Privacy Policy

Last modified: May 22, 2018

This privacy policy (“Privacy Policy”) describes the information collection practices that AlienVault, Inc. and its respective subsidiaries (“AlienVault,” “we,” “us,” or “our,” if not explicitly referring to one company) follow when handling Personal Information (defined below) that we collect or receive in conducting our business, including through our products, services, content, websites, and user applications (the “Sites”), as further explained below. Employment data is not subject to this Privacy Policy, but will be covered under separate policies and procedures of, and agreements among, the various AlienVault companies. If you are a resident of the European Union (“EU”), you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Information, as outlined below. For the purposes of this Privacy Policy, references to the EU also include the United Kingdom, Switzerland, and the European Economic Area countries Iceland, Liechtenstein, and Norway.

DEFINITIONS

“Data Processor” means a third party that processes Personal Information on behalf of and pursuant to the instructions of AlienVault.

“Personal Information” means any information relating to an identified individual, or to an individual who can be identified, directly or indirectly, by reference to such information, which may include, an identification number or one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity. Without limiting the foregoing, Personal Information does not include information that is de-identified or corporate information that relates to an organization but not to an individual, such as a corporate name, corporate address or general corporate phone number.

INFORMATION WE COLLECT FROM OR ABOUT YOU

Personal information you provide to us. We collect Personal Information that you provide to us through our Sites, and in connection with other business dealings we, or our channel sales and business partners, may have with you. Such information may include:

  • First and last name
  • Company name
  • Title
  • Email address
  • IP address
  • Login user name and password
  • Mailing address
  • Telephone number
  • Fax number
  • Personal preferences regarding products and services
  • Location
  • Information necessary to process a credit card transaction, such as the credit card type, number, and expiration date.

Information we receive from third party sources. Some third parties such as our business partners and service providers provide us with Personal Information about you, such as the following:

  • Account information for third party services. If you interact with a third party service when using our Sites, such as if you use a third party service to log-in to our Sites (e.g., Facebook Connect, Google Sign-In, or Twitter OAuth), or if you share content from our Sites through a third party social media service, the third party service will send us information about you, such as information from your public profile, if the third party service and your account settings allow such sharing. The information we receive will depend on the policies and your account settings with the third-party service.

  • Information from our advertising partners. We receive information about you from some of our service providers who assist us with marketing or promotional services related to how you interact with our websites, applications, products, services, advertisements, or communications:

    • Job Title/Function
    • Business Address
    • Topics of interest
    • Firmographic information (company size by employees or approximate revenue band)
    • Role in purchase decisions

Information we automatically collect when you use Open Threat Exchange (OTX). Some Personal Information is automatically collected when you use the OTX Portal and/or the OTX Endpoint Security, such as the following:

  • Computer name
  • Hostname
  • External IP
  • OS type
  • OS version
  • Endpoint Scans collect additional data:
    • Filename
    • File path
    • IP address (source and destination)
    • Ports (source and destination)
    • Command line of running processes
    • Process IDs
    • Process working directories
    • File hashes of files on your system (SHA-1, SHA-256, MD5)

Website usage information we collect. In addition to Personal Information that you choose to submit to us, whenever you visit or interact with our Sites, we may collect or store information about your interaction with our Sites (“Usage Information”). This Usage Information may include:

  • your IP address or any other unique identifier assigned to the device that you use to access our Sites;
  • the functionality and characteristics of your device, including type of browser, operating system and hardware, mobile network information, and in some cases location information;
  • the URL that referred you to our Sites, if any;
  • your activities on our Sites, such as which web pages you visit, what terms you searched within our Sites, and which links within our Sites that you click on; and
  • the time of day that you visited our Sites and how long your visit lasted.

Usage Information

is typically anonymous information; however, if it is combined with your Personal Information in a manner that reasonably allows it to be associated with your identity, or is otherwise considered Personal Information under applicable law, it will be treated as Personal Information under this Privacy Policy, and, if you are an EU resident, it may be considered Personal Data and be subject to the section applicable to EU users below.

