Enforce Governance and meet Compliance for a zero-trust, least-privilege security posture
RoboMQ, Inc. (“RoboMQ,” “we,” “us,” or “our”) respects your privacy and is committed to protecting personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information in connection with our websites, products, and services, including transfers of data from the European Union (EU), European Economic Area (EEA), the United Kingdom (UK), and Switzerland to the United States.
RoboMQ acts as a data controller for information collected directly from individuals and as a data processor for data processed under the instruction of our customers via our SaaS platforms.
RoboMQ complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. RoboMQ has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. RoboMQ has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.
To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
This policy applies to all data processing activities conducted by:
– SRB Technologies, Inc. dba RoboMQ, a U.S. corporation headquartered in Vienna, Virginia, and
– Its affiliate RoboMQ Pvt. Ltd, based in India, which supports software engineering, development, and support activities under RoboMQ’s direct control.
All personal data collected from customers, partners, or users in the EU/EEA, UK, and Switzerland is processed solely within the United States data centers under RoboMQ’s unified privacy and security framework.
RoboMQ maintains SOC 2 Type 2 and HIPAA certifications, demonstrating our adherence to industry-standard security, privacy, and confidentiality controls for cloud and SaaS environments.
Our data hosting and infrastructure are entirely deployed in Amazon Web Services (AWS) U.S. data centers, providing best-in-class physical and network security, redundancy, and compliance with ISO 27001, SOC, and FedRAMP and other NIST cybersecurity standards and recommendations.
We may collect and process the following categories of personal data:
| Category | Examples |
|---|---|
| Contact Information | Name, business email address, phone number, company name, job title |
| Account & Authentication Data | Login credentials, API tokens, and security identifiers |
| Usage & Technical Data | IP address, browser type, telemetry, log data, and metadata from system integrations |
| Support & Communications | Support tickets, chat logs, and feedback provided through email or portals |
| Billing Data | Payment or invoicing information for subscription services |
| Employment / Applicant Data | Resumes, employment details (for HR purposes), and communication records |
| Employment Data of the Customer Workforce | We process basic PII (Personally Identifiable Information) and the job identifier information of the employees, volunteers, trainees, or contractors of our customers |
We do not intentionally collect or process sensitive and special categories of personal data such as medical records, or financial account credentials, and the data sets defined under Article 9 of the GDPR (such as data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, health information, or data concerning a person’s sex life or sexual orientation).
Any such data is processed only if it is voluntarily provided by a customer under a contractual arrangement and handled in accordance with applicable data protection laws.
We receive Personal Information directly from you when you provide it to us as part of creating an account, for purpose of information gathering or signing up for trial or paid subscription. This information includes at least:
– Name, Preferred name
– Email address
– Username
– Password or tokens
– Job Title
– Company Name
This data is required and processed to provide you with the services and secure access to your account with RoboMQ products and platforms.
As part of creating and maintaining an account with us, you may voluntarily submit additional information, including:
– Phone number
– Department or business unit
– Company size
– Additional notification email addresses
– Profile photo
Optional Account Data is used for various purposes:
– Username, Company name and profile picture are collected so that you can better and more easily identify yourself to other users on the site.
– Phone number is processed so that we can communicate with you about the Services and contact you about service announcements, updates or offers.
– Company title and company size is used by us to understand our user base and for direct marketing purposes.
– Additional email addresses are used for communication and to merge multiple account logins if created while signing up for the services.
We may collect information about you from other sources, including third parties from whom we have purchased Personal Data, and combine this information with Personal Data provided by you. This helps us to update, expand and analyze our records, identify new customers, and create appropriately tailored advertising to provide services that may be of interest to you. We process this information for marketing purposes and to provide support to present and prospective customers.
We use common information-gathering tools, such as log files, cookies, web beacons and similar technologies to automatically collect information, which may contain Personal Data, from your computer or mobile device as you navigate our websites or interact with emails sent by us.
For customers who pay by credit card, we will collect payment information and will associate it customer Subscription ID. We do not store any payment card information ourselves; payment card data is collected and processed by the payment gateways.
For customers paying via other means, we will collect and maintain billing information outside of the website in our CRM system. For all paid customers, we maintain a record of Service subscriptions, invoices and payments. Billing information and payment records are processed to provide Services to our paid customers and to comply with legal and contractual requirements.
