Privacy Policy
About this Privacy Policy
Treeverse, Inc. and Treeverse Labs Ltd. (the “Company,” “Treeverse“, “we“, “our” or “us“) present this privacy policy (the “Privacy Policy“) applicable to:
- any individual who visits and interacts with our following websites and use their related services: https://lakefs.io/ and https://dvc.org/ including its subdomains (collectively, the “Websites”),
- any contact at our customers and other business partners who contact us, and
- job applicants.
Such individual referred to as “User”, “you” or “your”.
This Privacy Policy describes how we collect, use, share, store and otherwise process personal information (as defined below). For any questions or requests under this Privacy Policy, please send us an email at privacy@lakefs.io.
Please read this Privacy Policy carefully to understand how we process your personal information. By accessing or browsing the Websites and using their related services, or otherwise sharing your personal information with us, you confirm that you have read and understood the terms of this Privacy Policy.
This Privacy Policy is divided into the following sections:
Section 1 What personal information do we collect about you and for what purposes?
Section 2 With whom do we share your personal information?
Section 3 How is your personal information transferred outside of the EEA and Israel?
Section 4 For how long do we keep your personal information?
Section 5 How do we keep your personal information secure?
Section 6 What rights do you have regarding your personal information?
Section 7 Job Candidate Application
Section 8 Recording Calls
Section 9 Does this Privacy Policy apply to third party links?
Section 10 Social Media Widgets
Section 11 What is our policy regarding minors?
Section 12 How do we approach changes to this Privacy Policy?
Section 13 Contact us
1 — What personal information do we collect about you and for what purpose?
|
Categories of personal information |
Sources |
Purposes of processing |
Examples of use |
Legal Basis – for EU Users only |
|
Contact information and promotional activities:
|
This personal information is provided directly and voluntarily by the User through forms available on the Websites, from the online course as well as during our business and marketing communications (including correspondences, sensory information such as call recordings, and transcriptions and analyses thereof).
This personal information is also provided directly by User or other third parties (which were authorized by Users to provide) including pursuant to a webinar, business conference, assembly or any similar event User attended to. |
Managing requests |
We use this personal information:
|
Legitimate interest of Treeverse to manage its requests |
|
Managing our marketing activities |
In the event you sign up to receive our promotional materials, we use this personal information:
|
Your consent
|
||
|
Automatically-collected information and online identifiers. We automatically collect technical information when you visit and interact with our Websites. (a) – Technical information, including the Internet protocol (IP) address used to connect your computer to the internet, domain name, the type of device used to connect to the services (PC or mobile) and country which requests the information
We will use cookies, beacons, tags, scripts and similar technologies in order to collect information regarding your use of the Websites. For more information, please see our Cookie Policy . |
This information is automatically collected or generated from the Websites and might be collected directly by us or through our use of third parties' cookies and other tracking technologies.
|
Improving the Websites |
Collection of such information is needed for the following uses:
|
Legitimate interest of Treeverse to improve its Websites |
|
Supporting and enhancing our data security measures |
Collection of such information is needed for the following uses:
|
Legitimate interest of Treeverse to secure its Websites |
In addition, please note that we may use some of the personal information described above to:
(a) – manage any litigation, for example to take action against any identified security breach, manage any dispute or litigation and seek advice from lawyers, auditors, and other professional advisers. Such processing is based on our legitimate interest in defending our rights and interests.
(b) – comply with legal and regulatory obligations, for example to perform any reporting and notifications obligations we may be subject to, to competent governmental agencies and authorities; process your requests to exercise your rights; detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights. Such processing is based on legal and regulatory obligations to which we are subject.
2 – With whom do we share your personal information?
2.1 – We share your personal information with third parties as described below:
(a) – With our service providers and sub-contractors which perform functions on our behalf and assist us in the on-going operation of the Websites or our other services and business offerings, including technical, IT, hosting, logistical, call recording and administrative services providers and insurers.
(b) – To the extent required or authorized by law, if we think it is necessary to comply with the law or if we need to do so to protect or defend our legal rights, or the rights of others (including to investigate and protect our users from fraudulent or unlawful use of the Websites), we will share your personal information with third parties requiring information for legal reasons or third party investigators, authorities, regulators or law enforcement bodies.
