Privacy Policy



This Privacy Policy (“Policy”) conveys the practices of Starfish Storage Corporation (“Starfish” or “we” or “us”) regarding personal information (“PI”) collected through our website, email system, social media accounts, and other electronic and communication systems (collectively, the “Systems”) and the services and products we sell, resell, or otherwise provide (collectively, the “Items”), including without limitation computer hardware or software and professional services. Our privacy practices may vary among the places in which we operate in order to comply with applicable local legal requirements. When you interact with the Systems or otherwise transact business with Starfish, you consent to the collection, use, and sharing of information as described in this Policy and our website’s Terms of Use (“Terms”). If you do not consent to the terms of this Policy and our Terms, then please cease use of the Systems and provide notice to Starfish regarding your lack of consent. Any usage of “our” herein refers to Starfish whereas any usage of “your” herein refers to you.


PI is data that can be used to identify or contact a single person. You may be asked to provide your PI anytime you are in contact with us. You are not required to provide PI that we have requested, but not doing so may frustrate our ability to respond to any queries you may have. Examples of the types of PI we may collect include without limitation the following:

  • Name, address, telephone and fax numbers, email address, professional information, geolocational data, communication preferences, and other similar information;
  • Browsing activities, cookies and similar data, and platform or mobile-application-use data;
  • User IDs and passwords for the Systems, Systems activity, user statistics, and viewing activity records; and
    Personal information collected from surveys, contests, and research efforts from anyone participating.

We do not knowingly collect PI from individuals under the age of 18. If you believe we might have any PI from or about an individual under the age of 18, please contact us at, and we will delete that PI.


We may receive your PI from other persons or entities, including without limitation the manufacturers of Items and marketing entities. If you are a candidate for employment with Starfish, we may receive your PI from applicant-tracking systems, recruiters, or external websites. We will use PI we receive to contact you about a potential opportunity or in evaluating your candidacy for a job with us. If you did not provide us your PI directly, upon request, we will inform you of the source of that information, all provided such information is available to us and we are legally permitted to disclose it.


We may collect data in a form that does not independently permit direct association with any specific individual. We may collect, use, transfer, and disclose non-PI for any purpose. This information, if collected, is aggregated and used to help us provide more useful information to our clients and to understand which parts of the Systems and Items are of most interest and how to best communicate with you and our candidates and clients. Aggregated data is considered non-PI for the purposes of this Policy. If we do combine non-PI with PI, the combined information will be treated as PI for as long as it remains combined.


We assess our need to collect PI and if we establish a relevant need, we only retain that PI for the shortest possible time unless a longer retention period is required. To the extent legally permitted, we may retain information for as long as is reasonably necessary or has a reasonable likelihood of becoming necessary in the future. We may retain cached, backed-up, and archived copies of PI. We may retain aggregated data that is anonymized or pseudonymized indefinitely. We may be required to retain some data longer due to various laws and regulations or because of contractual obligations.


To the extent legally permitted and for client data as permitted by our client agreements, you agree that we may use your collected PI:

  • To operate the Systems and protect the security and integrity of the Systems and our business;
  • To market, sell, and deliver Items;
  • To fulfill business requests such as completing client purchases;
  • To communicate about Items and possible promotions;
  • To respond to reviews, comments, or other feedback provided;
  • To support and personalize the Systems and various marketing and advertising efforts;
  • For researching, conducting surveys, benchmarking, data analysis, audits, and improving our professional services;
  • To satisfy our contractual obligations, comply with legal requirements and our policies, and protect against criminal activity, claims, and other liabilities;
  • To evaluate your candidacy and to contact you about employment opportunities; and
  • For any other lawful purpose.

To the extent legally permitted, we may use, process, transfer, and store data about individuals and clients or partners in an anonymous or pseudonymous and aggregated manner. We may combine PI with other information, collected however, including information from third-party sources. We may also use PI in other ways with consent or as legally permitted. To the extent legally permitted, we may collect data in an automated manner and make automated decisions, including using algorithms, about users of the Systems for website optimization, security, analytics, and all other lawful purposes.


To the extent legally permitted, we may share and disclose PI as set forth herein. For clients, we may share PI with our clients and their service providers and other platforms that may assist those clients. For affiliates and agents, we may share PI with our affiliates or any business partners or agents acting on our behalf. For vendors and suppliers to Starfish, we may share PI to support and advertise the Systems and our business. We share PI with such third parties to the minimum extent necessary for those third parties to provide various goods and services to us and pursuant to binding obligations. We may also disclose PI for other purposes or to other third parties when an individual has consented to or requested such disclosure, and for client data, with such client’s authorization.

It may be necessary pursuant to various legal requirements or requests from public and governmental authorities within or outside your country of residence for us to disclose your PI. In addition to situations in which we need to disclose your PI to enforce our terms and conditions or protect our operations, we may disclose PI to public or governmental authorities about you if we determine in our sole discretion that for purposes of national security, law enforcement, or other issues of public importance, disclosure is mandatory or appropriate. We may share, disclose, or transfer PI to a buyer, investor, new affiliate, or other successor if Starfish or any affiliate, portion, group or business unit thereof, undergoes or contemplates a business transition, such as a merger, acquisition, consolidation, reorganization, divestiture, liquidation, dissolution, or a sale or other transfer of all or a portion of any assets of Starfish or any affiliates. We may share PI if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of any person.