If you access our Site or Service through a third-party connection, social login or connect an application to RoboMQ, that third party you connected with may pass certain information about your use of its service to RoboMQ. This information could include, but is not limited to, the User ID associated with your account, an access token necessary to access that service, and any other information that you have permitted the third party to share with us, and any information you have made public in connection with that third-party service.
Connection Data is processed to provide application connectivity, which is part of the Service. The connection data is securely maintained as part of your user profile.
You may interact with RoboMQ by filling in an online form to download content or subscribe to a newsletter or engage in email, phone or online chat communications with us, you may voluntarily supply us contact and other information that we may also retain as a record of any communications with you or the activities you perform.
Data from these interactions is processed to supply you with the information that you request from us and may be used for direct marketing and analytical purposes.
You may register for a RoboMQ webinar, event or a RoboMQ sponsored 3rd party event where we may collect contact information from you and when you attend. We will retain a record of your participation and the related information that we collect.
This data is collected to provide you with access to events that you have requested. We may also use your contact information for direct marketing purposes. Conference and events attendance data is processed by us to better understand our user base and for the marketing purposes in general.
When you submit a support ticket through our systems or via email or a phone interaction, we will collect your company and contact data, and record activity related to your request.
Information submitted as part of support tickets is processed by us to provide you help in using our Service, to contact you about your request(s), and to improve our products and service offerings.
The Service offers publicly accessible blogs or community or user forums. You should be aware that any information provided in these areas may be read, collected, and used by others who access them. If you elect to post something in a public area of our Service, any Personal Information or content that you voluntarily disclose for posting to the Service, becomes available to the public, as controlled by any applicable privacy settings. If you remove information that you posted to the Service, copies may remain viewable in cached and archived pages of the Service, or if other Users have copied or saved that information. To request removal of your Personal Information from our blog or community forum, contact us at privacy@robomq.io . In some cases, we may not be able to remove your Personal Information.
From time to time, we post customer testimonials on the Sites which may contain Personal Information. We obtain the customers’ consent to post their names along with their testimonials.
Information submitted by you to our blogs and community forums is processed by us in order to help users report and resolve problems with the Service, to communicate with other users of the Service, and to improve our products and services.
Some Personal Information is automatically collected when you visit our sites or use our Services, through the use of cookies and other tracking technologies.
During the course of your interaction with our Site and Service, some third parties may provide us with Personal Information about you, such as:
If you interact with a third party service when using our Services, such as if you use a third party service to log-in to our Services (Slack, Google, Salesforce, Office 365, Intuit or others), or if you share content from our Services through a third party social media service, the third party service will send us information about you, such as information from your public profile, if the third party service and your account settings allow such sharing of your information. The information we receive will depend on the policies and your account settings with the third-party service.
We process this information to provide Single Sign-On, which is part of our Service. Single Sign on using third party services allows us to provide sign up and sign-in without the need to create a credential with RoboMQ Services. We may also receive information associated with your use of the website from third-party software.
If you visit our site and your email or other identifying data is known from interactions with our own site or with other sites, then our third-party service providers may supply additional information to us, associated with your site usage history. This information could include your name, social media user id(s) and profiles, if known and publicly available.
We process this information to better understand our website users and improve our Service and may use it for direct marketing purposes.
RoboMQ may use Personal Information provided to operate, improve upon, and personalize the Service, for billing identification and authentication, to contact and communicate with you about the Service and your use of the Service, to support use of the Service, to send marketing materials (subject to your opt-out option), for research purposes, and to generally improve the content and functionality of the Service.
We may also combine your Personal Information with third-party analytics information to build a broader profile of our individual Users so that we can serve you better and provide custom, personalized content and information. Additionally, we may use the Personal Information we collect for identification and authentication and fraud prevention, to analyze Site usage and improve the Service, for internal market research, troubleshooting problems, to enforce our Terms of Service, and as otherwise set forth in this Policy.
Note that we will never email you to ask for your account information; if you receive such an email, please forward it to privacy@robomq.io .
RoboMQ may use your cell phone number to call or text you in order to provide the Services. You have the option to opt-out of such communication.
We use financial information solely as authorized by you in accordance with the Service, in order to process your payments.
RoboMQ shares Personal Information with its third-party service providers (such as its credit card processors and hosting partners) to provide the necessary hardware, software, networking, storage, and other services we use to operate the Service and maintain a high-quality user experience.
We use third party analytics tools to measure traffic and usage trends for the Service. These tools collect information sent by your browser as part of a web page request, including the web pages you visit, your browser add-ons, and other information that assists us in improving the Service.
