Securonix Privacy Policy

Effective Date: September 26, 2024

This Privacy Policy (“Policy”) describes how Securonix (‘Securonix”, ‘we’, ‘us’ or ‘our’) processes information collected from and about users of our website www.securonix.com (the “Website”) and our related services, including the Securonix Cloud (collectively, “Services”). It also describes the choices available to you regarding our processing of your information.

This Policy contains the following sections:

• The Information We Collect
• How We Use Your Information
• Online Analytics and Advertising
• How We Disclose Your Information
• Your Rights and Choices
• How We Secure Your Information
• Data Retention
• Notice of Policy Changes
• Privacy Information for International Users
• Privacy Information for California Residents
• Contact Securonix

The Information We Collect

This section discusses the types of information we collect from and about you as you use the Services.

Information You Provide to Us

When you use our Services, you may choose to provide certain information directly to us. For example, we collect information directly from you when you register for the Services, interact with us through online forms or customer service, participate in surveys or research, or otherwise interact with us through the Services. This information includes:

• First and last name
• Email address
• Mailing address
• Account name
• Mobile number
• Company name and job title
• Payment information (collected by our third-party payment processor) and related transaction information

Note regarding sensitive information: the Services are not intended for the transmission of sensitive information (e.g., information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background, or trade union membership) or any protected health information as defined by the Health Insurance Portability and Accountability Act of 1996 (otherwise known as “HIPAA”) Standards for Privacy of Individually Identifiable Health Information, as amended. You agree that you will not transmit such sensitive information through the Services unless otherwise provided in your written agreements with Securonix.

Information we Automatically Collect as you Use the Services

There is certain information that we collect automatically from your use of the Services and from your device(s) used to access the Services. This information includes your IP address, device identifiers, page view statistics, browsing history, usage and click data (e.g., ingest volume, search concurrency, number of unique user logins, apps loaded, source type (count), session duration, diagnostic data) and information about your device (e.g., operating system and browser type/version). We may collect this information using the types of technologies discussed in the “Online Analytics and Advertising” section below.

However, please note that we do not collect or access information present in logs/files that you upload to the Securonix Cloud service.

Information obtained from other sources

We (or third parties acting on our behalf) may collect additional information about you from public databases, joint marketing partners, social media platforms, conference hosts, event companies, and other third-parties to supplement the information we collect directly from you.

Combined Information

For the purposes discussed in this Privacy Policy, we may combine the information that we collect through the Services with information that we receive as discussed in this section, and use such combined information in accordance with this Policy.

De-identified Information

We may de-identify information we collect so the information cannot reasonably identify you or your device, or we may collect information that is already in de-identified form. For example, we may disclose de-identified “best practice” tips, performance benchmark data, and other de-identified data useful to our user community. Our use and disclosure of such de-identified information is not subject to any restrictions under this Policy, and we may use and disclose it to others for any purpose.

How we Use Your Information

We use your information for the following purposes:

• To provide the Services and respond to your requests
• To analyze and improve the Services
• To communicate with you with transactional information related to the Services or about updates to our legal terms
• In accordance with applicable legal requirements, for advertising and marketing purposes, including to provide you with special offers and promotions both with respect to our products and services and the products and services of third parties that we believe will be of interest to you
• For our business operations, including maintaining your account, security, fraud prevention, legal compliance, and detecting security incidents and protecting against malicious, deceptive, fraudulent, or illegal activity
• For other purposes where we have your consent

The laws in some jurisdictions require companies to explain the legal grounds they rely on to process your information. Our legal bases for processing your information as described in this Policy are as follows:

• Where use of your information is necessary to perform our obligations under a contract or commitment to you. For example, to provide the Services you’ve requested from us, or to comply with our applicable agreements.
• Where use of your information furthers our legitimate interests or the legitimate interests of others. For example, to provide security for our Services, operate our business and our Services, make and receive payments, defend our legal rights, and prevent fraud.
• Where we use your information to comply with applicable legal obligations. For example, keeping track of purchases for tax and auditing purposes.
• Where you have consented to our processing of your information for a particular purpose.

