What’s next for data-intensive applications? Join us at ScyllaDB Summit 2024 on Feb 14-15. Free + Virtual. Register now >

Privacy Policy

Last modified: May 6, 2021

ScyllaDB Ltd. (“Company”, “we” or “us”) is a company that provides (i) proprietary software to provide NoSQL solutions for organizations; and (ii) cloud services for establishing the entire Customer’s (as defined below) database infrastructure (“Services”).

This privacy policy (“Privacy Policy”) governs the data collection, processing and usage made by us and our privacy practices with respect to the data we collect from (i) individuals who access and use our websites that links to this Privacy (collectively the “Websites” and “Visitors”) (ii) customers that use and register to our Services (“Customers”); or (iii) Customer’s Clients which the Customer conducting business with or providing services to (“Customer’s Users”). Each of the Customer, Customer’s Users or Visitors shall also be referred to herein as “you.

This Privacy Policy explains what information we may collect, how such information may be used or shared with others, how we safeguard it and how each of the aforementioned individuals may exercise their rights related to their Personal Data (as such term is defined below), among others, and where applicable, as required according to the EU General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”).

In the event you are a California resident and the CCPA apply to you – please review our CCPA Privacy Notice

Please note, that our website may contain links to other websites, products or services offered by third parties, which are not governed by this Policy. In the event you click on links to third party landing pages, registration pages or websites, their privacy practices may differ from ours, and are not under our control or responsibility. We advise you to review the applicable privacy policy of these third parties.


  • You are not required by law to provide us with any Personal Data. Sharing Personal Data with us is entirely voluntary. Some of our Services, however, may depend on providing us with certain Personal Data, as specified below.
  • In general, subject to applicable law, our lawful basis for processing Personal Data is as follows: (i) We process certain Online Identifiers (as described below) during a Visitor’s use of our Website and for functionality and operational purposes, which we have a legitimate interest in processing; (ii) We process a Customers Personal Data when they use our Services in order to perform our contract with the Customer; (iii) When we send direct marketing to our Customers we process data which we have a legitimate interest in processing; (iv) We and our third-party partners may use cookies for marketing purposes, which, subject to applicable law requirements, we will request your consent for us to do so; (v) In the event you contact us, we will process your contact details and other information you choose to provide us with in order to perform our contract with you
  • Children under the age of 18 are not permitted to use the Services or provide us with any Personal Data.
  • You may be entitled under applicable law to request to review, amend, erase or restrict the processing of your Personal Data, all as detailed under this Policy.
  • We do not sell, trade, or rent users’ Personal Data to third parties. We only share Personal Data for limited circumstances as specified herein.
  • Data for limited circumstances as specified herein.

If you have any questions or requests regarding the processing of your Personal Data, or would otherwise like to contact us in connection with this Policy, please send us an email to: [email protected]

Please note that ScyllaDB acts as a Processor of certain Personal Data, as defined under the EU General Data Protection Regulation, such as the Personal Data processed by our Customers and are stored or processed by us on behalf of the Customer and subject to the Customer’s instructions. However, we may also be a Controller of certain Personal Data such as: our Customers’ contact information, registration data, or if individuals contact us via our Website, etc.

This Privacy Policy constitutes an integral part of our Terms of Service available at: https://www.scylladb.com/tos/ (“Terms”). Definitions used herein but not defined herein shall have the meaning ascribed to them in our Terms.

If you have any questions about this Privacy Policy, please contact us at: [email protected].

