1. What kind of information we use and collect?
When using and accessing our Software, we may use and collect (i) information of technical nature (as applicable), including your IP address, user agent, information about your browser and operating system; (ii) time and date of certain events related to the Software (such as launching and scanning, updating and uninstalling the Software), activity log of your use of the Software and the most used features of the Software; (iii) if you choose to download a file, run a scan or use the real-time protection services, we will also collect such files; and (iv) if you choose to use our dark web monitoring feature and provide us with your email for this purpose, we will collect the email address that you choose to monitor. We may also provide you with the option to scan your phone number/credit card number/bank number/SSN/national ID number/driver's license number to provide additional masked results. It is hereby clarified that the results of the dark web monitoring scans may include sensitive information associated with the email provided, for which you take full responsibility. The scans’ results are delivered to your email address and/or the Software’s interface directly by our applicable Third Party Service Provider, and no data related to these results is stored on our servers. Full and masked scan results can only be received following entering your email address, and your registration for a Software user account.
We may also use and collect usage data such as information related to your installed extensions, trackers & cookies data, notifications and browsing history. We will also collect URLs and the preceding referral domains to check if they are malicious. In this regard, we will send the URLs to our servers but only store their domains in order to operate and provide the Software services.
2. How we use the collected information
We use the information collected from you as necessary for the performance and facilitation of our Software, including for the following purposes:
- To provide, support and operate the Software as well as to further develop, enhance and improve our Software and your user experience with our Software.
- To communicate with you, including for support purposes, and for sending you Software -related information such as invoices, updates, security alerts.
- To comply with applicable legal obligations.
- To detect and prevent fraud, security and other issues of technical nature.
- We may also use or share your information to operate our business, including for debugging, support, security, billing and auditing, business analysis and improving our Software (as more fully described in Section 3(c) below).
3. How we share information?
In the event of a merger, acquisition, reorganization or sale of assets, your information may be transferred or sold.
Third Parties. We have partnered with a number of selected service providers, whose services and solutions complement, facilitate and enhance our own. These include hosting and server co-location services, communications and content delivery networks (CDNs), data and cyber security services, domain name registrars, fraud detection and prevention services, web analytics, e-mail distribution and monitoring services, session recording and remote access services, performance measurement, data optimization and marketing services, content providers, and our legal and financial advisors (collectively, “Third Party Service Provider(s)”). Such Third Party Service Providers may have access to your personal information, depending on their specific purposes and roles in enhancing and facilitating our Software, and may only use such information for limited purposes determined in our agreements with them.
The Third Party Service Providers we are currently engaging are:
- Google Analytics, for monitoring and analyzing our performance. You can read about Google’s practices with respect to the protection of your information at: http://www.google.com/intl/en/policies/privacy/.
- Amazon Web Services, Inc. servers, for processing your information. You can read about Amazon’s practices with respect to the protection and the security of their servers and your information at: https://aws.amazon.com/security/.
- Zendesk, for providing you with support services. You can read about Zendesk practices with respect to the protection and the security of their servers and your information at: https://www.zendesk.com/company/customers-partners/privacy-policy/.
- SpyCloud for providing the dark web monitoring service. You can read about SpyCloud practices with respect to the protection and the security of their servers and your information at: https://spycloud.com/legal-and-privacy-center/privacy-policy/.
- Mailchimp - You can read about Mailchimp practices with respect to the protection and the security of their servers and your information at: https://mailchimp.com/legal/privacy/.
- Microsoft Advertising - You can read about Microsoft practices with respect to the protection and the security of their servers and your information at: https://privacy.microsoft.com/en-us/.
- Google Ads - You can read about Google practices with respect to the protection and the security of their servers and your information at: https://policies.google.com/privacy.
- Facebook Ads - You can read about Facebook practices with respect to the protection and the security of their servers and your information at: https://www.facebook.com/about/basics/.
- MixPanel - You can read about MixPanel practices with respect to the protection and the security of their servers and your information at: https://mixpanel.com/legal/privacy-policy.
- Tableau - You can read about Tableau practices with respect to the protection and the security of their servers and your information at: https://www.salesforce.com/company/privacy/.
- ScamAdviser - You can read about ScamAdviser practices with respect to the protection and the security of their servers and your information at: https://www.scamadviser.com/privacy-policy.
Please note that we may share the following categories of personal information with Third Party Service Providers for a business purpose: online identifier, internet protocol address, country, state and city, external ID, Zip Code, Facebook Click ID or other similar identifiers; commercial information.
With our corporate affiliates - from which we receive services, such as IT, security, storage, and other internal operations.
To detect and prevent fraud, security and other issues of technical nature.
To protect our rights as well as the rights of our users.
