“Data Processor” means a third party that processes Personal Information on behalf of and pursuant to the instructions of AlienVault.
“Personal Information” means any information relating to an identified individual, or to an individual who can be identified, directly or indirectly, by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity. Personal Information does not include information that is anonymized. Personal Information does not include corporate information that relates to an organization but not to an individual, such as a corporate name, corporate address or general corporate phone number.
“Sensitive Personal Information” means Personal Information that reveals race, ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, or that concerns health or sex life.
INFORMATION WE COLLECT FROM OR ABOUT YOU
Personal Information You Provide To Us. We collect Personal Information that you provide to us through our Sites, and in connection with other business dealings we may have with you. This includes basic contact information about you, such as your name, company name, title, address, phone number, fax number and email address. It may also include information on the products or services you have shown interest in or purchased from us. If you use a credit card to purchase a product or service from us, we also may collect information necessary to process the credit card transaction, such as the credit card type, number and expiration date.
Website Usage Information We Collect. In addition to Personal Information that you choose to submit to us, whenever you visit or interact with our Sites, we may collect or store information about your interaction with our Sites (“Usage Information”). This Usage Information may include:
- your IP address or any other unique identifier assigned to the device that you use to access our Sites;
- the functionality and characteristics of your device, including type of browser, operating system and hardware, mobile network information and in some cases location information;
- the URL that referred you to our Sites, if any;
- your activities on our Sites, such as which web pages you visit, what terms you searched within our Sites and which links within our Sites that you click on; and
- the time of day that you visited our Sites and how long your visit lasted.
We use certain common methods and technologies to collect and store Usage Information about your interaction with our Sites (“Analytic Technologies”). These Analytic Technologies may be downloaded to the personal computer, laptop, tablet or mobile phone that you use to access the Sites (“Your Device”). The specific Analytic Technologies that we use are as follows:
Web Beacons. A web beacon is a small graphic image or other web programming code, also known as “1×1 GIF” or “clear GIF.” We may download web beacons to Your Device when you access our Sites or through email messages that we send to you. We use web beacons only to count visitors to our Sites and to count how many emails that we send are actually opened. If a web beacon is used, it does not allow the identification of the user.
Embedded Scripts. An embedded script is a programming code that is designed to collect information about your interactions with our Sites, such as which links within our Sites you click on, which type of browser or device you use (e.g. mobile or desktop version). We use such information to enhance the user experience, e.g. include a mobile version of our Sites. This code is downloaded onto Your Device when you access our Sites and is deactivated or deleted when you leave our Sites. Identification of the user does not take place.
Information We Receive From Third Parties. We may receive Personal Information about you from third parties who recommend or suggest that we contact you for business purposes. This includes basic contact information about you, such as your name, company name, title, address, phone number, fax number and email address. It may also include information on the products or services you have shown interest in or may be interested in purchasing from us, as well as information on other companies or individuals with whom you do business. We may also obtain Personal Information about you from third parties in connection with business transactions you initiate with us, such as through credit verification or other processes related to the transaction.
HOW WE USE INFORMATION
Business Use. We use your Personal Information primarily to facilitate our ongoing and proposed business dealings with you (“Business Use”). This includes to: (1) process business transactions with us that you initiate; (2) establish and maintain customer accounts so that we may provide products or services of ours requested by you or your company; (3) register you as a user of these products or services so that you may access them through our Sites or otherwise; (4) communicate with you about updates, maintenance, outages or other technical matters concerning these products or services; (5) provide you with training regarding usage of these products or services; (6) notify you about changes to any of the policies and procedures for use of these products or services; (7) verify the accuracy of account and technical contact information we have on file for you and your company in relation to these products or services; and (8) respond to questions or inquiries that you or your company may have about our products or services. We also may use your Personal Information as required for us to comply with laws and regulations relating to the products or services that we provide in any of the jurisdictions in which we or our affiliated companies operate, including the United States, and we may use Usage Information internally within AlienVault to help us improve our products or services, or to develop new products or services.
