Skip to content
Industrial IoT and Edge

Portainer is your solution to securely deploy software containers across your fleet of Edge devices.

Crop test-02

Privacy Policy

Portainer

Privacy Policy

Updated March 2024 

Introduction 

Portainer.io Ltd., (“Portainer” “We”, “Us”) is sensitive to your concerns about how we use the personal information we collect from you through either our website (the “Site”) or our application (“the Product”, “our Software”). This Privacy Policy covers Portainer’s treatment of the Personally Identifiable Information we collect when you use the Site or the Product. It also describes the choices available to you regarding our use of your personal information and how you can access and update this information. By using the Portainer Application or taking an action and leaving information on our Site, you accept the terms of this Privacy Policy. If you have questions or concerns about the Privacy Policy, please contact Customer Care at: privacy@portainer.io. 

For purposes of data protection laws, Portainer.io Limited, 1 Boundary Rd, Hobsonville Point, Auckland 0916, New Zealand is the entity responsible for your information. 

A note on the Portainer Application  

This policy by its nature is written to include the information collected by Portainer in a range of circumstances. This can include the website during the normal course of business, our order processing systems during a commercial transaction, and the Software. However, we wish to make the data security of the Software explicit. 

Our software is a stand-alone application that is downloaded and installed on a customer or user’s environment. It has been designed as a highly secure application capable of running without an internet connection.  

The application collects data in two situations: 

  1. The application will collect information necessary to ensure compliance with the license. This information is transmitted to Portainer and stored by secure systems managed by Portainer and third-party service providers.
  2. The application also collects anonymized usage information on an ‘opt-out’ basis. This information is anonymized (to GDPR Opt-Out standards) and transmitted to us for use by our product development teams. This information is aggregated by a third-party service provider and stored in GDPR compliant third-party systems. This information is used in aggregate to assist us in delivering a better and more useful product. The anonymized, aggregated information is not used for any other purpose. 

 

What information do we collect? 

Information You Provide to Us 

  • In the Portainer Community Edition Application, no email address is required.
  • In the Portainer Business Edition Application, Portainer requires one email address for each instance of the software for license registration purposes. The email address needs to be legitimate and active for the duration of the license period, however it does not need to be a personal email address.
  • From the Website: Personally Identifiable Information is captured when a visitor registers or requests services from the Portainer website. 
  • Other: PII may also be collected when a user or customer or speaks on the phone with or emails an Portainer employee, and willingly discloses that information. This disclosure may occur when a visitor registers online (for any purpose), engages in transactions, contacts customer service, or participates in promotions, surveys, forums, content submissions, requests for suggestions, or other aspects of interaction with Portainer. 

Personally Identifiable Information may include: (i) “Contact Data” (such as your name, address, city, state, zip code, phone number, and email address); (ii) “Demographic Data” (such as your zip code). Additional data (such as use case or other technical data may be collected, however this data is outside the definition of PII). 

In the regular course of our business, Portainer may monitor and record conversations, meetings or email communications between you and Portainer employees. This will be requested and you will have the opportunity to decline the request. Typically we may record an interaction with us for training and quality assurance purposes. We may receive a confirmation when you open or click on content in an email from us, which helps us make our communications to you more useful and relevant. 

Information We Collect Automatically

1. Website 

Traffic Data. Portainer or its third-party service providers may collect a variety of visitor data such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, and clickstream data (collectively “Visitor Data”). The Site may use Visitor Data to compile traffic data about the types of visitors who use the Site at specific intervals (collectively “Traffic Data”). We may use Traffic Data to analyze Site traffic. We may also use Traffic Data to diagnose problems with our 3rd party service, administer our Site, or display content according to your preferences. Visitor Data and Traffic Data may also be disclosed to business partners, affiliates, or advertisers on an aggregated and anonymous basis. 

Cookies in the Website. Portainer may use the standard cookie feature of major browser applications and third-party providers, (including Google Analytics) features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting). You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited. 

Location Information. When you use our website, we may collect general location information (such as general location inferred from an IP address). 

