phoneText +1 (989) 300-0998
chatSupport Center
bg

RAV Endpoint Protection Privacy Policy

In this Privacy Policy we describe how Reason Cybersecurity Ltd. (“we”, “our” and “us”) collects, uses and handles your information when you use one or more of our RAV software Editions and included products and/or features including RAV VPN and/or RAV Web Protection, if and to the extent applicable (the "Software"). Your use of the Software indicates that such updated terms and conditions are accepted and agreed by you.

This Privacy Policy is incorporated into and is subject to the following End User License Agreement ("EULA")

Please note that if we make available content, software or services of third parties, such content, software and services are subject exclusively to the privacy policy of such third party. Except as otherwise stated herein, any use or download of the Software by you, is indicating that you accept this privacy policy and EULA, and consent to our processing of your personal information in accordance with this Privacy Policy.

Please note that in the event that you ask us to exercise any of your rights under this Privacy Policy or any applicable law, we may ask you to, to the extent permitted by applicable law, (i) provide us with certain credentials ensure we can identify you and authenticate your identity; (ii) provide us with further information about your request, so we can understand its nature and scope, and avoid the disclosure of personal information related to others. We will retain such additional information for legal purposes (e.g., as proof of the identity of the person submitting the request).

1. What kind of information we use and collect

  1. When using and accessing our Website, we may use and collect your login information (full name and email address), information of technical nature (as applicable), including your IP address, activity log of your use of the Website, user agent, information about your browser and operating system, and if you chose to upload a file or URL for scanning, we will also collect such files and URLs.

  2. If you communicate with us via email, support tickets, or any online contact forms, we may collect information including your name, email address, the subject of your inquiry, and any other information or attachments you choose to provide within the body of your message.

  3. Unless you disable the Software, it may access and/or collect certain data as specified below: (i) time and date of certain events related to the Software (such as launching and scanning, updating and uninstalling the Software), activity log of your use of the Software and the features of the Software you use the most. In addition, we may collect, use and access the files and URLs you upload for scanning, the files and URLs we detect as threats and the files that were removed by the Software; (ii) software installed on your computer including extensions and add-ons; (iii) certain information of technical nature, such as, your account information, online activity, machine activity, operating system, browser type, version and language, meta data on unknown files; and (iii) IP Address. In addition, when purchasing the Premium Edition of the Software, you will be requested to provide login information; your full name and email address.

  4. We may also collect and retain information related to any encryption process that affects the honeypot files deployed by our Anti Ransomware feature (applies to Premium Edition only).

    The Software includes Endpoint Detection Response (EDR) tool which allows us to detect malicious activity early for prevention purposes and includes dynamic analysis of device data.

    The RAV VPN is a licensed zero-logs VPN, which means that we do not monitor, collect, or log your browsing activity, under any circumstances, on any platform, when you are using the Software. Please note that when activating the 'Auto Connect' feature included in RAV VPN and approving the location permission, you allow us to access location permission solely for the purposes related to the 'Auto Connect' feature, and therefore this data is not sent to our servers.

2. How we use the collected information

We use the information collected from you as necessary for the performance and facilitation of the Software, including for the following purposes:

  1. To provide, support and operate the Software as well as to further develop, enhance and improve our Software and your user experience with our Software.
  2. To communicate with you, including for support purposes, and for sending you Software-related information such as invoices, updates, security alerts.
  3. To create deidentified datasets for further processing.
  4. To provide you with promotions and offers from Reason Labs Ltd. and its affiliates.
  5. To comply with applicable legal obligations.
  6. To detect and prevent fraud, security and other issues of technical nature.
  7. We may also use or share your information to operate our business, including for debugging, support, security, billing, auditing, research, business analysis and improving our Software (as more fully described in Section 3(c) below).

3. How we share information

  1. If we have a good faith belief that disclosure is permitted by law or is reasonably required to: (i) comply with any law, regulation or legal requirement by any court or regulatory or governmental authority, or such other disclosures reasonable required to establish, protect, maintain or exercise our legal rights; or (ii) enforce this Privacy Policy or any agreement between you and us (including, but not limited to, the EULA).
  2. In the event of a merger, acquisition, reorganization or sale of assets, your information may be transferred or sold.
  3. Third Parties. We have partnered with a number of selected service providers, whose services and solutions complement, facilitate and enhance our own (collectively, and including the “Payment Processors” listed under subsection (d) below, the “Third Party Service Provider(s)”). Such Third Party Service Providers may have access to your personal information, depending on their specific purposes and roles in enhancing and facilitating our Software, and may only use such information for limited purposes determined in our agreements with them.

The categories of service providers we share information with include:

  • Cloud Hosting and Infrastructure Providers: To securely host our Software, process your information, and monitor our servers and frontend.

  • Customer Support and Communication Tools: To provide you with technical support, customer service, and important updates regarding the Software.

  • Research, Analytics and Performance Monitoring Services: To analyze how our Software is used, monitor performance, conduct research, and help us organize our data to improve user experience.