We use certain common methods and technologies to collect and store Usage Information about your interaction with our Sites (“Analytic Technologies”). These Analytic Technologies may be downloaded to the personal computer, laptop, tablet, mobile phone, or similar device that you use to access the Sites (“Your Device”). The specific Analytic Technologies that we use are as follows:

  • Cookies. A cookie is a data file placed on Your Device when you visit our Sites. We use cookies only to facilitate the use and navigation of our Sites and to remember you and your preferences in case you revisit our Sites in the future and to conduct range measurement. Information collected relates to technical information (e.g. your browser, a timestamp, and a unique identifier). Almost all browsers allow blocking of cookies in their entirety, removal of existing cookies, or warning to prevent the placing of a cookie. You can find more information on this functionality in the documentation or in the help file of your browser. Please note that blocking of cookies might impede your use of our Sites. For more information, please see our Cookie Policy www.alienvault.com/legal/cookie-policy. If you are a resident of the EU or other jurisdiction that requires us to obtain your consent to use cookies on our Sites, then you will have an opportunity to manage your cookie preferences on such Sites; except that certain cookies are essential to enable core site functionality, and you cannot choose to disable those cookies.
  • Do Not Track Policy. Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Sites do not support Do Not Track requests at this time.
  • Analytics. We use analytics applications, including “Google Analytics”, to collect information about use of the Sites. Google Analytics collects information such as how often users visit a website, what pages they visit when they do so, and what other websites they visited prior to coming to a website. We use the information obtained from these applications only to improve our Sites and our product and service offerings. The information generated about your use of our Sites will be transferred and saved to the vendor’s server in the United States. For Google Analytics, within Member States of the European Union or other signatories of the Agreement on the European Economic Area, Google will first shorten your IP address. In exceptional cases, the full IP address will be transferred to a Google server in the United States to be shortened there. Google’s ability to use and share information collected by Google Analytics about your visits to the Sites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. You can opt-out of Google Analytics tracking by visiting https://tools.google.com/dlpage/gaoptout/.
  • Web Beacons. A web beacon, including tracking pixels, is a small graphic image or other web programming code, also known as “1×1 GIF” or “clear GIF.” We may download web beacons to Your Device when you access our Sites or through email messages that we send to you. Web beacons are used to improve your experience on our Sites. Web beacons also help us to understand whether users read email messages and click on the links contained within those messages so that we can deliver relevant content and messages. Our web beacons may collect certain of your contact information (e.g., the email address associated with an email message that contains a web beacon).
  • Embedded Scripts An embedded script is a programming code that is designed to collect information about your interactions with our Sites, such as which links within our Sites you click on, which type of browser or device you use (e.g. mobile or desktop version). We use such information to enhance the user experience. This code is downloaded onto Your Device when you access our Sites and is deactivated or deleted when you leave our Sites. Identification of the user does not take place.

Information we receive from third parties. We may receive Personal Information about you from third parties who recommend or suggest that we contact you for business purposes. This includes basic contact information about you, such as your name, company name, title, address, phone number, fax number, and email address. It may also include information on the content, products, or services you have shown interest in or may be interested in purchasing from us, as well as information on other companies or individuals with whom you do business. We may also obtain Personal Information about you from third parties in connection with business transactions you initiate with us, such as through credit verification or other processes related to the transaction. This Personal Information will be treated in accordance with this Privacy Policy.

HOW WE USE YOUR INFORMATION

Business Use. We use your Personal Information primarily to facilitate our ongoing and proposed business dealings with you (“Business Use”). This includes to: (1) process business transactions with us that you initiate, including without limitation orders of products and services and the creation of user profiles, for example in our AlienVault OTX, USM Anywhere, and USM Central services; (2) establish and maintain customer accounts so that we may provide products or services of ours requested by you or your company; (3) register you as a user of these products or services so that you may access them through our Sites or otherwise; (4) communicate with you about updates, maintenance, outages, or other technical matters concerning these products or services; (5) provide you with training and support regarding usage of these products or services; (6) notify you about changes to any of the policies and procedures for use of these products or services; (7) verify the accuracy of account and technical contact information we have on file for you and your company in relation to these products or services; and (8) respond to questions or inquiries that you or your company may have about our products or services. We also may use your Personal Information as required for us to comply with laws and regulations relating to the products or services that we provide in any of the jurisdictions in which we or our affiliated companies operate, including the United States, and we may use Usage Information internally within AlienVault to help us improve our products or services, or to develop new products or services.

We may also use your Personal Information to personalize the content of the Sites and communications based on your preferences, and to comply with our legal or contractual obligations and to resolve disputes. Additionally, we may use your Personal Information to protect against or deter fraudulent, illegal, or harmful actions and to enforce our MSA or EULA (depending on which service you are using).

