Privacy Policy

Last updated: January 1, 2020 This privacy policy (this “Privacy Policy”), discloses SpyCloud Inc.’s (“SpyCloud”) privacy practices. This Privacy Policy applies to information collected by SpyCloud’s web sites, products, and offerings that reference this Privacy Policy. SpyCloud is the controller and is responsible for your personal information (“SpyCloud”, “we”, “us” or “our”). The term “personal information” as used in this Privacy Policy shall mean any information that enables us to reasonably identify you, directly or indirectly, by reference to an identifier such as your name, identification number, location data, online identifier or one or more factors specific to you. De-identified and or aggregated data which cannot reasonably identify, relate to, describe, or be capable of being associated with, or be linked, directly or indirectly, to an individual, household or device is not considered personal information. This Privacy Policy will notify you of the following:
  1. What personal information is collected from you, the sources from which such personal information is collected, how it is used and with whom it may be shared.
  2. What choices are available to you regarding the use and retention of, and access to, your personal information.
  3. The security procedures in place to protect the misuse of your personal information.
What personal information do we collect? We use different methods to collect personal information from and about you including:
  • Personal information you give us. You may give us your personal information including name and contact details, by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal information you provide when you ask us about, or apply for, our products or services; subscribe to our services or publications; request marketing to be sent to you, or give us feedback. In order to use this web site, a user must first sign up. During registration, a user is required to give certain information (such as name, domain, and email addresses). This information is used to display products/services on our web site.
  • Personal information we collect. We may use cookies, log files, web beacons, device identifiers, advertising identifiers and similar tracking technologies, including those from third-party service providers like Google Analytics, Google Tag Manager, HubSpot, and other cloud-based tools, to automatically collect your preferences, performance data, and information about your web usage when you visit the Services. For example, we may collect your IP address, device and Internet service provider information, Web browser details and the address of any referring website. This may include collecting geolocation signals from your IP address or device settings to determine your location so that we may operate and personalize the Services for you. We may also collect information about your online activity, such as pages viewed and interactions with other users. The Services are not designed to recognize or respond to “do not track” signals received from browsers. You can control the information collected by such tracking technologies or be alerted when cookies are sent by adjusting the settings on your Internet browser or devices, but such adjustments may affect or disable certain functionality of the Services. You can learn more about Google Analytics and your options for opting out of interest-based Google ads at https://adssettings.google.com. You can learn more about targeted ads and your ability to opt out of receiving interest-based ads at optout.aboutads.info and www.networkadvertising.org/choices.
We will not sell or rent your personal information to anyone. How do we process personal information? We will use your personal information for the following purposes:
  • To respond to you, regarding the reason you contacted us
  • To monitor and protect the security of our information, systems and network
  • For internal business intelligence purposes, to conduct research, product development and enhancement
  • To inform you of changes made to our web site and other services
  • To conduct marketing and commercial activities and to market relevant offers and promotions to you
  • To ensure that content from our web site is presented most effectively for you and your computer
  • To display content based on your interests
  • To enable you to search information on our web site
  • To assess your needs and interests in order to better tailor offers and/or advertising
  • To improve our web site, goods and services
Sharing your personal information We may share your personal information with the parties set out below for the purposes set out in this policy:
  • A member of our group;
  • Our professional advisors such as auditors, accountants and lawyers, etc.;
  • Companies that provide services to help us with our business activities, such as data storage, maintenance services, database management, web analytics, and payment processing.
We will only transfer your personal information to trusted third parties who provide sufficient guarantees in respect of the technical and organizational security measures governing the processing to be carried out and who can demonstrate a commitment to compliance with those measures. We do not allow our third-party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions. We may also disclose your personal information to third parties:
  • in the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;
  • if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, any request from law enforcement or governmental organizations, to defend a legal claim, or in order to enforce or apply our terms of service and other agreements; or to protect the rights, property, or safety of SpyCloud, our customers, or others. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
We are headquartered in the United States of America. Your personal information will be accessed by us or transferred to us in the US and will be accessed by our US-based employees. If you are visiting our web site from outside the US, be aware that your personal information will be transferred to, stored, and processed in the US where our servers are located, and our central database is operated. By using our web site, you consent to this transfer and storage of your personal information. Marketing Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this Privacy Policy. We will generally ask for your consent to receive marketing communications in line with the applicable law when you first provide your personal information. How long do we keep your personal information? We will store your personal information, in a form which permits us to identify you, for no longer than is necessary for the purpose for which the personal information is processed. We use your personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements and rights, or if it is not technically and reasonably feasible to remove it. Otherwise, we will seek to delete your personal information within a reasonable timeframe upon request. You can request the deletion of your personal information by contacting us using the contact information set forth in the “Contact Us” section below. Your rights You may opt out of any future contacts from us at any time. In certain circumstances, you can do the following at any time by contacting us using the Contact Us page on our web site:
  • Right of Access – See the sources from which we have collected your personal information, what personal information we have or have disclosed about you, if any, covering a minimum period of 12 months, and the business or commercial purpose of the collection of such personal information.
  • Right to Rectification – Change/correct any information we have about you.
  • Right to Erasure – Have us delete any personal information we have about you.
  • Right to Object – Express any concern you have about our use of your personal information.
  • Right to Data Portability – Have us transmit any personal information directly to another organization, in certain circumstances.
  • Right to Lodge a Complaint – Lodge a complaint with a competent data protection authority.
Security We take precautions to protect your information. When you submit sensitive information via the web site, your information is protected both online and offline. Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for “https” at the beginning of the address of the web page. While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to such personally identifiable information. The computers and servers in which we store personally identifiable information are kept in a secure environment. California Consumer Privacy Act (CCPA): If you are a California resident, the CCPA grants you with rights regarding your personal information. SpyCloud affords everyone the same rights, regardless of location. As a result of our alignment with the General Data Protection Regulation(GDPR), most of the obligations of CCPA have been covered in previous sections: “What personal information do we collect?”, “How do we process personal information?”, “Sharing your personal information”, and “Your rights”. If you would like to exercise any of your other rights, please visit “Your rights” for more information. If a representative and/or agent you designate is requesting rights on your behalf, we will require proof of authorization. This may include needing you to verify your identity directly with SpyCloud. SpyCloud has disclosed the following categories of information under the CCPA in the past 12 months:
  • Identifier Information, such as email addresses, internet protocol addresses, and name
  • Geolocation data
Links This web site contains links to other sites maintained by third parties. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our web site and to read the privacy statements of any other site that collects personal information. Updates Our Privacy Policy may change from time to time and all updates will be posted on this page. Contact us If you have any questions or concerns regarding this Privacy Policy, please contact us using the Contact Us page on our web site, or by calling us at (800 513-2502).

Stop exposures from becoming account breaches.