4. Information about children
This site is not intended for, or designed to attract, children. We do not collect personally identifiable information from any person we actually know is an individual under the age of 13. If you become aware that your child has provided us with personal information, please contact us at email@example.com.
5. About our advertising policies
Please note that we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application, however, most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser.
6. Data Subject Rights
If you wish to exercise your privacy rights under any applicable law, including the EU or UK General Data Protection Regulation (collectively, the “GDPR”), the Swiss Federal Act on Data Protection (the “FDPA”), the California Consumer Privacy Act (the “CCPA”), the California Privacy Rights Act (the “CPRA”), the Virginia Consumer Data Protection Act (the “VCDPA”), the Utah Consumer Privacy Act, Utah Code Ann. §13-61 ("UCPA"), the Connecticut Personal Data Privacy and Online Monitoring Act § 42-518 ("CTDPA"), or the Colorado Privacy Act Code § 6-1-1301 (2022) ("CPA"), please send us an email to: firstname.lastname@example.org. We will make reasonable efforts to accommodate your request, as applicable to privacy laws. Please note that we may ask for additional information, in order to authenticate and validate your identity and process your request (including personal data).
You may have different privacy rights, depending on your country or state of residence, please see further details in the sub-sections below (as applicable to you):
- European Economic Area (“EEA”), United Kingdom (“UK”) and Switzerland:
If you are located in the EEA, UK or Switzerland, the GDPR or FDPA (as applicable) apply to you.
We act as controllers and process personal information as necessary for the performance of our agreement with you.
We may also process your personal information to comply with applicable legal requirements and/or obligations, and to support our legitimate interests in developing, maintaining, and improving our Software.
Please note that under the GDPR or FDPA you may be entitled to the following rights (each, to the extent available under the law which applies to you):
- Right to Access: You have the right to request access to the personal information that we hold about you.
- Right to Receive Information: You have the right to receive information concerning the processing of your personal information.
- Right to Block: You have the right to request to block or restrict the processing of your personal information.
- Right to Erasure (Deletion): You have the right to ask that we erase (the “right to be forgotten”) and rectify your personal information (that we process as controllers).
- Right to Object: You have the right to object to processing, which is based on our legitimate interests.
- Right to Withdraw Your Consent: You have the right to withdraw your consent for the processing of your personal information.
To submit a request for exercising your rights, please contact us at the following address: email@example.com. Note that the processing of your request is subject to verification of your identity.
If we have not addressed your concerns, note that you also have a right to file a complaint with the applicable supervisory authority (e.g., of your domicile or country).
- United States of America:
If you are a resident of California/Virginia/Utah/Connecticut/Colorado, the CCPA, CPRA, VCDPA, UCPA, CTDPA or CPA (and/or similar state laws, as applicable) apply to you, and this section explains your rights under State privacy laws and contains disclosures required by law.
For the purposes hereof, we collect personal information as a business (as defined under applicable privacy state laws). Such information is used and disclosed for “business purposes”.
Please note that under the CCPA, CPRA, VCDPA, UCPA, CTDPA or CPA (and/or similar state laws, as applicable) you may be entitled to the following rights (each, to the extent available under the law which applies to you):
- Right to Know: You have the right to know the categories and specific pieces of personal information that are being collected about you.
- Right to Disclose: You have the right to ask that we disclose certain information about our collection and/or use of your personal information during the past 12 months.
- Right to Delete: You have the right to ask that we delete the personal information we have collected from you and retained.
- Right to Opt-Out: You have the right to opt out of the 'sale' of your personal information by a business.
- Right to Equal Service and Price: You have the right not to receive discriminatory treatment for exercising the mentioned rights.
To submit a request for exercising your rights, please contact us at the following address: firstname.lastname@example.org. Note that the processing of your request is subject to verification of your identity. You may also appoint an authorized agent to exercise these privacy rights on your behalf (subject to certain limitations such as identity verification process and the submission of written approval to act on your behalf).
7. Storage and Cross-Border Transfers of Personal Information
The nature of our products requires us and our service providers to store, maintain and process your data globally, in order to meet our legal obligations and to provide you with our services effectively.
Several countries can be involved, including the U.S., European countries, Israel, and others. In some cases, countries outside of the EEA might be involved in the data transfer process.
Situations in which we transfer personal information outside the EEA include (but are not limited to): providing our products, processing transactions and payment details and providing support services. Moreover, a transfer outside the EEA can also occur as part of M&A transactions, where the purchaser is located outside the EEA.
We will store information collected from you for as long as you are using our Software. If you decide to uninstall the Software, your data will be retained for an additional period of 30 days, following which, it will be deidentified.
10. How can you contact us?
11. Representative for Data Subjects
We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:
- United Kingdom (UK)
- European Union (EU)
Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://prighter.com/q/12015696620