Online Analytics and Advertising

Our Services use various technologies such as cookies, beacons, tags and scripts (collectively referred to herein as “cookies”) for marketing automation, demand marketing, and web analytics partners. These technologies are used in analyzing trends, administering the Services, tracking users’ movements around the Services and in gathering demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether. Please consult the “Help” section of your browser for more information (e.g., Internet Explorer; Google Chrome; Mozilla Firefox; or Apple Safari). Please note that by blocking, disabling, or managing any or all cookies, you may not have access to certain features or offerings of the Services.

Online Analytics

We may use third-party web analytics services (such as those of Google Analytics) on our Services to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here.

If you receive email from us, we may use certain analytics tools, such as tracking pixels, to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.

Online Advertising

The Services may allow third-party advertising technologies (e.g., ad networks and ad servers) to place cookies or other tracking technologies on your computer, mobile phone, or other device to collect information about you to assist in the delivery of relevant advertising on the Services, as well as on other websites you visit and other services you use. These ads may be based on your current activity or your activity over time and across other websites and online services and may be tailored to your interests.

We also sometimes provide our customer information (such as email addresses) to service providers, who may “match” this information in de-identified form to cookies (or mobile ad identifiers) and other proprietary IDs, in order to provide you with more relevant ads when you visit other websites and mobile apps.

We neither have access to, nor does this Privacy Policy govern, the cookies or other tracking technologies that may be placed on the device you use to access the Services by such non-affiliated third parties. If you are interested in more information about tailored browser advertising and how you can generally control cookies from being put on your computer to deliver tailored advertising, you may visit the Network Advertising Initiative’s Consumer Opt-Out link, the Digital Advertising Alliance’s Consumer Opt-Out link, or Your Online Choices to opt out of receiving tailored advertising from companies that participate in those programs. Please note that these opt-outs apply per device, so you will have to opt-out for each device through which you access our Services.

How We Disclose Your Information

We may disclose your information to third parties in the following ways:

• Affiliates. We may disclose information to our affiliates for the purposes outlined in this Policy.
• Service Providers. We may disclose information to our third-party service providers, vendors, or others who provide services for Securonix’s business operations and on our behalf. This may include such things as infrastructure, data analysis, order fulfillment, IT services, customer service, professional services or audit services, among others.
• Partners and Resellers. We may disclose Information to third parties, including our strategic partners and resellers to permit them to assess your interest in the Services, conduct user research and surveys, or send you marketing communications, subject to the terms of their privacy policies.  To opt out of our disclosure of your information to our partners for these purposes, please email us at: [email protected].
• Legal and Safety Disclosures. We may disclose Information as necessary or appropriate under applicable laws (including laws outside your country of residence) to: comply with legal process or requirements, including applicable notification obligations; respond in good faith as necessary to requests from public and government authorities (including public and government authorities outside your country of residence); enforce our terms and conditions; and protect our operations or those of any of our affiliates and our rights, privacy, safety, or property, and/or that of our affiliates, you or others.
• Business Transactions. We may disclose Information in the event of a proposed or actual reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of Securonix’s business, assets or stock (including in connection with any bankruptcy or similar proceedings).

Your Rights and Choices

Your Rights

We provide you with the ability to exercise certain choices rights regarding our collection, use, and disclosure of your information. Your legal rights to exercise such controls and choices vary based on the laws of your jurisdiction. Depending on the laws in your jurisdiction (which includes the EU, UK, California, Colorado, and Connecticut), you may have the ability to request:

• Access to, or a copy of, your information
• Correction or amendment of your information
• Deletion of your information
• Transfer of your information to a third party, where technologically feasible
• Restriction or objection to certain uses of your information
• Opt out of the disclosure of your information to our partners for their own marketing activities, which may be considered a “sale” of information under applicable law or the “sharing” or “processing” of information for online targeted advertising purposes.

We may ask you to provide us with information necessary to reasonably verify your identity before responding to your request. We will consider all requests and provide our response within the time period required by applicable law. Please note, however, that certain information may be exempt from such requests. To exercise your rights, please contact us using the contact information provided below.  Depending on your jurisdiction, you may have the ability to appeal our decision.  In such circumstances, we will inform you of your appeal rights and how to exercise it in our response to your request.

We will not discriminate against you for exercising your rights. This means that we will not penalize you for exercising your rights by taking actions such as denying you services; increasing the price/rate of services; decreasing service quality; or suggesting that we may penalize you as described above for exercising your rights.