Marketing Purposes. With your consent or as otherwise permitted by applicable law, we may use your Personal Information for purposes relating to the marketing of our content, products, and services, or those of our business partners (“Marketing Purposes”). This includes to: (1) send you newsletters, press releases, event announcements, and other similar communications regarding the products or services that we offer; (2) market or promote our products or services to you, including by offering you trial or limited access to certain of our products or services; (3) solicit input from you regarding improvement of our products or services; (4) inform you of third-party offerings that we think you or your company may be interested in which relate to our products or services; (5) send you announcements or requests on behalf of other customers of ours who believe you would benefit from use of our products or services; and (6) other purposes that we disclose to you at the time we obtain your consent.

Referrals. From time to time, we may receive Personal Information about you from third parties who recommend or suggest that we contact you for business purposes. We receive such Personal Information because you have consented towards the third party that they might share your Personal Information. If we use that information to contact you, it will only be to see if you are interested in our products or services, or those of our business partners. We will not use this information for other purposes without your consent. In addition, if you inform us that you are not interested in these products or services, we will stop using the information to contact you.

Data Integrity. You are responsible for the accuracy of all Personal Information that you provide to us. We will use reasonable efforts to maintain the accuracy and integrity of your Personal Information, and to update that information as appropriate. We will take reasonable steps to ensure that the Personal Information we collect from you is relevant to its intended use, and that it is used only in ways that are compatible with the purposes for which it was collected or otherwise authorized by you.

WITH WHOM WE MAY SHARE INFORMATION

Within AlienVault. AlienVault is a company that transacts business across national borders. Accordingly, from time-to-time and subject to the provisions of this Privacy Policy governing CHOICE AND UPDATING YOUR INFORMATION AND PREFERENCES (see below), we may share your Personal Information and Usage Information within AlienVault (i.e., between and among AlienVault and its subsidiaries). Such information may be used by each AlienVault entity for internal business and operational purposes, as well as for purposes consistent with the purpose for which the information was originally collected or subsequently authorized by you.

Outside of AlienVault. We may share your Personal Information with “Data Processors” as described below, and with other third parties for purposes disclosed to you at the time you provided the information, or as subsequently authorized by you. From time to time, we also may offer you the option of sharing your Personal Information with third parties in order to receive information and/or marketing offers from them or other persons. If you consent to the sharing of your Personal Information for these purposes, it will be subject to the privacy policies and business practices of those third parties. If you later decide that you no longer want us to share Personal Information with such third parties, please contact us as indicated below under the section CHOICE AND UPDATING YOUR INFORMATION AND PREFERENCES (see below). We will process your request in a reasonable period of time. Note, however, that if you no longer wish to receive communications from a third party which has already received your Personal Information from us, you will need to contact that third party directly to inform them of this.

Data Processors. We may, from time to time, employ Data Processors to perform services on our behalf, such as: (1) hosting our Sites, products, and other applications; (2) designing and/or operating certain features available through our Sites; (3) sending emails and other communications relating to our products or services; (4) fulfilling and processing orders for our products or services; (5) assisting with promotions and conferences relating to our products or services, or those of our business partners; (6) providing analytic services, such as in relation to the tracking of usage of our Sites; or (7) performing other administrative services for us. We may provide these Data Processors with access to your Personal Information in order for them to complete a requested transaction or otherwise perform services for us or for you on our behalf. Prior to allowing our Data Processors to access your Personal Information, we will enter into a data protection agreement or addendum (“DPA”) with them to ensure that they handle and process the information in accordance with this Privacy Policy and applicable law as instructed by us.

Partners. We may also share your contact information with the following partners so that we can better serve you:

  • Distributors and resellers. If you are in a location where we primarily sell our products and services through a distributor or reseller, we may pass your contact information on to such distributor or reseller so that they can contact you directly about your interest in AlienVault’s products and services.
  • Managed Service Providers. We may share your contact information with third parties that provide an offering or service that runs the AlienVault product for you. If that managed service provider is also an AlienVault reseller or distributor, you may purchase the AlienVault product directly through them.
  • Implementation Partners. We may share your contact information with partners who can help you with implementation and integration of AlienVault into your environment.
  • Training Delivery Partners. We may share your contact information with partners that we work with to deliver training for AlienVault products in certain locations, so that such partner can facilitate the delivery of the training directly to you.

Site Hosting. Our Sites and the servers on which they are hosted are operated in various countries around the world in which we conduct our business. Thus, your Personal Information associated with our Sites may be transferred to and/or processed in a country other than that from which it was collected. The data protection laws in those countries may differ from those of the country in which you are located. The servers may be operated by third party hosted service providers.