(c) – Your personal information will be shared with any of our affiliates where we consider that it is in our legitimate interests to do so for internal administrative purposes (for example, corporate strategy, compliance, auditing and monitoring, research and development and quality assurance).
(d) – Companies that assist us in our marketing, advertising and promotional activities; and
(e) – Analytics providers that assist us in the improvement and optimization of the Websites and process personal information in the context of provision of analytical services to us.
We will not sell or otherwise disclose personal information for monetary or other consideration to any third parties (and have not done so over the last twelve (12) months).
We will not share your personal information for cross-contextual behavioral advertising (and have not done so over the last twelve (12) months).
2.2 – We will also disclose your personal information to third parties:
(a) – Where it is in our legitimate interests to do so to run, grow and develop our business:
(i) – If we sell or buy any business or assets, we will disclose your personal information to the prospective seller or buyer of such business or assets;
(ii) – If Company or substantially all of its assets are acquired by a third party, in which case personal information held by Treeverse will be one of the transferred assets.
(b) – To establish, protect, or exercise our legal rights, as required to enforce our terms of service or other contracts; to defend against legal claims or demands; to detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to those rights.
(c) – To protect the rights, property or safety of Treeverse, our employees, customers, suppliers or other persons; and
(d) – If we are under a duty to disclose or share your personal information in order to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity.
3 – How is your personal information transferred outside of the European Economic Area (“EEA”) and Israel?
3.1 – General Provisions
The personal information will be used, stored and/or accessed by staff operating outside the EEA working for us, our affiliates or third-party suppliers. These non-EEA countries include the State of Israel, where Treeverse Labs Ltd. is based, and the USA, where our cloud storage providers’ main data centre is located.
3.2 – International transfers of personal information from the EEA
When transferring personal information outside the EEA, we will usually:
(a) – In accordance with Article 45 of the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data – General Data Protection Regulation (“GDPR”), ensure that the country in which your personal information will be handled (such as the State of Israel) has been deemed “adequate” by the European Commission; or
(b) – In accordance with Article 46.2 of the GDPR and in the absence of an adequacy decision, implement all necessary measures through the adoption of appropriate safeguards, such as the standard contractual clauses (“SCCs”) approved by the European Commission for transferring personal information outside the EEA into our contracts with those third parties.
3.3 – International transfers of personal information from Israel
When transferring personal information outside Israel, the transfer takes place on the basis of:
(a) – to a country declared as offering equivalent level of protection by the Israeli Privacy Protection Authority; or
(b) – otherwise, based on your consent to transfer your personal information to other jurisdictions, understanding that in some countries the level of protection may be lower than the level under Israeli law.
4 – For how long do we keep your personal information?
4.1 – Subject to Section 7.4 below, we retain your personal information for as long as we deem it is reasonably necessary to provide you with the Websites. Other circumstances in which we will retain your personal information for longer periods of time include: (i) where we are required to comply with applicable laws, and (ii) to establish, exercise or defend our legal rights and if we reasonably believe there is a prospect of litigation.
5 – How do we keep your personal information secure?
5.1 – We use appropriate technical and organizational measures to protect personal information against accidental or unlawfully destruction, loss, alteration, unauthorized disclosure or access or divulgation.
5.2 – Your personal information is likely to be transferred over the internet and/or stored on a cloud-based server. Although we make every effort to protect the personal information which you provide to us, the transmission of information over the internet and storage in a cloud-based server is not completely secure. As such, you acknowledge and accept that we cannot guarantee the security of your personal information transmitted to or automatically created by the services we offer and that any such transmission is at your own risk. If you have found a vulnerability or would like to report a security incident, you may send an email to privacy@lakefs.io
6 – What rights do you have regarding your personal information?
6.1 – General Provisions
Individuals have certain rights regarding their personal information, depending on their jurisdiction. If you wish to exercise your rights, you may contact us at privacy@lakefs.io. We will consider all such requests and provide our response within a reasonable period (and in any event within any time period required by applicable laws).