The Systems may provide links to other websites or resources over which we have no control. Such links do not constitute an endorsement by us of those respective sites. We are providing these links only as a convenience and you agree that we are not responsible for the content of such sites. Your use of those sites is subject to the terms of use and privacy policies located on those respective sites, if in existence.


We may use cookies and similar technologies to operate and improve the Systems and to simplify our interaction with you. You can block cookies by properly modifying the cookies setting within your browser. Although you are not required to accept cookies, if you block or reject them, you may not have access to all features available through the Systems. We may use cookies, web beacons, pixel tags, log files, or other similar technologies to collect information about the ways you use the Systems, to support and enhance features and functionality, to monitor performance, to personalize content and experiences, and for all other legal, marketing, and analytics purposes. We may engage third-party service providers to provide ads and promotions on our behalf or authorize third parties to advertise and market products and services via the Systems. We may use the following types of cookie technologies:

  • Strictly necessary cookies required for the operation of the Systems;
  • Analytical or performance cookies that collect information about how you use the Systems (occasionally placed by third-party providers of web-traffic-analysis services);
  • Functionality cookies that remember choices you make and recognize you when you return; and
  • Targeting cookies that collect information about your browsing habits such as the pages you have visited and the links you have followed (often placed by third-party advertising networks).

We may use third-party analytics such as Google Analytics. The analytics providers that administer these services may use technologies such as cookies and web beacons. We may also use third-party advertisers to provide or track ads on or relating to the Systems. These third parties may use cookies and other tracking and analytical technologies to record which ads your browser has loaded, and which pages you were viewing when ads were delivered or viewed. That collected information is subject to those third parties’ privacy policies, over which we have no control.


If you are a Starfish client, you may make requests about your contact preferences and changes to your PI by contacting your relationship manager. If you opt out of promotional emails, we may still send you non-promotional emails, such as emails about your accounts or our ongoing business relations, if applicable. If after providing us with your PI, you change your mind about receiving information from us, you may request access to your data or that your data be changed or deleted, provided that we are legally permitted to do so.


California: If you are a California resident, the California Consumer Privacy Act allows California consumers to obtain information about your PI, if any, that we collect, use, and disclose.

Massachusetts: If you are a Massachusetts resident, 201 CMR 17.00 establishes minimum standards to be met in connection with the safeguarding of PI contained in both paper and electronic records that apply to all persons, which includes Starfish, who possess or license PI about a resident of the Commonwealth. Starfish does not license your PI.

Nevada: If you are a resident of Nevada, Chapter 603A of the Nevada Revised Statutes permits a Nevada resident to opt out of future sales of certain covered PI that a website operator has collected or will collect about or from you. Starfish does not sell your PI.

European Privacy Statement: The following European Privacy Statement applies to residents of the European Union, the European Economic Area, and Switzerland. We process data for the purposes as set forth in this Policy. To fulfill these purposes, we may access data, including personal data (“Personal Data”), as defined by the General Data Protection Regulation (“GDPR”), to provide access to the Systems or in response to contractual requirements. Our legal justifications for the processing (“Processing”), as defined by the GDPR, of Personal Data are consent or any other applicable legal bases. If you are a resident of the EU or a country with materially similar legislation regarding Personal Data protections, you may have one or more of the following additional rights:

  • Requesting a copy of the Personal Data we have collected about you;
  • Requesting and receiving your Personal Data we have collected in a commonly used, machine-readable form;
  • Requesting restriction of Processing of Personal Data about you for certain reasons;
  • Requesting that we correct or delete any of your Personal Data that is inaccurate or unnecessary;
  • Objecting to your Personal Data being Processed for direct-marketing purposes;
  • Withdrawing your consent without affecting the legality of our Processing based on such consent before it was withdrawn, including Processing related to existing contracts for our Items, when applicable; and
  • Lodging a complaint with your local, supervisory, data-protection authority.

We will process any requests in accordance with applicable law and within a reasonable period of time. We may need to verify the identity of the individual submitting a request before we can address such request. For Starfish clients, certain information may be reviewed, corrected, and updated by contacting your Starfish relationship manager and making the appropriate change request. We may be required to disclose Personal Data in response to legal requests by public authorities. For more information on exercising your PI rights, please contact us at and provide sufficient details.


We may update this Policy to reflect changes to our PI and privacy practices. We will post any updated Policy on the Systems, or with notice to individuals only if required by applicable law. Continued use of the Systems after any such changes constitutes your acceptance to any such amended Policy. The date of last revision is shown at the “Last Updated” legend at the base of this web page.


Upon request, for PI we hold and can access, we will provide you with that PI data set to request corrections for any inaccurate data or to delete the data if Starfish is not required to retain it for legal or legitimate business purposes. We may decline to process requests that are unreasonable, compromise the privacy of others, are extremely impractical or unduly burdensome, or for which access is not otherwise required by law. We may decline aspects of deletion or access requests if we believe doing so would undermine our legitimate use of data for anti-fraud and security purposes. Access, correction, restriction, deactivation, or deletion requests can be made by contacting When you make a request, we retain the right to verify your identity and to establish the legitimacy of your request.


If you have any questions about this Policy, you can contact us by email at Except as otherwise expressly provided herein, or as otherwise required by applicable law, you agree that the exclusive jurisdiction of any actions for claims relating to the Policy, PI, or Personal Data, which shall be in an individual capacity and not via a class action or representative proceeding, arising out of, relating to, or in any way connected with this Policy shall be in the state or federal courts, as applicable, located in the Commonwealth of Massachusetts, U.S.A.

LAST UPDATED: September 7, 2021