We reserve the right to periodically amend or revise the Privacy Policy which will go into effect immediately upon the implementation of the revised Privacy Policy on our website. The last revision date will be reflected in the “Last modified” heading located at the top of the Privacy Policy. We will make a reasonable effort to notify you in the event that we implement any changes that substantially change our privacy practices. We recommend that you review this Privacy Policy periodically to ensure that you understand our privacy practices and to check for any amendments.
If you are a Visitor or a Customers of ours we may collect aggregated, non-personal non-identifiable information which may be made available or gathered via your use of our Website, applications or Services (“Non-Personal Data“). We are not aware of the identity of the individual from which the Non-Personal Data is collected. We may also collect from you, during your access or interaction with the website, your use of our Services or Website, individually identifiable information, namely information that identifies an individual or may with reasonable effort be used to identify an individual (“Personal Data”). The types of data that we collect as well as the purpose for processing such data are specified in the table below.
Type of Personal Data Purposes of Processing For EU Individuals Legal Basis under the GDPR
Becoming a Customer: If you are or wish to become a Customer or to use our Customers Portal you may be required to provide us with certain information such as: your full name, email address, phone number and country. In addition, during the registration process to our Customer Portal you will be required to create a username and password. You thereby represent and warrant that you are responsible for maintaining the confidentiality of your details and password. You represent and warrant that you will not provide us with inaccurate, misleading or false information We will use this data for the purpose of providing our Services to you, i.e., to provide the Services and to designate your account. Your contact details will be used in order to send you needed information related to our Services and our business engagement (e.g., send you a welcome message, notify you regarding any updates to our Services, send applicable invoices, etc.) and additional occasional communications and updates related to the Services, as well as provide you with tips related to our Services and marketing emails related to the Services (“Direct Marketing”). We may also use the information in order to verify your identity. The registration information is processed for performance of contract. The Direct Marketing is based on our legitimate interest, you may opt- at any time. Note, as a Customer some messages and emails are required for the purpose of providing the Services or complying with applicable laws, such as sending invoices, you will not be able to opt-out.
Information Provided Voluntarily: If you voluntarily contact us in any manner whether for support, to submit a request or for other inquiries whether by sending us an email or through other means of communications, e.g., any online form available on our Website, you may be asked to provide us with your contact information such as your full name, , email address and country. In addition, you will be requested to provide us with: job role, country, company name and country. We will use this data solely for the purpose of responding to your inquiries and provide you with the support or information you have requested. We will retain our correspondence with you for as long as needed, subject to applicable law. Performance of a contract and necessity of processing for the purposes of our legitimate interests.
Payment Information When you make a payment for our Services, you will be asked to submit payment information data such as the credit card number and details. The payment is processed by our third party partners; we do not store or process any of your payment information. We use third party payment processors, any transactions that are processed by these third party payment processors will be governed by their privacy policies and terms which we recommend that you review. Note that, currently we use the following third party service providers for payment processing: Stripe (please see the privacy policy here), and Recurly (please see the privacy policy here) and Priority (please see the privacy policy here) This information will be processed for the purpose of performing our contract with you and will enable you to use our Services
Newsletter Subscription: If you voluntarily subscribe to our Newsletter through the Website (or otherwise agree to receive our updates and content), you may be requested to provide us with your email address, name of Company and country. You can unsubscribe at any time using the unsubscribe option within the body of the applicable email or by contacting us directly. We use this information solely to provide you with the content you have requested. your consent
Posting a Comment: If you voluntarily leave a comment on the Website (including on our blog) you may be asked to provide us with your name and email address. If we decide to post your comment, it will be posted under the name you provided, however we will not post your email address We will use this information solely in order to upload your comment and for validation purposes. your consent
IP and Technical Non-Personal Data: When you access our Website or interact with our Services, we may collect certain IDs (e.g. your IP address) as well as technical Non-Personal Data (e.g. viewing and usage information that relates to your interaction with the Website, the amount of time you spend viewing certain portions of the Website, your browser type, language used, operating system type, etc.). We use third party cookies for analytic, security and marketing purposes, on our Website. Prior to processing your online identifiers by third party cookies we will obtain your consent through the cookie notice on our site.
Career: In the event you apply for a job via our website, we will collect your CVs and additional information such as your contact details. To process your job application and for recruitment purposes. Legitimate Interest.
Depending on the nature of your interaction with the website, the above detailed data is collected as follows:
  • In the event you voluntarily choose to provide us with information, e.g., when you contact us or if you are a Customer and register for our Services.
  • Automatically, including through the use of cookies (as detailed below and in our Cookies Policy), and other similar tracking technologies.
We will ask for your consent to collect Personal Data and offer you the choice to opt-out of such collection if we are required to do so in accordance with applicable law.
We or our third-party affiliates may use “Cookies” and similar tracking technologies for various purposes on our Website. Please see our Cookie Policy for more information.
We do not share any Personal Data collected from you with third parties or any of our partners except in the following events:
  • Legal Requirement: We will share your information in this situation, only if we are required to do so in order to comply with any applicable law, regulation, legal process or governmental request (e.g., to comply with a court injunction, comply with tax authorities, etc.);
  • Policy Enforcement: We will share your information, solely to the extent needed in order to: (i) enforce our policies and agreements; or (ii) to investigate any potential violations thereof, including without limitations, detect, prevent, or take action regarding illegal activities or other wrongdoings, suspected fraud or security issues;
  • Company’s Rights: We will share your information in order to establish or exercise our rights, to prevent harm to our rights, property or safety, and to defend ourselves against legal claims when necessary, subject to applicable law;
  • Third Party Rights: We will share your information, solely to the extent needed in order to prevent harm to the rights of our users, yourself or any third party’s rights, property or safety;
  • Affiliated Companies and Corporate Transactions: We may share your information with our parent company, any of our subsidiaries, joint ventures, or other companies that are under common control with the Company (“Affiliated Companies”) solely if and when applicable or necessary for the purposes described in this Privacy Policy, as well as in the event of a corporate transaction (e.g. sale of a substantial part of our business, merger, consolidation or asset sale). In the event of the above, we will make our best efforts to ensure that our Affiliated Companies or acquiring company assumes the rights and obligations as described in this Privacy Policy.
  • Business Purpose – we may disclose your Personal Data to a third party for a business purpose. When we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract.
Note that, we may share aggregate or Non-Personal Data with our Affiliated Companies and additional third parties in accordance with the terms of this Privacy Policy. We may store any type of information on our servers or our cloud servers, use or share Non-Personal Data in any of the above circumstances, as well as for the purpose of providing and improving our Services, aggregate statistics, marketing and conduct business and marketing analysis, and to enhance your experience.