Links to Other Websites and Applications. The Sites may contain various links to, as well as plug-ins or widgets from, social media and other third-party websites or applications, which may provide additional information, goods, services, and/or promotions. These third-party websites or applications are owned and operated independently of AlienVault, and may have their own separate privacy and data collection practices. We are not responsible for the privacy practices of any third party; therefore, you should review their privacy policies and practices prior to interacting with their websites or applications, using any of their tools, or sharing any of your Personal Information with them.

Community Forums. Our Sites may offer message boards, chat rooms, blogs, and other public areas, as well as the Open Threat Exchange (OTX) Portal (“Community Forums”) where you can interact with our employees, other customers, post images, data, requests, questions, comments, suggestions, or other content, including your Personal Information (“User Submissions”). To participate in Community Forums, you may be asked to select a user name and password and/or provide us with your email-address, and to agree to the terms of participation for those Community Forums. We use this information to identify you and to contact you, if needed, for the provision of those Community Forums. You are able to change your email preferences or discontinue your participation in the Community Forums at any time. Your password and your email-address will not be visible to other users or shared with third parties. You should be aware that any User Submissions you post to a Community Forum, as well as your user name, may be viewed by other members of that forum. If you choose to voluntarily post User Submissions to a Community Forum, be aware that such information is viewable by anyone else on that Community Forum. Think carefully before you post and use caution before disclosing any Personal Information in a Community Forum. We are not responsible for the accuracy, use, or misuse of any User Submission that you disclose or receive through a Community Forum. We might also delete User Submissions without further notice if they include harmful or inappropriate content (e.g., pornographic material, content encouraging vandalism, crime, terrorism, racism, violence, or cruelty), or infringe any third party’s rights or applicable law.

Promotions. We may offer various promotions (“Promotions”) through the Sites or elsewhere that may require registration with your Personal Information. If you choose to enter or otherwise participate in a Promotion, your Personal Information may be disclosed to third parties in connection with administration of the Promotion, such as in connection with winner selection, prize fulfillment, and as otherwise required by law. By entering into a Promotion, you are agreeing to the official rules that govern that Promotion, which may contain specific requirements of you, including, except where prohibited by law, allowing the sponsor and/or other parties to use your name, voice, and/or likeness in advertising or marketing materials. These rules will be displayed to you during the registration process, and you will be asked for your consent to the respective data processing at that time.

Affiliates and Business Transfers. We may share your Personal Information with our affiliates. Additionally, AlienVault or any part of its business, including our Sites, may be sold at some point in the future. Should this occur, your Personal Information may be transferred to a subsequent owner, co-owner, or operator of the business unit or Site. We also may disclose and transfer your Personal Information in connection with a corporate merger, consolidation, restructuring, the sale of stock or assets, or other corporate change, including, without limitation, during the course of any due diligence process. In all such cases, this Privacy Policy will continue to govern the use and disclosure of such information.

Legal Protections and Law Enforcement. We may access, use, preserve, transfer, and disclose to third parties your Personal Information to: (1) satisfy any applicable law, regulation, subpoena, governmental request, or legal process if, in our good faith opinion, such is required or permitted by law; (2) protect and/or defend this Privacy Policy or other policies or terms of use applicable to our Sites, including investigations of potential violations thereof; (3) protect the safety, rights, property, or security of AlienVault or any third party; and/or (4) detect, prevent, or otherwise address fraud, security issues or breaches, or technical issues. This may include allowing third parties, such as copyright owners, Internet service providers, wireless service providers, and/or law enforcement agencies, to access and use your Usage Information in order to identify you. We may take any of these steps without notice to you to the extent permitted by law.

CHOICE AND UPDATING YOUR INFORMATION AND PREFERENCES

We reserve the right to take reasonable steps to authenticate the identity of any individual seeking access to Personal Information. We may provide web pages or other mechanisms on our Sites through which you can update subscription preferences. You can also contact us to update your Personal Information or change your preferences. Our contact information for these purposes is by email at [email protected]. If you receive a marketing communication from us by email, you may also opt out of receiving future email marketing communications by following the opt-out instructions provided in that email. Please note that we reserve the right to send you certain communications relating to transactions you initiate, your customer account, your use of our Sites, or other business matters, and that these communications may be unaffected if you choose to opt-out from marketing communications.

In accordance with our routine record keeping and applicable law, we may delete certain records that contain your Personal Information. We are under no obligation to store such information indefinitely, and we disclaim any liability arising out of, or related to, the destruction of that information. In addition, you should be aware that it is not always possible to completely remove or delete all of your information from our databases without some residual data because of backups and other reasons. Also, if you have posted any User Submissions to a Community Forum, these communications cannot generally be removed.

