Portal Privacy Practices Notice

Datto, Inc. (and/or one of its direct or indirect subsidiaries, including Autotask, Backupify or Open Mesh) is the controller of data we collect when you have an account on one of our product or management portals. This notice describes our privacy practices that govern how and why we collect data when you create a portal account and when you subsequently use one of our portals. Our different portals facilitate many functions including purchasing, provisioning and managing our products.

This notice does not apply when we act as a processor of our products and services. Some sections of this notice apply to you only if you are located in the European Economic Area.

This notice applies only to our privacy practices; your organization or the organization through which you gain access to our portal may have privacy practices that differ from our practices.

What Data We Collect and Why

Depending on the nature of your portal account, when your account is first created we collect the following information that you provide directly to us (or that may be provided to us by others in your organization or the organization through which you obtained access to the portal): your name, address, email, company name, geolocation, user type, time zone, phone number, payment information, and when you agree to or otherwise acknowledge our agreements and policies. We also collect access credentials (such as username and password) that allow you to access your portal account. We collect and use such data for the purpose for which it was collected: to identify you for authentication to be sure you are authorized to access your account or to use your portal account to manage certain products, for alerts and general communications, for billing, to register support tickets and to provision your product in an appropriate location.

We may also use your contact information for direct marketing of the products and services offered by our family of companies, in accordance with our Marketing Privacy Practices. You may manage the marketing communications you receive from us at any time by visiting our Preference Center.

Besides the information you (or others on your behalf) directly provide to us, we automatically collect information each time you access your portal account. Again, depending on the nature of your portal account, this information includes: the IP address, geographic location, browser type and operating system from which you access your account, access logs, and activity and security logs while on your portal account. We collect such data to record and comply with your instructions, respond to support tickets, and improve our products and related support services. We also use portal data to protect the security of our products, detect and prevent fraud, to resolve disputes and enforce our agreements. We also use portal data to analyze, report and improve the performance of our products and businesses.

If you have any questions regarding this notice, we can be contacted at:

Datto, Inc.

101 Merritt 7

Norwalk, CT 06851

Phone 888-995-1431

Our Data Protection representative can be reached at privacy@datto.com

Legal Basis

We process the portal data we collect based on our legitimate interests in selling and securing our products, running our businesses and direct marketing our products and services. We also collect data necessary for the performance of contracts we may enter into with certain portal users. We also collect data to comply with legal and compliance obligations, maintain accurate business records and generally to enable the proper administration of our business.


We may share portal data within our family of companies. We also share certain data with third party service providers whose tools or services we use for billing, support services and management, CRM, security, accounting, authentication, reporting, training and to run and improve our portals and businesses. We make sure any third parties with whom we share personal data will use the data only for the purpose of providing their services to us, and in a manner consistent with our privacy practices.

Our portals may provide links/integrations or an API which may be used to facilitate integrations to or from third party products or services (“Third Party Applications”). If you elect to have your portal account integrate with, enable, access or use an API to interact with such Third Party Applications you do so at your own risk and we have no responsibility or liability for the data or privacy practices of any Third Party Applications.


We primarily host our portals in the United States. Some portal accounts are hosted in the same geographic location where an individual product is hosted. When portal data is transferred from within the European Economic Area or Switzerland to an area outside, we will ensure that appropriate safeguards, consistent with our EU-US Privacy Shield and the Swiss-US Privacy Shield certifications, are followed.


We retain the portal data we collect for as long as is reasonable for the original purpose for which it was collected and for furthering our legitimate business interests and to meet our legal and compliance requirements. In general, we retain data related to a portal account for as long as the account is active and for such additional time as we deem necessary to retain billing records, security logs and general business records.

Data subject Requests

If you are in the European Economic Area you have the right to contact us to review, correct or request that we delete portal data that you previously provided to us or that we collect about you. Please visit datto.com/privacyrequest to make your request. We will review your request and act appropriately, consistent with our legitimate requirements to maintain the integrity of the portal data. We will respond to your request within a reasonable amount of time.

If you are in the European Economic Area you have the right to lodge a complaint with an appropriate data protection authority in the United Kingdom.

Last updated May 2018