Your Marketing Choices

You can Opt-Out of email marketing using the Opt-Out link in our email communications. You may also contact us at the contact information provided below and request that we no longer use your information for marketing purposes. We will process such requests in accordance with applicable law. Please note that even if you opt out of receiving marketing communications from us, you may still receive transactional communications about the Services or legal notifications.

Sale/Targeted Advertising Opt Out Rights

Under the laws in certain US jurisdictions, you have the right to opt out of our processing or sharing of your information for online targeted advertising purposes. Note that certain state laws also allow you to opt out of the “sale” of your information to third parties in exchange for valuable consideration. We may use analytics and online advertising tools that result in the disclosure of your information to our third-party partners and that are subject to this opt out right. You can opt out of both of these activities by clicking the “Your Privacy Choices” link on our website footer. To opt out of our offline disclosure of your information for these purposes, please email us at [email protected].

Please note that we will also honor browser-based opt out signals (such as the global privacy control) in accordance with our legal obligations.

How We Secure Your Information

The security of your information is important to us. It is your responsibility to ensure that the Information you provide to us can be legally collected in the country of origin, transmitted to us and maintained or used by us. We employ a variety of technical, organizational, and physical measures to protect the information submitted to us, both during transmission and once we receive it. No method of transmission over the internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about the security of the Services, or reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please notify us immediately in accordance with the “Contact Securonix” section below.

Data Retention

We will retain your information for the period necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or not prohibited by applicable law.

Notification of Policy Changes

We may change this Policy from time to time. If we make changes, we will post an updated Policy on the Services, and it will become effective as of the date of posting (“Effective Date”). We will also comply with applicable legal requirements regarding Policy updates and any notice or consent requirements. We encourage you to periodically review this page for the latest information on our privacy practices. Your use of the Services following these changes means that you accept the revised Policy.

Privacy Information for International Users

Please note that information covered by this Policy will be hosted and stored by us and our service providers in the United States of America and other global jurisdictions where data protection laws may differ from the laws in your local jurisdiction. By using the Services, you acknowledge that your information will be stored and processed in the United States.

Data Privacy Framework

Securonix complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. Securonix has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. Securonix has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this Policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www. dataprivacyframework.gov/.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Securonix commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF in the context of the employment relationship.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Securonix commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to the ICDR-AAA DPF IRM Service, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit the ICDR-AAA DPF IRM Service website for more information or to file a complaint. The services of ICRD-AAA DPF IRM are provided at no cost to you.

Please note that pursuant to the DPF Principles, Securonix is also subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (“FTC”), and allows individuals in accordance with Annex I of the DPF Principles, to invoke binding arbitration by delivering notice to us and following the procedures and subject to conditions set forth in Annex I of Principles.

Under the DPF Principles, Securonix remains liable with respect to the onward transfer of personal data to third parties.

Privacy Information for California Residents

If you are a California resident, the California Consumer Privacy Act (“CCPA”) requires us to provide you with the following additional information about:

• the purpose for which we use each category of “personal information” (as defined in the CCPA) we collect; and
• the categories of third parties to which we (a) disclose such personal information for a business purpose, (b) “share” personal information for “cross-context behavioral advertising,” and/or (c) “sell” such personal information.

Under the CCPA, “sharing” is defined as the targeting of advertising to a consumer based on that consumer’s personal information obtained from the consumer’s activity across distinct online services, and “selling” is defined as the disclosure of personal information to third parties in exchange for monetary or other valuable consideration. We “share” information with our advertising partners to provide more relevant and tailored advertising to you regarding our Services. Moreover, our use of third-party analytics services and online advertising services may result in the sharing of online identifiers (e.g., cookie data, IP addresses, device identifiers, and usage information) in a way that may be considered a “sale” under the CCPA.

With respect to most commercial transactions, our business acts solely as a service provider/processor, merely processing personal information provided to us by our customers (i.e. the controllers) and returning the results to them. In those instances, we will not use or share any personal information provided by our customers with third parties except as authorized by law and this policy.

However, in some instance, such as where we collect personal information from business-to-business (B2B) contacts, we may use and share such personal information in accordance with this Privacy Policy. The chart below summarizes how we collect, use and share personal information by reference to the statutory categories specified in the CCPA, and describes our practices during the 12 months preceding the effective date of this Policy. Categories in the chart refer to the categories described above in the general section of this Policy.