Under California Civil Code Sections 1798.83-1798.84, California residents are entitled to contact us to prevent disclosure of Personal Information to third parties for such third parties’ direct marketing purposes; in order to submit such a request, please contact us at [email protected]

INFORMATION SECURITY

We will take reasonable precautions to protect your Personal Information in our possession from loss, misuse, and unauthorized access, disclosure, alteration or destruction. We will make reasonable efforts to keep your Personal Information reliable for its intended use, accurate, current and complete. As necessary, we will take additional precautions regarding the security of particularly sensitive information, such as credit card information. While we strive to secure your Personal Information, we cannot warrant or guarantee that this information will be protected under all circumstances, including those beyond our reasonable control.

ENFORCEMENT

We will conduct periodic internal compliance audits of our relevant privacy practices to verify adherence to this Privacy Policy. We encourage you to raise any questions or concerns that you may have about the way we process your Personal Information by contacting us at the address set forth below.

We commit to resolve questions and complaints about your privacy and our collection or processing of Personal Information about you. If you believe that we are not complying with the terms of this Privacy Policy or other legal requirements, you should first contact us by email at [email protected]. We will investigate and will do our best to internally resolve any complaints and disputes you bring to our attention regarding the use and disclosure of your Personal Information.

CHILDREN

The Sites are intended for business use. We do not knowingly collect or solicit Personal Information from anyone under the age of 16. If you are under 16, please do not attempt to register for the Sites or send any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under age 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us Personal Information, please contact us at [email protected].

EUROPEAN DATA SUBJECTS: PRIVACY SHIELD AND EU GENERAL DATA PROTECTION REGULATION (GDPR)

Privacy Shield. AlienVault, Inc. in the United States participates in the EU-U.S. Privacy Shield Framework (the “Privacy Shield”). AlienVault, Inc. is a company with international operations and customers. We have developed global data security practices designed to ensure that personal information is appropriately protected. When you submit Personal Information to AlienVault, Inc. you are consenting to the transfer of the Personal Information to the United States or other jurisdictions which may be outside of the jurisdiction in which you reside and which may not provide the same protections and use restrictions on Personal Information as your jurisdiction of residence. AlienVault, Inc.’s participation in the Privacy Shield applies to all Personal Information received in the United States from the European Union, such as Personal Information about former, current, or prospective corporate customer contacts received from the EU (collectively “EU Personal Data”). “Data subject” means an individual who is the subject of the EU Personal Data. We are committed to subjecting such EU Personal Data to the Privacy Shield, including its Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability (the “Privacy Shield Principles”). To learn more about the Privacy Shield, visit the U.S. Department of Commerce’s Privacy Shield List https://www.privacyshield.gov/. If there is any conflict between the terms in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

You have the right to exercise choice (opt-out) from our disclosure of Personal Data to a third party. (Please see the section on WITH WHOM WE MAY SHARE INFORMATION above for details of such disclosures.) If consent has been given, you also have the right to opt out of the use of your EU Personal Data for direct marketing purposes. To exercise these rights, please send us an email at [email protected] or follow the instructions in any direct marketing message you may have received (e.g., click the provided opt-out link in the email message).

Please contact us as specified below if you have any questions, need access to your EU Personal Data, or otherwise need assistance. We remain responsible for our collection, use, and disclosure of EU Personal Data in accordance with the Privacy Shield. We also are responsible for third party agents that are processing such data on our behalf, unless we prove that we are not responsible for the event giving rise to the damage. In certain situations, we may be required to disclose EU Personal Data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.

If you are an EU data subject with an unresolved complaint or dispute arising under the requirements of the Privacy Shield, we agree to refer your complaint under the Privacy Shield to an independent dispute resolution mechanism. That independent dispute resolution mechanism is the International Centre for Dispute Resolution, the international division of the U.S.-based American Arbitration Association. For more information and to file a complaint, you may contact the International Centre for Dispute Resolution by phone at +1.212.484.4181, or by visiting the website http://go.adr.org/privacyshield.html. We are also subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to the Privacy Shield. In addition, under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, EU data subjects may invoke binding arbitration before the Privacy Shield Panel jointly created by the U.S. Department of Commerce and the European Commission.

Please contact us at [email protected] if you have any questions, wish to exercise your rights of access, or to request the correction, amendment, removal, and/or limitation of the use and disclosure of your EU Personal Data or seek other assistance as described above.