Subject to applicable law requirements, we will provide individuals with the opportunity to exercise their rights regarding their Personal Data. Individuals’ principal rights under data protection and privacy laws may include (you may have some or all of these rights depending on your jurisdiction):

  • the right to confirm whether or not we process your Personal Data;
  • the right to access your Personal Data and being provided with a copy of the Personal Data that we hold.
  • the right to rectification;
  • the right to erasure of your Personal Data.
  • the right to restrict processing of your Personal Data.
  • the right to object to processing of your Personal Data;
  • the right to data portability.
  • the right to complain to a supervisory authority (in the event that you are a European Economic Area (“EEA”) resident); and
  • the right to withdraw consent.

You may exercise any or all of your above rights in relation to your Personal Data by filling out the Data Subject Request Form (“DSR”) available here and send it to our privacy team at: [email protected]

Please note that:

  • We may request additional information from you when you contact us in order to verify your identity and locate your data.
  • It may take time to process requests in a way that is consistent with applicable privacy law.
The Personal Data we collect and process will be stored by us solely for the minimum period of time necessary to fulfil the purpose for which it is collected and provide the Service, meet our business goals, to comply with our legal obligations, resolve disputes, enforce agreements between us and other parties, in accordance with applicable laws, or until an individual request for deletion is met and complied with the terms as set forth in this Privacy Policy.
Security is at our highest priority; we design our Services taking in to account the means of securing your data. We use physical, technical and administrative security measures for the Services that we believe are in compliance with applicable laws and industry standards in order to prevent your information from being accessed without the proper authorization, improperly used or disclosed, unlawfully destructed or accidentally lost, as we will further explain in our Security Policy. As part of our efforts to maintain appropriate safeguards, policies and procedures, we have validated our systems’ security by the SOC 2 compliance program, click here for more information. It is important for you to remember however, that unfortunately, the transmission of information via the internet cannot be 100% secure. Please contact us at: [email protected] if you feel that your privacy was not dealt with properly or was dealt with in a way that was in breach of our Privacy Policy or if you become aware of a third party’s attempt to gain unauthorized access to any of your Personal Data. We will make a reasonable effort to notify you and the appropriate authorities (if required by applicable law) in the event that we discover a security incident related to your Personal Data.
Our Services are not directed nor is it intended for use by individuals under the age of 18 and we do not knowingly process a child’s information. We will discard any information that we receive from a user that is considered a “child” immediately upon our discovery that such a user shared information with us. Please contact us at: [email protected] if you have reason to believe that a child has shared any information with us.
We may store or process your Personal Data in a variety of countries including the United States. Further, certain processing activities are conducted in Israel, or in other countries. In the event of data transfer out of your jurisdiction, we will take appropriate measures to ensure that your Personal Data receives an adequate level of protection as required under applicable law. Further, When Personal Data collected within the EU is transferred outside the EU (and not to a recipient in a country that the European Commission has decided provides adequate protection) it shall be transferred in accordance with the provisions of the standard contractual clauses approved by the European Union. If You would like to understand more about these arrangements and your rights in connection therewith, please contact us at: [email protected].
If you have any questions about this Privacy Policy, you may contact us as follows:
  • By sending an email to: [email protected]
  • By regular mail at: ScyllaDB Ltd. 4 Maskit St. Herzliya 4673304, Israel.