When you ask us to exercise any of your rights under this Privacy Policy and the applicable laws, we may need to ask you to provide us with certain credentials to make sure that you are who you claim you are, to avoid disclosure to you of personal information which is related to others that you are not authorized to receive, and to ask you questions to better understand the nature and scope of personal information that you request to access.
We may redact from the personal information we will make available to you any personal information related to others.
6.2 – Rights for Israeli Users
If you are based in Israel, you are entitled to request us to:
(a) – Review and access your personal information we process.
(b) – Update, amendment, and deletion of personal information which is incomplete, incorrect, outdated or unclear.
6.3 – Rights of individuals in the European Union
6.3.1 – If our processing of your personal information is subject to the General Data Protection Regulation (GDPR), you are entitled to request us to:
(a) – Access your personal information, confirm whether or not personal information about you is being processed, obtain clear, transparent and understandable information on how your personal information is being processed, as well as a copy of your personal information;
(b) – Rectify any of your personal information if it is obsolete, inaccurate or incomplete;
(c) – Delete any personal information which we hold about you (“right to be forgotten”);
(d) – Restrict the way that we process your personal information during a limited period of time;
(e) – Consider any valid request to transfer your personal information to a third-party provider of services (data portability);
(f) – Consider any valid objections which you have to our use of your personal information when the processing is based on Treeverse’s legitimate interest;
(g) – Withdraw your consent when it has been obtained, without this withdrawal affecting the lawfulness of the processing previously carried out.
6.3.2 – We will consider all such requests and provide our response within a reasonable period (and in any event within any time period required by applicable law). Please note that those rights do not always apply and there are certain exceptions to them. We will also need to confirm your identity before acting on certain requests in order to ensure that Personal Data is not disclosed to an individual who does not have the right to receive it.
6.3.3 – If you have a complaint about how we use your personal information, we would always prefer you to contact us first. However, you may also make a complaint to your local data protection authority in the EU country where you are based. If you are unsure which data protection authority to contact, please contact us at privacy@lakefs.io.
6.4 – Data Rights for California Residents
If our processing of your personal data is subject to the California Consumer Privacy Act of 2018, as amended by the California Privacy Right Act of 2020 (“CCPA”), you are entitled to the following rights:
(a) – to request what personal information we have collected, including the categories of personal information, the categories of sources from which the personal information is collected, the business or commercial purpose for collecting, selling, or sharing personal information, the categories of third parties to whom we disclose personal information, and the specific pieces of personal information we have collected about you;
(b) – to request the deletion of your personal information that we collect or maintain, subject to certain exceptions;
(c) subject to certain exceptions, delete the personal information that we have collected about you;
(d) – to request the correction of your inaccurate personal information that we maintain about you;
(e) – to the extent applicable, you have the right to opt-out of the “sharing” of your personal information for “cross-contextual behavioral advertising,” often referred to as “interest-based advertising” or “targeted advertising”;
(f) – to the extent applicable, you have the right to opt-out of the sale of your personal information to third parties.
(g) – in certain circumstances and to the extent applicable, you have the right to opt-out of the use of automated decision making in relation to your personal information.
(h) – under certain circumstances and to the extent we use or disclose “sensitive personal information” (SPI), you have the right to limit the use or disclosure of SPI.
(i) – you may request to receive a copy of your personal information, including specific pieces of personal information, including, where applicable, to obtain a copy of the personal information you provided to us in a portable format.
(j) to not receive discriminatory treatment if and when you exercise your rights regarding your personal information under the CCPA.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a request related to your Personal Data. If you are an authorized agent making a request on behalf of another individual, you must provide us with signed documentation that you are authorized to act on behalf of that individual.
7 — Job Candidate Application
7.1 – General Provisions
This section 7 outlines how we collect and use your personal information as part of our recruitment practices. Please note that this section 7 supplements the other sections of this Privacy Policy.
For the avoidance of doubt, when you apply for a position in the Company, you agree to the processing of your personal information in accordance with the terms of this Privacy Policy. By submitting the personal information at your own free will, you agree that the Company will use it to assess your suitability for the position to which you have applied; you understand that without providing your contact information, your resume, and relevant information related to your professional experience, the Company will not be able to review your application and/or contact you in order to give you details and/or provide you with a response regarding your application.