Marketing Purposes. With your consent or as otherwise permitted by applicable law, we may use your Personal Information for purposes relating to the marketing of our products and services, or those of our business partners (“Marketing Purposes”). This includes to: (1) send you newsletters, press releases, event announcements and other similar communications regarding the products or services that we offer; (2) market or promote our products or services to you, including by offering you trial or limited access to certain of our products or services; (3) solicit input from you regarding improvement of our products or services; (4) inform you of third-party offerings that we think you or your company may be interested in which relate to our products or services; (5) send you announcements or requests on behalf of other customers of ours who believe you would benefit from use of our products or services; and (6) other purposes that we disclose to you at the time we obtain your consent.
Referrals. From time to time, we may receive Personal Information about you from third parties who recommend or suggest that we contact you for business purposes. We receive such Personal Information because you have consented towards the third party that they might share your Personal Information. If we use that information to contact you, it will only be to see if you are interested in our products or services, or those of our business partners. We will not use this information for other purposes without your consent. In addition, if you inform us that you are not interested in these products or services, we will stop using the information to contact you.
Data Integrity. You are responsible for the accuracy of all Personal Information that you provide to us. We will use reasonable efforts to maintain the accuracy and integrity of your Personal Information, and to update that information as appropriate. We will take reasonable steps to ensure that the Personal Information we collect from you is relevant to its intended use, and that it is used only in ways that are compatible with the purposes for which it was collected or otherwise authorized by you.
WITH WHOM WE MAY SHARE INFORMATION
Outside of AlienVault. We will not share your Personal Information with third parties outside of AlienVault for their marketing purposes without your consent as required by applicable law. However, we may share such information with “Data Processors” as described below, and with other third parties for purposes disclosed to you at the time you provided the information, or as subsequently authorized by you. From time to time, we also may offer you the option of sharing your Personal Information with third parties in order to receive information and/or marketing offers from them or other persons. If you consent to the sharing of your Personal Information for these purposes, it will be subject to the privacy policies and business practices of those third parties. If you later decide that you no longer want us to share Personal Information with such third parties, please contact us as indicated below under the section “CHOICE AND UPDATING YOUR INFORMATION AND PREFERENCES.” We will process your request in a reasonable period of time. Note, however, that if you no longer wish to receive communications from a third party which has already received your Personal Information from us, you will need to contact that third party directly to inform them of this.
Site Hosting. Our Sites and the servers on which they are hosted are operated in various countries around the world in which we conduct our business. Thus, your Personal Information associated with our Sites may be transferred to and/or processed in a country other than that from which it was collected. The data protection laws in those countries may differ from those of the country in which you are located.
Links to Other Websites and Applications. The Sites may contain various links to, as well as plug-ins or widgets from, social media and other third-party websites or applications, which may provide additional information, goods, services and/or promotions. These third-party websites or applications are owned and operated independently of AlienVault, and may have their own separate privacy and data collection practices. We are not responsible for the privacy practices of any third party. Therefore, you should review their privacy policies and practices prior to interacting with their websites or applications, using any of their tools, or sharing any of your Personal Information with them.
Promotions. We may offer various promotions (“Promotions”) through the Sites or elsewhere that may require registration with your Personal Information. If you choose to enter or otherwise participate in a Promotion, your Personal Information may be disclosed to third parties in connection with administration of the Promotion, such as in connection with winner selection, prize fulfillment and as otherwise required by law. By entering into a Promotion, you are agreeing to the official rules that govern that Promotion, which may contain specific requirements of you, including, except where prohibited by law, allowing the sponsor and/or other parties to use your name, voice and/or likeness in advertising or marketing materials. These rules will be displayed to you during the registration process, and you will be asked for your consent to the respective data processing at that time.
CHOICE AND UPDATING YOUR INFORMATION AND PREFERENCES
On your request, we will grant you reasonable access to your Personal Information that we hold, as well as such other related rights as are provided by applicable law. In addition, we will take reasonable steps to permit you to correct, amend or delete your Personal Information that you demonstrate to be inaccurate or incomplete. However, in accordance with applicable law, we may limit or deny access to your Personal Information where the burden or expense of providing access would be disproportionate to the risks to your privacy, or where the legitimate rights of persons other than you would be violated. We reserve the right to take reasonable steps to authenticate the identity of any individual seeking access to Personal Information.
