by our legal obligations; comply with a contract between us and you or a third party you are associated with; for the performance of our Services; to support our legitimate interests (for example: maintaining, improving and advertising our Services, protecting the security of our systems, as well as ours and our customers’ data, and providing customer support). 

Your acceptance of our related Terms of Service and this Policy will be deemed as your consent, only in case this is the only legal basis allowed for processing personal information in the applicable territory. If you wish to withdraw your consent for such processing, please contact us at: privacy@jfrog.com.

We may use or disclose the personal information we collect for the following purposes:

• To fulfill or meet the reason you provided the information. For example, if you share your name and contact information to request a price quote or ask a question about our Services, or to process your payment and facilitate billing communication;
• To enable the use of the Services, including for registration and authentication. For example, in order to register to the Services, you will need to provide us with your name and email so we will be able to issue a license key;
• To provide, support, personalize, and develop our Websites and Platform by learning about your preferences and general trends relating to the Services;
• To create, maintain, customize, and secure your account with us;
• To process your requests, transactions, payments and prevent fraud;
• To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses;
• To personalize your Websites experience and to deliver content, product and service offerings relevant to your interests, regarding new products, events, offers, services, features, enhancements, special offers, upgrade opportunities, and events, including targeted offers and ads through our Websites, third-party service providers’ sites or via email;
• To help maintain the safety, security, and integrity of our Services, databases and other technology assets and businesses;
• To create aggregated statistical data, rendered non-personal, for internal use;
• To respond to law enforcement requests as required by applicable law, court order, or governmental regulations;
• To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of JFrog’s assets, whether as an ongoing concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by JFrog about you is among the assets transferred.

Please note, we do not sell your personal information for the intents and purposes of the California Consumer Privacy Act (CCPA). Under the CCPA, a business that sells California residents’ personal information to others: (a) must give notice to California residents before selling their personal information to others; and (b) must provide the right to opt out of the sale of their personal information. JFrog does not sell personal information, thus, these notification and opt-out requirements do not apply to JFrog.

3. How can you control your information?

Privacy regulations worldwide such as the EU/UK General Data Protection Regulation (GDPR), and the CCPA provide certain rights for data subjects. If you wish to exercise your rights under the applicable data protection regulation, please submit your request via JFrog’s Privacy Request Form.

You have a right to access and correct (rectify) the record of your personal information maintained by JFrog if it is inaccurate. You may request that JFrog erase that data or cease processing it, subject to certain exceptions, or to confirm whether we process your personal information, or if we comply with the right to non-discrimination of service and price (if applicable). Upon your request, and when technically feasible, JFrog will provide your personal information to you or directly transmit it (if applicable). 

Please note that: (a) we may require additional information in order to verify your request; (b) if you will not respond within 30 days from our initial verification email, your request will be closed, and we will not be able to accommodate it; (c) your request may be recorded by us for legal obligations in accordance with Section 6; (d) if you are using the Services on behalf of our customer (i.e., your employer or the organization you are related to), you should contact your account administrator with your request, if you will contact us directly we will share such request with the relevant customer; and (e) we may charge a reasonable fee or refuse to act on a request if such request is excessive, repetitive, manifestly unfounded, or if we required to or allowed by the applicable law or regulation.

You may also request that JFrog cease using your information for direct marketing purposes. Please note that you may manage the receipt of marketing information from us by clicking on the “unsubscribe” link located on the bottom of the email and/or by updating your communication preferences via JFrog’s Subscription Center. We may also contact you with service information such as billing/login issues, surveys, event information following your registration, etc. 

Please also note that if you have concerns about how JFrog processes your personal information, you have a right to lodge a complaint with the appropriate local data protection authority. You can also call us at +1-408-329-1540 (for Californian Consumers) or contact us at: privacy@jfrog.com.

4. Who do we share information with?

Our Websites and some of the Platform allow you to share information with other users and create and publish content. Any content that you post on or via the Services (“User Submissions”), may be publicly available to other users. The notices and tools that we provide on the Services are intended to inform you which information will be made publicly available. If you publish your personal information in any User Submissions, you may receive unsolicited messages from other users of the Websites or the public. Therefore, we encourage you only to post information that you are sure you want to be accessible to anyone.

If you are using our Services on behalf of an organization or if you provide us with an email address which belongs to an organization, certain information provided to us may be accessible to the respective administrator or to other users of such organization.