7.2 – Collected personal information, sources, purposes and EU legal basis
We collect and process the following categories of personal information through the Website for the purposes identified below, and we will retain such personal information as identified in Section 7.4:
| Categories of personal information | Sources | Purposes of processing | Examples of use | Legal Basis – for EU Users only |
|---|---|---|---|---|
|
Identification information or identifier (i.e., first name, last name) Contact details (i.e., email address, phone number) Professional information (i.e., resume, the job you are applying for) any message/information you add to the empty box |
This personal information is provided directly by you via the job application form available on the Website. |
Managing your job application |
We use this personal information:
|
Necessary to take steps prior to entering into a contract between Treeverse and you |
7.3 – Recipients of personal information
In addition to third parties listed in section 2 below, we manage your personal information with our third party tool, Airtable.
7.4 – Personal information retention
We will retain your personal information for the duration of the recruitment process. After the recruitment process and to the extent permitted under applicable law, we might retain your personal information for the purpose of offering you other positions, unless you notify us that you request the deletion of your personal information after we notify you that you have not been selected to the position to which you applied.
8 – Recording Calls and Meetings
8.1 – General Provisions
This section 8 outlines how we collect and use your personal information as part of our call recordings. Please note that this section 8 supplements the other sections of this Privacy Policy.
8.2 – Collected personal information, sources, purposes and EU legal basis
We collect, record, analyze, use and retain the following categories of personal information during our call with our sales representatives, customer’s representatives and any other business individuals for the purposes identified below, and we will retain such personal information as identified in Section 8.4:
| Categories of personal information | Sources | Purposes of processing | Examples of use | Legal Basis – for EU Users only |
|---|---|---|---|---|
|
Identification information or identifier (i.e., first name, last name) Contact details (i.e., email address, phone number) Professional information (i.e., job title, company) Voices Any information you provide us during the call |
This personal information is provided directly by you during our call. |
Managing our customer support and request |
We use this personal information:
|
Legitimate interest of Treeverse to manage its requests |
|
Improving sales internal processes |
We use this personal information:
|
Legitimate interest of Treeverse to improve its sales processes and customer support |
8.3 – Recipients of personal information
We disclose such personal information to our call recording service provider, including to train its artificial intelligence system.
8.4 – Personal information retention
We will retain your personal information for the duration of the process and request. After the request has been processed, we might retain your personal information for the purpose of sending you service-related communications, unless you notify us that you do not wish to receive such communications.
9 – Does this Privacy Policy apply to third party links?
During your visit to our Websites you may access links to or other websites operated by third parties outside of the Company. Please note that this Privacy Policy only applies to the personal information that we (or third parties on our behalf or any of our affiliates) collect from or about you and we cannot be responsible for personal information collected and stored by third parties. Third party websites have their own terms and conditions and privacy policies, and you should read these carefully before you submit any personal information to these websites. We do not endorse or otherwise accept any responsibility or liability for the content of such third-party websites or third-party terms and conditions or policies.
10 – Social media widgets
Our Websites include social media features, including the Github™, LinkedIn™, X™, YouTube™, Discord™ and Slack™ buttons. These features collect your IP address and which page you are visiting on our Websites. Such features also set cookie(s) to enable the feature to function properly. Social media features are hosted by a third party. Your interactions with these features are governed by the privacy policy of the company, social media platform or third-party service, providing it.
11 – What is our policy regarding minors?
The Websites are not intended for use by minors (an individual that is under the age defined by applicable law, which concerning the EEA is under the age of 18, and with respect to the U.S., under the age of 13), and we do not knowingly collect and process personal information relating to minors. If these age requirements are not met, you are required to avoid using the Websites. We will discard any personal information we receive from a minor immediately upon discovering that such a user shared personal information with us.
12 – How do we approach changes to this Privacy Policy?
We will change this Privacy Policy from time to time. Any changes we make to our Privacy Policy in the future will be posted on this page with the “last updated” date at the bottom of this page amended accordingly.
13 – Contact Us
If you have any comments or questions regarding this Privacy Policy or the information practices in connection with the services, please contact us at privacy@lakefs.io.
The practices described in this Privacy Policy are current personal information protection policies, as of November 16, 2025.
Last updated as of December 17, 2025