We may provide web pages or other mechanisms on our Sites through which you can correct or update your Personal Information, or elect to change your preferences regarding our future use or sharing of your Personal Information with third parties for marketing purposes. You can also contact us to update your Personal Information or change your preferences. Our contact information for these purposes is as follows:
- Worldwide, by email at [email protected]
If you receive a marketing communication from us by email, you may also opt out of receiving future email marketing communications by following the opt-out instructions provided in that email. Please note that we reserve the right to send you certain communications relating to transactions you initiate, your customer account, your use of our Sites, or other business matters, and that these communications may be unaffected if you choose to opt-out from marketing communications.
In accordance with our routine record keeping and applicable law, we may delete certain records that contain your Personal Information. We are under no obligation to store such information indefinitely, and we disclaim any liability arising out of, or related to, the destruction of that information. In addition, you should be aware that it is not always possible to completely remove or delete all of your information from our databases without some residual data because of backups and other reasons. Also, if you have posted any User Submissions to a Community Forum, these communications cannot generally be removed.
We will take reasonable precautions to protect your Personal Information in our possession from loss, misuse, and unauthorized access, disclosure, alteration or destruction. We will make reasonable efforts to keep your Personal Information reliable for its intended use, accurate, current and complete. As necessary, we will take additional precautions regarding the security of particularly sensitive information, such as credit card information. While we strive to secure your Personal Information, we cannot warrant or guarantee that this information will be protected under all circumstances, including those beyond our reasonable control.
The Sites are intended for business use, and we do not knowingly collect any Personal Information from children younger than the age of thirteen (13), or from children, who do not have the necessary ability to foresee the consequence of their data being processed, as required by applicable law.
EUROPEAN DATA SUBJECTS AND SAFE HARBOR
AlienVault, Inc. in the United States participates in the EU-U.S. Privacy Shield Framework (the “Framework”). AlienVault Inc.’s participation in the Framework applies to personal data received in the United States from the European Union (“EU” about former, current, or prospective corporate customer contacts (collectively “EU Personal Data”). We are committed to subjecting such EU Personal Data to the Framework, including its Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. To learn more about the Framework, visit the U.S. Department of Commerce’s Privacy Shield List https://www.privacyshield.gov/.
Former, current, or prospective corporate customer contacts have the right to exercise choice (opt-out) from our use of their EU Personal Data for direct marketing purposes. To exercise this right, please follow the instructions in any direct marketing message you may have received (e.g., click the provided opt-out link in the email message or send us an email or postal mail request to opt-out in accordance the instructions provided in the direct marketing message). We do not otherwise use or disclose EU Personal Data in a manner that is subject to choice requirements under the Framework because we do not provide EU Personal Data to third parties other than those acting as our agent to perform tasks on our behalf and we do not receive Sensitive Personal Data under the Framework.
Please contact us as specified below if you have any questions, need access to your EU Personal Data, or otherwise need assistance. We remain responsible for our collection, use and disclosure of EU Personal Data in accordance with the Framework. We also are responsible for third party agents that are processing such data on our behalf, unless we prove that we are not responsible for the event giving rise to the damage. In certain situations, we may be required to disclose EU Personal Data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.
If you are a European Data Subject with an unresolved complaint or dispute arising under the requirements of the Framework, we agree to refer your complaint under the Framework to an independent dispute resolution mechanism. That independent dispute resolution mechanism is the International Centre for Dispute Resolution, operated by the American Arbitration Association. For more information and to file a complaint, you may contact the International Centre for Dispute Resolution by phone at +1.212.484.4181, or by visiting the website http://info.adr.org/safeharbor. We are also subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to the Framework. In addition, under certain conditions, more fully described on the Privacy Shield website at https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, EU data subjects may invoke binding arbitration for non-monetary issues when other dispute resolution procedures have been exhausted.
Please contact us here [email protected] if you have any questions, wish to exercise your rights of access, or seek other assistance as described above.
Last updated on November 10, 2016