  • Compliance and Financial Tools: To help us ensure compliance with tax regulations and other legal obligations.

    Please note that we may share the following categories of personal information with Third Party Service Providers for a business purpose: online identifier, internet protocol address, country, state and city, external ID, Zip Code, Facebook Click ID or other similar identifiers; commercial information, for example information regarding products or services purchased, obtained, or considered.

  1. Specifically regarding our web protection services, we may engage the following third parties in connection with maintenance, analysis, audit, payment and development services: NextDNS (as the DNS resolver; please note that by default, NextDNS stores statistical usage data based on the last three months of use, which you can customize via the Statistics tab included in Safer Web), Google Analytics, Amazon Web Services, Inc., Zendesk, SendGrid, MixPanel, Tableau, Iterable, Microsoft Advertising, Google Ads, Facebook Ads, Verizon Media Native, TeamViewer (solely for providing remote support access services), Appsflyer, Hotjar, TikTok, Databricks, Vercel, Coralogix, and Sentry.io.
  2. Payment Processors. If you choose to use our Premium Edition, we will use a third-party payment processor/provider (the “Payment Processor(s)”) in order to collect your payment. The Payment Processors are authorized and regulated to handle your payment details and may not use your personal information for any purposes other than providing you with these services. Please note that the Payment Processors are independent controllers of your data, and will process your payment information in accordance with the applicable Payment Processor’s privacy policy. Please note that the Payment Processor may (as applicable) save and reuse your payment details for subsequent payments, in the event of a recurring transaction. The Payment Processors we are currently engaging are:
Payment Processor/ProviderPrivacy Policy
Cleverbridgehttps://store.reasonsecurity.com/1679/?scope=opprivacy
Stripehttps://stripe.com/privacy
Paypalhttps://www.paypal.com/us/legalhub/privacy-full
  1. With our corporate affiliates - from which we receive services, such as IT, analytics, infrastructure, deidentification processes, security, storage, and other internal operations.
  2. To detect and prevent fraud, security and other issues of technical nature.
  3. To protect our rights as well as the rights of our users.

4. Security Measures We Have In Place

In the workplace - we use industry best security measures to protect your personal information from loss, theft, misuse, or unauthorized access. All of our employees are kept up-to-date on these best practices. In addition, we restrict employee access to service administrative panels to only those who require such access in order to perform their job functions.

On the internet - We make all of your data concealed and safeguarded as often as possible. Where appropriate, we use encryption, access controls, passwords, and physical security measures to protect the information we collect and maintain about you against unauthorized access and disclosure.

Transactional emails - We send a small number of emails for transactional purposes, all of which we’ve outlined below.

• Password reset - if, for any reason, you’ve requested to reset your RAV VPN account password, then you’ll receive a password reset email. This email provides a unique password-reset link and instructs how to complete your password reset;

• New password - if, for any reason, you’ve completed a password reset, then you’ll receive a new password email. This email confirms your password reset and explains how to change your password in the future, if you wish to;

Product Awareness - All new subscribers to RAV VPN receive product awareness emails.

These emails offer application tips and helpful hints to RAV VPN account holders who may be unfamiliar with the benefits and inner-workings of a VPN.

Unsubscribing From Promotional Emails - You may opt-out from receiving future promotional emails at any time by clicking the “Unsubscribe” link contained in the bottom of every email. While you may not receive promotional emails on behalf of RAV VPN, you will continue to receive transactional emails from us. Transactional emails are system-generated communications that pertain to your account status; we will only send these emails during one of the instances listed in the section above.

5. Third-Party Websites

Our Software may link to other websites. Please be advised that we are not responsible for the privacy practices of such other websites as those may have different privacy policies and terms of use and are not associated with us. You agree that we cannot control these websites and we will not be responsible for any use of such websites.

6. Information about children

The Software is not intended for, or designed to attract, children. We do not collect personal information from any person we know is an individual under the age of 13. If you become aware that your child has provided us with personal information, please contact us at Support@reasonlabs.com.

7. Data Subject Rights

If you wish to exercise your privacy rights under any applicable law, including the EU or UK General Data Protection Regulation (collectively, the “GDPR”), the Swiss Federal Act on Data Protection (the “FDPA”), the Brazilian General Data Protection Act (the “LGPD”), the California Consumer Privacy Act (the “CCPA”), the California Privacy Rights Act (the “CPRA”), or another US state, country or region that provides individuals with the rights to access, correct, or delete your personal data, please send us an email to: Support@reasonlabs.com. We will make reasonable efforts to accommodate your request, as applicable to privacy laws. Please note that we may ask for additional information, in order to authenticate and validate your identity and process your request (including personal data).