2. In the Portainer Application 

No Personally Identifiable Information is collected in, or by the use of, the Portainer application. Portainer has implemented an optional analytics system that provides us with anonymized, high-level usage data. This system is fully compliant with the provisions of GDPR. 

3. Information from Other Sources 

We may collect information about you from third parties, such as marketing partners and researchers. Our customers may give us information about you, such as your Contact Data, in order to facilitate contracting through our Online Services. We may combine this information with information we collect from you and use it as described in this Privacy Policy. 

How do we use the information we collect? 

We may use information we collect from the Website for some or all of the following purposes. To: provide you with the Portainer Application; communicate with you; process your orders; manage and remember your preferences and customize the website experience; analyze and improve both the Website and the Application or any other products and services we might provide; improve our advertising and marketing; verify your identity; inform you of offers and discounts; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third-parties, members of the public, and/or the Website and Application; and prevent fraud and enforce our legal terms. 

We may combine information that we collect from you with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Site of the Software. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes. 

How do we disclose the information we receive? 

Except as disclosed here, we do not rent, sell, or disclose your personal information to third parties. To be explicit, we do not provide Personally Identifiable Information to third parties for marketing purposes. Ever. We use the information we collect as follows: 

  • Critical Software Issues. We will use collected information to inform you of critical issues affecting or potentially affecting your use of the Software. This may include reported security vulnerabilities or other aspects of the software usage deemed of sufficient concern by our engineering team. It is not possible to opt-out of these notifications. 
  • Order Processing. Portainer, sometimes with the assistance of a third-party or Portainer subsidiary, may use your Personally Identifiable Information to process your payment through merchant account services, and to generate the products and services you order. Your Contact Data may be used to follow up with you on transactions you initiate with us, respond to inquiries made through our Website, inform you of changes to the Application, and send you additional information about Portainer and its products and services. 
  • Product Usage. We will use information we collect to offer suggestions as to how Portainer may be better used and deliver greater benefit to you and your organisation.  
  • Required by Law. We may also disclose your personal information: as required by law, such as in response to a subpoena or similar legal process, and when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a legal request. 
  • Visitor Demographics. Contact Data and Traffic Data are used to gather general statistics about our customers and visitors. We may use Demographic Data to generate collective information about our users, but not in a way that identifies any user specifically. For example, we may inform third parties about the number of registered users and unique visitors, and the pages most frequently browsed. 
  • Service Providers. We may disclose your Personally Identifiable Information to companies that provide support services to us (such as accounting services). These companies may need information about you in order to perform their functions. 
  • Blogs and Forums. The Site may include a publicly accessible blog and interactive forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You should use caution when deciding whether to disclose your personal information in these areas of the site. To request removal of your personal information from our community forums, contact us at: privacy@portainer.io. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why. 
  • Other Transfers. We may disclose Personally Identifiable Information and other data to businesses controlling, controlled by, or under common control with Portainer. If Portainer is merged, acquired, or sold, or if some or all of our assets or equity are transferred, we may disclose or transfer Personally Identifiable Information and other data in connection with the associated transactions. 
  • Bankruptcy. In the event of an Portainer bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights generally, we may not be able to control how your personal information is treated, transferred, or used. If such an event occurs, your Personally Identifiable Information may be treated like any other Portainer asset and sold, transferred, or disclosed to third parties, or used in ways not contemplated or permitted under this Privacy Policy. In this case, you will be notified via email and/or a prominent notice on our site of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information. 
  • Consent. In addition to the disclosures described in this Policy, we may disclose information about you whenever you consent to or direct such disclosure. 

 

Third-Party Websites 

The Portainer website may maintain links to other websites and other websites may maintain links to either the Portainer Website of the Portainer Application repository. This Privacy Policy applies only to the Portainer Website, related sub-domain sites, and the Portainer App, not to other websites accessible from Portainer, or that you use to access Portainer, each of which may have privacy policies materially different from this Privacy Policy (for example github.com, hub.docker.com). 

If you visit other websites, Portainer is not responsible for the privacy practices or content of those sites. It is your responsibility to review the privacy policies of non-Portainer websites to confirm that you understand and agree with them. 