JFrog uses third-party service providers to enable us to provide the Services. These providers are not permitted to store, retain, or use information collected by us except for the sole purpose of providing the Services.

With regards to JFrog’s Cloud Solution, please see our sub-processors list here.

We also reserve the right to use or disclose your information if: (a) required by law, under a judicial proceeding, court order, or legal processor if we reasonably believe that such disclosure is required to protect our rights, including their enforcement; (b) to transfer or assign the personal information retained by us in the event that we are acquired by or merged with a third party entity; (c) to share information internally within JFrog; (d) in the event of bankruptcy or a comparable event; or (e) if we rendered such information non-personal.

5. How do we protect your information?

We use industry standard technologies and internal procedures to maintain the security and integrity of our Services and your information, and to prevent unauthorized access thereto. Please visit JFrog’s Trust Center for further information. Please note, however, that there are inherent risks in transmission of information over the internet or other methods of electronic storage and we cannot guarantee that unauthorized access or use of your information will never occur. 

6. Where is your information stored and for how long?

JFrog operates globally and our Services are provided from various location. In order to allow us to perform our obligations and provide you with the Services, we transfer information within our group of companies (a list thereof is available here) and to other contracted third-party service providers, which may be located outside your country of residence. 

When sharing such information, we use appropriate legal mechanisms to safeguard the transfer, such as the Standard Contractual Clauses (SCC), which have been approved by the European Commission Implementing Decision 2021/914, to safeguard the transfer of information from the European Economic Area and Switzerland (collectively – the “EEA”) outside of the EEA. You can obtain a copy of the SCCs by contacting us at: privacy@jfrog.com.

Please note that we may transfer such information to a country and jurisdiction that may not have equivalent privacy and data protection laws that apply to your country of residence. Regardless of where your information is stored, we, our affiliates and third-party service providers apply the same protections described in this Policy. 

With regards to JFrog’s Cloud Solution, please see our Data Processing Addendum here. 

JFrog may retain your information for a period consistent with the original purpose of collection, and/or in accordance with our legal and contractual obligations and the applicable law or regulation. For example, we will retain your information for as long as you are using our Services, and for a reasonable period thereafter. Please note, we are not required to retain personal information for a specific time period and are free to remove it at any moment. Aggregated and/or anonymous data, and any other non-personal information may be retained by us as permitted under the applicable privacy laws.

7. Third-party websites and social media features

Our Services may include social media features (“Features“), for example, you can share posts and comments on or through your social media account. The Features may enable the applicable social networks to collect your IP address and other automatically collected usage details and may set a cookie to enable the functionality of the Feature (see Section 1). Your interactions with the Features are governed by the privacy policy of the third party who provided such Features, and we are not responsible for the privacy practices or the content of such third-party Features. Please be aware that the third parties providing the Features may collect personal information from you. Accordingly, we encourage you to read the terms and conditions and privacy policy of each relevant third party that you choose to use or interact with.

In addition, certain links on our Websites, enables you to enter other sites or services. Those linked sites and services are provided solely as a convenience to you and are not under the control of JFrog. We are not responsible or liable for such linked sites and services’ privacy practices and/or any other practices. Your access to, use of, and reliance upon any such sites, services and content and your dealings with such third parties are at your sole risk and expense.

8. Changes to this Privacy Policy

The terms of this Policy will govern the use of the Services and any information collected by JFrog. JFrog reserves the right to change this policy at any time by posting an updated version on our Services. We will provide notice of substantial changes of this policy on the homepage of the Websites. All other changes to this Policy are effective as of the stated “Last Update” date and your continued use of the Services after the Last Update date will constitute acceptance of, and agreement to be bound by, those changes. If the Policy is required to be amended to comply with any legal requirements, the amendments may take effect immediately, or as required by the law and without any prior notice.

9. Our policy towards children

The Websites is intended for users over the age of eighteen (18). Therefore, JFrog does not intend and does not knowingly collect personal information from children under the age of eighteen (18). We reserve the right to request proof of age when needed. If we learn that we collected personal information from children under the age of eighteen (18) we will delete that information promptly. Please contact JFrog at privacy@jfrog.com if you have reasons to suspect that JFrog collected such information.

10. Got any questions?

We are committed to protecting your privacy. If you have any questions concerning this Policy, please contact us at: privacy@jfrog.com or write to us at: JFrog, 270 E. Caribbean Drive, Sunnyvale, CA 94089, and we will make an effort to reply within a reasonable timeframe.