You may have different privacy rights, depending on your country or state of residence, please see further details in the sub-sections below (as applicable to you):

  1. European Economic Area (“EEA”), United Kingdom (“UK”), Switzerland and Brazil: If you are located in the EEA, UK, Switzerland or Brazil the GDPR, FDPA or LGPD (as applicable) apply to you. We act as controllers and process personal information as necessary for the performance of our agreement with you. When we process your personal information upon your usage of the Software, we do so on the basis of performance of our EULA or legitimate interests. We may also process your personal information to comply with applicable legal requirements. Please note that under the GDPR, FDPA or LGPD you may be entitled to the following rights (each, to the extent available under the law which applies to you):

    1. Right to Access: You have the right to request access to the personal information that we hold about you.
    2. Right to Receive Information: You have the right to receive information concerning the processing of your personal information.
    3. Right to Block: You have the right to request to block or restrict the processing of your personal information.
    4. Right to Erasure (Deletion): You have the right to ask that we erase (the “right to be forgotten”) and rectify your personal information (that we process as controllers).
    5. Right to Object: You have the right to object to processing, which is based on our legitimate interests.
    6. Right to Withdraw Your Consent: You have the right to withdraw your consent for the processing of your personal information.

    To submit a request for exercising your rights, please contact us at the following address: Support@reasonlabs.com. Note that the processing of your request is subject to verification of your identity. If we have not addressed your concerns, note that you also have a right to file a complaint with the applicable supervisory authority in your country of residence.

  2. United States of America If you are a resident of California, Utah, Viginia, Colorado, Connecticut, Iowa, Delaware, Florida, Indiana, Oregon, Montana, Nebraska, Texas, New Hampshire, New Jersey, or Tennessee, and/or other States that enact similar privacy laws, this section explains your rights under State privacy laws and contains disclosures required by law. For the purposes of the CCPA, we collect personal information as a business (as defined under applicable privacy state laws). Such information is used and disclosed to our service providers for “business purposes”. You may be entitled to the following rights (each, to the extent available under the law which applies to you):

    1. Right to Know: You have the right to know the categories and specific pieces of personal information that are being collected about you.
    2. Right to Disclose: You have the right to ask that we disclose certain information about our collection and/or use of your personal information during the past 12 months.
    3. Right to Delete: You have the right to ask that we delete the personal information we have collected from you and retained.
    4. Right to Correct: You have the right to request that we correct inaccurate Personal Information that we maintain about you.
    5. Right to Opt-Out: You have the right to opt out of the 'sale' of your personal information by a business.
    6. Right to Equal Service and Price: You have the right not to receive discriminatory treatment for exercising the mentioned rights.

    To submit a request for exercising your rights, please contact us at the following address: Support@reasonlabs.com. Note that the processing of your request is subject to verification of your identity. You may also appoint an authorized agent to exercise these privacy rights on your behalf (subject to certain limitations such as identity verification process and the submission of written approval to act on your behalf). You will not be discriminated against for the exercise of such rights.

    This Privacy Policy describes what personal information we may collect and its sources, how it is deleted and retained. Furthermore, we have provided information about our processing of your information. Note that we may share (as such term is defined under the CPRA) information for business purposes with third parties such as business partners, corporate affiliates, and/or service providers who have accepted our contractual limitations as to their disclosure, use, and retention of such personal information. Nevertheless, for the purposes and intents of the CCPA or CPRA, we do not sell your personal information. Where we store de-identified information, we will only store it and use it in a de-identified form and will not attempt to re-identify the information. If you are a consumer who resides in Florida, Indiana, Colorado, Connecticut, Montana, Iowa, Oregon, New Hampshire, Virginia, Texas, or New Jersey, and we reject your request to exercise your rights, as stated above, you may submit an appeal, provided that you have received a formal rejection notice from us, and that you submit your appeal within a reasonable period of time. You may submit an appeal at the following address: Support@reasonlabs.com.

8. Retention

We will store information collected from you for as long as you are using our Software. If you decide to uninstall the Software, your data will be retained for an additional period of 30 days, following which, it will be deidentified.

9. Storage and Cross-Border Transfers of Personal Information

The nature of our products requires us and our service providers to store, maintain and process your data globally, in order to meet our legal obligations and to provide you with the Software effectively.

Several countries can be involved, including the U.S., European countries, Israel, and others. In some cases, countries outside of the EEA might be involved in the data transfer process.

While privacy laws may differ from country to country, we and our service providers will adhere to the standards we have set for ourselves in this Privacy Policy, and apply appropriate measures to prevent misuse of your personal information (such as the standard contractual clauses approved by the European Commission for data transfers) and ensure that it remains secure, regardless of whether or not the data laws of that country require us to do so.

Situations in which we transfer personal information outside the EEA include (but are not limited to): providing our products, processing transactions and payment details and providing Software support. Moreover, a transfer outside the EEA can also occur as part of M&A transactions, where the purchaser is located outside the EEA.

10. How can we modify this Privacy Policy?

We may revise this Privacy Policy from time to time, and will include the most current version in the Software. Accordingly, please visit this Privacy Policy regularly to check for any changes.

11. How can you contact us?

If you have any questions, comments or concerns regarding this Privacy Policy and/or our practices, please send an e-mail to Support@reasonlabs.com.

12. Representative for Data Subjects

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:

  • United Kingdom (UK)
  • European Union (EU)
  • Switzerland

Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://prighter.com/q/12015696620