GDPR. For this GDPR section, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. AlienVault is the controller of your Personal Data processed in connection with the Sites. Note that we may also process Personal Data of our customers’ end users or employees in connection with our provision of services to customers, in which case we are the processor of Personal Data. If we are the processor of your Personal Data (i.e., not the controller), please contact the controller party in the first instance to address your rights with respect to such data.

If there are any conflicts between this section and any other provision of this Privacy Policy, the policy or portion that is more protective of Personal Data shall control to the extent of such conflict. If you have any questions about this section or whether any of the following applies to you, please contact us at [email protected]

  • What personal data do we collect from you?
    We collect Personal Data about you when you provide such information directly to us, when third parties such as our business partners or service providers provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Sites. Please see the section INFORMATION WE COLLECT FROM OR ABOUT YOU above for details of the Personal Data we collect. For the purposes of this Privacy Policy, when we use the term Personal Information, that is intended to also indicate Personal Data pursuant to the GDPR and EU Personal Data pursuant to the Privacy Shield in each case if the applicable data subject is an EU resident.
  • How do we use your personal data?
    Please refer to the section on HOW WE USE YOUR INFORMATION above for details of how we use and process your Personal Data.
  • Lawful Bases for Processing.
    We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing may include consent, contractual necessity and our “legitimate interests,” as further described below.
    • Contractual Necessity. When you purchase our products and services, we process your contact information (e.g., name, phone number, address, email address) as a matter of “contractual necessity”, meaning that we need to process the data to perform under our MSA, EULA, or other agreement with you, which enables us to provide you with the products and services you request. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Sites or our products and services that require such data.
    • Legitimate Interest. We may also process your contact information and other categories of Personal Data described in the section titled INFORMATION WE COLLECT ABOUT YOU above for our legitimate interest purposes.

      Examples of these legitimate interests include:

      • Operation and improvement of our business, products, and services
      • Provision of customer support
      • Protection from fraud or security threats
      • Protecting the security of your account with us
      • Providing you with a sign-in method
      • Determining your geographic location and preferences so that we can serve you better
      • Compliance with legal obligations
      • Completion of corporate transactions
    • Consent. In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection. If you provide us with opt-in consent to receive marketing information from AlienVault, we will process your email address for the purpose of sending you marketing information about our products and services. The legal ground for processing your email address for this purpose is your consent. You may withdraw your consent any time by selecting “unsubscribe” in the marketing email or email us at [email protected].
    • Other Processing Grounds. From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
  • How and with whom do we share your data?
    We share Personal Data with vendors, third party service providers, and agents who work on our behalf and provide us with services related to the purposes described in this Privacy Policy or our MSA, EULA, or other agreement with you. For more information on such third parties, please refer to the section titled WITH WHOM WE MAY SHARE INFORMATION above.
  • How long do we retain your personal data?
    We retain Personal Data about you as set forth on our company’s data retention policy. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule, or regulation. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify you personally.
  • What security measures do we use?
    We seek to protect Personal Data using appropriate technical and organizational measures based on the type of Personal Data and applicable processing activity. For example, we protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input. We also require our supplier and vendors to protect such information from unauthorized access, use, and disclosure.
  • Personal Data of children.
    The Sites are intended for business use. We do not knowingly collect or solicit Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register for the Sites or send any Personal Data about yourself to us. If we learn that we have collected Personal Data from a child under age 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us Personal Data, please contact us at [email protected].
  • What rights do you have regarding your personal data?
    You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email [email protected]. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
    • Access. You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by contacting us at [email protected] to make such corrections.
    • Rectification. If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. In certain circumstances, you can correct some of this information directly by contacting us at [email protected] to make such corrections.
    • Erasure. You can request that we erase some or all of your Personal Data from our systems.
    • Withdrawal of Consent. If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Sites.
    • Portability. You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
    • Objection. You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes.
    • Restriction of Processing. You can ask us to restrict further processing of your Personal Data.
    • Right to File Complaint. You have the right to lodge a complaint about AlienVault’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.

CHANGES TO THE PRIVACY POLICY

We reserve the right to update this Privacy Policy at any time, without prior notice to you, to the extent permitted by applicable law and the principles of the Privacy Shield. We will notify the changes that we make to this Privacy Policy by posting the revised Privacy Policy on the Sites, and such changes will be effective immediately unless otherwise stated. We will provide notice to you if these changes are material and, where required by applicable law, we will obtain your consent.

Watch a Demo ›
GET PRICE FREE TRIAL