RoboMQ may store Personal Information in third-party marketing, CRM and mail-management software to facilitate interactions with users or potential customers.
In all situations where RoboMQ discloses Personal Information to third parties acting as service providers or “agents” on behalf of RoboMQ, RoboMQ will require the recipient to protect and only use Personal Information in accordance with this Privacy Policy. We do not permit our service providers to use the Personal Information we share for their marketing purposes.
We may collect and use the analytic information from our own systems and from third parties together with your Personal Information to build a broader profile of our individual Users so that we can serve you better.
RoboMQ gathers certain information automatically and stores it in log files. This information includes internet protocol addresses as well as browser, internet service provider, referring/exit pages, search terms, operating system, date/time stamp, and clickstream data. Occasionally, we may connect Personal Information to information gathered in our log files, as necessary to improve the Service for individual customers. Otherwise, we generally use this information as we would any Usage Data, to analyze trends, administer, maintain and manage the Service, or track usage of various features within the Service.
In addition to the purposes described above, we disclose Personal Information to respond to subpoenas, court orders, on legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service, or as otherwise required by law.
We may share information, including Personal Information with any member of the RoboMQ which includes any entity that controls, is controlled by, or under common control with RoboMQ.
The RoboMQ Service allows users to connect to third-party applications, to periodically or on-demand pull data from those applications into RoboMQ servers, and to pass data from the RoboMQ Service onward to other third-party applications in order to perform integration and automation activities for the end user.
These transfers are done only under the direction of, and under the sole control of, RoboMQ users. This information is secured, encrypted and is private to the user. By using the Service, you warrant that RoboMQ has your permission to perform any such transfers on your behalf, notwithstanding that these may contain personal data, and may cross international borders. RoboMQ does not control the privacy practices of applications to or from which you may transfer data, and you warrant that when transferring Customer Data, you are accepting the privacy terms to which those applications subscribe.
Customer Data may be stored in our systems temporarily while in transit as part of processing and/or retained to support Service features such as history logging, audit trails and error recovery and data analytics, reporting and business intelligence for the sole benefit of the customer. RoboMQ protects Customer Data using commercially feasible methods from interception or alteration.
RoboMQ will not examine or distribute any Customer Data except as provided in our Terms of Service, or as required by law. RoboMQ may however use automated tools to examine Customer Data in aggregate, to improve the Service and provide better user experience.
We process personal data for the following purposes:
| Purpose | Legal Basis | Retention |
|---|---|---|
| To provide, operate, and improve our SaaS services | Performance of a contract | Account duration + 5 years |
| Process customer workforce employment data to provide SaaS services to our customers | Performance of a service contract | Account duration + 90 days |
| To communicate with customers, provide support, and manage subscriptions | Legitimate interest / contract | Account Duration or Support ticket lifetime + 3 years |
| To maintain security, audit trails, and operational integrity | Legitimate interest / legal compliance | Per SOC 2 retention (1–7 years) |
| To send service updates or product notices | Legitimate interest / consent | Until unsubscribed or terminated |
| To comply with legal, audit, or regulatory obligations | Legal obligation | As required by law |
RoboMQ receives and processes personal data transferred from the EU, EEA, UK, and Switzerland to the U.S. under the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF.
We have certified our compliance with the DPF Principles: Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity & Purpose Limitation, Access, and Recourse, Enforcement & Liability.
You can verify our active certification on the DPF List: https://www.dataprivacyframework.gov
If there is any conflict between this Privacy Policy and the DPF Principles, the DPF Principles shall govern.
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Personal data processing is conducted by:
– SRB Technologies, Inc. dba RoboMQ (United States), and
– RoboMQ Pvt. Ltd (India), both operating under unified data protection and security controls.
As explained above in the “Use and Disclosure of Personal Information” section of this policy, RoboMQ also engages sub-processors or subcontractors for the processing of customer or user data.
RoboMQ remains responsible for all personal data received under the DPF or GDPR obligations and any onward transfer to our sub-processors or subcontractors.
If a sub-processor or subcontractor determines it can no longer meet its DPF or equivalent obligations, RoboMQ will take immediate steps to cease data transfers or terminate the service.
RoboMQ implements administrative, technical, and physical safeguards to protect personal data, aligned with our SOC 2 Type 2 and HIPAA certified security frameworks, and GDPR Article 32 requirements.
