Effective Date: May 15, 2017
Information We Collect and How We Use It
Our primary goals in collecting information are to provide and improve our services made available through our Site and to communicate with you regarding information about ZEROFOX services. We may collect the following personal data about you and process it in the following ways.
Personally Identifiable Information You Give Us
You may give us personally identifiable information in the following ways: (i) if you access the ZEROFOX Platform via www.ZEROFOX.com, (ii) sign up for newsletters or blogs, (iii) download white papers and other collateral from the Site, or (iv) send us an email. Such personally identifiable information includes first and last name, title, company name, industry type, mailing address, telephone number, fax number, email address, social media account credentials and company size. We may also collect information about your mailbox size, which will allow us to classify your company by size and provide customized information about implementing ZEROFOX Services within your organization. We may combine your personally identifiable information with information collected from others in order to improve the quality and value of the ZEROFOX Services and to analyze and understand how our Site is used.
We will use your personally identifiable Information to: (i) carry out our obligations arising from any contracts entered into between you and us; or (ii) provide you with the services or information, you have requested from us; (iii) notify you about changes to our services; or (iv) ensure that content from our Site is presented in the most effective manner for you and your device. We may also use your personally identifiable information to contact you with certain marketing or promotional materials, as well as other information that may be of interest to you. If you no longer consent to our use of your personally identifiable information to send you our newsletter, blog or other communications please send us an email so stating to [email protected] or follow the unsubscribe instructions provided in any of the communications.
We will retain your information for as long as your account is active or as needed to provide you services. If you wish to cancel your account or request that we no longer use your information to provide you services contact us at [email protected]. Please note that we may still retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Log Data and Personal Network Information We Collect From You
When you visit the Site, we automatically collect information that your browser sends about your visit (“Log Data”). Log Data may include information such as your IP address, browser type or the domain from which you are visiting, the web pages you visit and the search terms you use. Except in the instances described herein, we do not use this information to identify you personally. We use it to monitor use of the Sites and our service, and for the technical administration of the Sites.
After removing any information that would personally identify you from within the set of personally identifiable information, personal network information and Log Data we collect from you, we may combine that information with information we collect from other ZEROFOX users and customers (collectively the “Aggregated Information”) in order to improve the quality and value of ZEROFOX services and to analyze and understand how our Site is used.
ZEROFOX shares your personally identifiable information with third parties in the following ways:
- Service Providers
We may from time to time use certain trusted third party business partners to perform Site-related services (including, hosting and, maintenance services, database management, Web analytics, and improvement of the Site’s features). We will share your personally identifiable information with these third parties, but only to the extent necessary to perform these functions and provide such services, and only pursuant to binding contractual obligations requiring such third parties to maintain the confidentiality of your data.
- Resellers and Partners
We will share your personally identifiable information with our resellers and partners, and such resellers and partners may use your information to market our products and services, as well as their own products and services.
- Compliance with Laws and Law Enforcement
ZEROFOX cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose your personal data to government or law enforcement officials or private parties in response to lawful requests if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, to enforce or apply our terms and conditions or respond to claims and legal process, to protect the property and rights of ZEROFOX or a third party, to protect the safety of the public or any person, or to prevent or stop any illegal, unethical or legally actionable activity.
- Business Transfers
If ZEROFOX is involved in a merger, acquisition, or sale of all or a portion of its assets, including a sale in bankruptcy, we may share some or all of your information with this entity.
ZEROFOX takes reasonable steps to safeguard your information. We employ generally accepted standards of administrative, physical, procedural, and technological measures designed to protect your information from unauthorized access, both during transmission and once it is received. If you have any questions about the security of your personal information, you can contact us at [email protected]
However, please note that no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, although ZEROFOX complies with its legal obligations in respect of the security of your personal data we cannot guarantee its absolute security.
Links to Other Sites
International Data Transfer
EU-U.S. Privacy Shield
ZEROFOX participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. ZEROFOX is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List. http://www.privacyshield.gov/list.
ZEROFOX is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. ZEROFOX complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, ZEROFOX is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, ZEROFOX may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website http://www.privacyshield.gov/, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
In compliance with the Privacy Shield Principles, ZEROFOX commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact ZEROFOX:
Attn: Data Privacy Officer
1834 S. Charles Street
Baltimore, Maryland 21230
ZEROFOX has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship.
Our Policy Towards Children
The Sites are not directed to persons under 18. If a parent or guardian becomes aware that his or her child, who is under 13, has provided us with personally identifiable information without their consent, he or she should contact us at [email protected]. If we become aware that a child under 13 has provided us with personally identifiable information, we will remove such information from our files