Your Options 

You may choose not to provide Portainer with Personally Identifiable Information or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use the Site and browse its pages. However, Portainer cannot process orders without Personally Identifiable Information and some functionality within the website may not operate as designed. 

User and Authorized Contact Access to Order Information

Portainer will give you, or anyone listed as an authorized contact for your account, information about your order. This may include information about the nature and status of your order, information you provided to process your order, payment information, and contact information. 

Deleting Your Information

If you want to remove your Personally Identifiable Information from our systems (including our instance of third-party systems that we use to run our business), you may do so by contacting: privacy@portainer.io 

Opting Out of Marketing 

We send promotional emails and newsletters from time to time to users of the Site who have registered and have opted in to receive such emails. You can opt-out of promotional communications by following the unsubscribe instructions in any communication or by emailing us at: privacy@portainer.io. Generally, you may not opt-out of critical notifications or transactional communications, which are not promotional. If you no longer use Portainer and do not wish to receive service-related communications, you may terminate all communications by contacting: privacy@portainer.io. 

Data Retention 

At minimum, we will retain your information for the period that you have an active Portainer license, and as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. Portainer may maintain some or all of this data in its archives even after it has been removed from the Site. 

Data Security 

We strive to make certain that our service providers (typically payments, accounting, CRM and support system providers) incorporate the latest encryption and security practices. We have also implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure connections (SSL) directly to such providers and we do not record or store any payment information. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk. ACCORDINGLY, WE DISCLAIM LIABILITY FOR THE THEFT, LOSS, OR INTERCEPTION OF, OR UNAUTHORIZED ACCESS OR DAMAGE TO, YOUR DATA OR COMMUNICATIONS BY USING THE SITE, APPLICATIONS, AND OUR SERVICES. YOU ACKNOWLEDGE THAT YOU UNDERSTAND AND ASSUME THESE RISKS. 

IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF OUR WEBSITE, APPLICATIONS, OR OTHER SERVICES PLEASE CONTACT US IMMEDIATELY AT: privacy@portainer.io. 

 

EEA, Switzerland, and UK Individuals 

Legal Bases for Use of Your Information 

Our legal grounds for processing your information are as follows: 

  • To honour our contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for our Freemium Software offer. 
  • Consent: Where required by law, and in some other cases, we handle personal data on the basis of your implied or express consent. 
  • Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests in commercial activities in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. This includes: operating our business; providing security for our websites, products, software, or applications; marketing; receiving payments; preventing fraud; and knowing the customer to whom we are providing the Software. 
  • Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to tax authorities). 

Data Subject Rights

Residents of the European Economic Area (“EEA”), Switzerland, and the UK can exercise certain data subject rights available to them under applicable data protection laws. Where such rights apply, we will comply with requests to exercise these rights in accordance with applicable law. Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. If these rights apply to you, they may permit you to request that we: 

  • provide access to and/or a copy of certain information we hold about you 
  • prevent the processing of your information for direct-marketing purposes (including any direct marketing processing based on profiling) 
  • update information which is out of date or incorrect 
  • delete certain information which we are holding about you 
  • restrict the way that we process and disclose certain of your information 
  • transfer your information to a third party provider of services 
  • revoke your consent for the processing of your information. 

For more information on how to exercise these rights, please refer to the relevant data protection supervisory authority in the country where you are based. Generally, and if required, you may also make a complaint to that authority. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached. 

International Data Transfers

Information submitted to Portainer will be transferred to, processed, and stored in the United States, or for certain customers, the European Union. If you post or transfer any information to or through our Website, you are agreeing to such information, including Personally Identifiable Information, being hosted and accessed in the United States, and/or the European Union. Please note that the privacy laws of the United States, the European Union may be different from those in the place where you are a resident. 

Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK.  

Changes to this Policy 

We may update this privacy policy to reflect changes to our information practices. If we make any material changes a notice may be posted on this page along with the updated Privacy Policy prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices. 

Contact Us 

If you have any questions or concerns regarding our Privacy Policy, please contact us at: privacy@portainer.io.