Our security program includes:
– Encryption in transit (TLS 1.2+) and at rest (AES-256)
– Role-based access control and multi-factor authentication
– Network segmentation and tenant data isolation
– Continuous monitoring and logging using AWS native tools
– Regular vulnerability scanning and penetration testing
– Network Intrusion Detection and Prevention systems in place
– Documented incident response and disaster recovery plans
– Employee background checks and annual security training
We collect and process only the personal data necessary to fulfill contractual or operational purposes. We take reasonable steps to ensure data is accurate, complete, and up-to-date, and retain data only for as long as necessary to meet the stated purposes and contractual or legal obligations.
Individuals or the customers on whose behalf we process personal data may:
– Request access to their personal data directly or through our customer on whose behalf the data is processed
– Request correction or updates to inaccurate information, or
– Request deletion of their personal data.
Additionally, under the GDPR, individuals in the EU/EEA and UK have the following rights regarding their personal data:
– Access to their personal data (Art. 15)
– Rectification of inaccurate data (Art. 16)
– Erasure (“Right to be Forgotten”) (Art. 17)
– Restriction of processing (Art. 18)
– Data portability (Art. 20)
– Objection to processing based on legitimate interests (Art. 21)
– Not to be subject to automated decision-making, including profiling (Art. 22)
Pursuant to the DPF Principles, EU/EEA, UK and Swiss individuals also have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you.
To exercise these rights, contact us at privacy@robomq.io.
We respond within 30 days (or as otherwise required). Verification of identity may be required for security reasons.
You may opt out of:
– Receiving non-essential communications or marketing emails.
– Having your data shared for purposes incompatible with the original purpose of collection.
To opt out, use unsubscribe links in our emails or contact privacy@robomq.io.
Pursuant to the DPF Principles, if personal data covered by this policy is to be used for a new purpose that is materially different from that for which the personal data was originally collected or subsequently authorized, or is to be disclosed to a non-agent third party in a manner not specified in this policy, we will provide EU/EEA, UK and Swiss individuals with an opportunity to choose whether to have their personal data so used or disclosed. To limit the use or disclosure of your personal information transferred in reliance on the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, or the Swiss-U.S. DPF, please submit a request to privacy@robomq.io.
If you believe your personal data has been processed in violation of the DPF Principles, please contact us first at:
RoboMQ Privacy Office
SRB Technologies, Inc. dba RoboMQ
1577 Spring Hill Rd, Suite 530
Vienna, VA 22182, USA
Email: privacy@robomq.io
We will investigate and respond within 45 days. If we do not resolve your concern satisfactorily, you may escalate it to our independent recourse mechanism:
BBB National Programs – Data Privacy Framework Services www.bbbprograms.org/dpf-complaints. This service is provided free of charge to individuals.
If your complaint remains unresolved through the above channels, under certain conditions you may invoke binding arbitration under Annex I of the DPF Principles. EU/EEA and UK individuals may also lodge complaints with their local supervisory authority or with the Irish Data Protection Commission (https://www.dataprotection.ie). Swiss individuals may also lodge complaints with their supervisory authority. A list of EU/EEA Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en. For the UK, please visit: https://ico.org.uk/make-a-complaint/. For Switzerland, please visit: https://www.edoeb.admin.ch/en/contact-2.
In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, RoboMQ commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO), and the Swiss Federal Data Protection and Information Commissioner (FDPIC), as applicable with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship. To pursue an unresolved human resources data complaint, you should contact the data protection or labor authority in the appropriate jurisdiction. A list of EU Data Protection Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en. For the UK, please visit: https://ico.org.uk/make-a-complaint/. For Switzerland, please visit: https://www.edoeb.admin.ch/en/contact-2.
Complaints related to human resources data should not be addressed to BBB NATIONAL PROGRAMS.
RoboMQ is subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC) regarding compliance with DPF obligations.
We may update this Privacy Policy periodically to reflect changes in our operations or compliance requirements. Any material changes will be announced through our website and, where appropriate, via direct notification.
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact:
RoboMQ Privacy & Compliance Office
SRB Technologies, Inc. dba RoboMQ
1577 Spring Hill Rd, Suite 530
Vienna, VA 22182, USA
Email: privacy@robomq.io
RoboMQ’s Privacy & Compliance Officer serves as the Data Protection Officer (DPO) for GDPR purposes.
RoboMQ is subject to the U.S. Federal Trade Commission (FTC) for enforcement of its Data Privacy Framework (DPF) commitments and to the applicable EU supervisory authorities for GDPR purposes. In case of any conflict between this policy and the DPF Principles, the DPF Principles shall prevail.