May 7, 2020
FortifyData (“FortifyData,” “we” or “us”) offers a SaaS-based cyber risk management platform. We are located in the United States but operate globally. Depending on the scope of your interactions with FortifyData, your personal information may be stored in or accessed from multiple countries, including the United States. Whenever we transfer personal information to other jurisdictions, we will ensure that the information is transferred in accordance with this Privacy & Cookie Notice and as permitted by applicable data protection laws. We also own and operate different websites (e.g. staging-fortifydata.kinsta.cloud) (individually, “Website” and collectively the “Websites”). This Privacy & Cookie Notice aims to inform you about how we collect, use, disclose, and store information when you:
We gather various types of information, including information that identifies or may identify you as an individual (“Personal Information”) as explained in more details below.
From Websites or Events: We may collect any Personal Information that you choose to send to us or provide to us, for example, on our “Request a Demo” (or similar) online form or if you register for a FortifyData webinar. If you contact us through the Websites, we will keep a record of our correspondence.
From the Services: We receive and store information you provide directly to us. For example, when setting up new users, we collect Personal Information, such as name and email address, to provide them with the Services. The types of information we may collect directly from our customers and their users include: names, usernames, email addresses, postal addresses, phone numbers, job titles, transactional information (including Services purchased), as well as any other contact or other information they choose to provide us or upload to our systems in connection with the Services.
Information We Automatically Collect:
When you use the Websites: When you visit the Websites, we collect certain information related to your device, such as your device’s IP address, referring website, what pages your device visited, and the time that your device visited our Website.
When you use the Services:
For further information, please read the section below “Cookies and other Tracking Technologies”.
Websites or Events:
We will use the information we collect via our Websites:
FortifyData’s use of your Personal Information may be based on our legitimate interest to ensure network and information security, and for our direct marketing purposes, or you consenting to it (e.g. when you request a demo).
Services:
We may use the information we collect from our customers and their users in connection with the Services we provide for a range of reasons, including to:
We use your Personal Information in this context based on the contract that we have in place with you or our legitimate interest for security purposes (e.g. the prevention and investigation of fraudulent activities). Personal Information will be deleted based on the terms of the contract. You can exercise your rights regarding your personal information by filling out this Privacy Request Form.
We share and disclose information (including Personal Information) about our customers in the following limited circumstances:
We may share your information with third party vendors, consultants and other service providers who we employ to perform tasks on our behalf. These companies include, for example, our payment processing providers, website analytics companies (e.g., Google Analytics), product feedback or help desk software providers (e.g. Amazon Web Services), CRM service providers (e.g., Salesforce), email service providers (e.g., Microsoft 365) and others.
If FortifyData receives your Personal Information in the United States and subsequently transfers that information to a third party agent or service provider for processing, FortifyData remains responsible for ensuring that such third party agent or service provider processes your Personal Information to the requirements required by applicable data protection legislation, including the GDPR and LGPD (see the section and “International Data Transfers”).
When you attend an event or webinar organized by FortifyData, we ask your preferences on sharing your contact details with the event sponsor. Based on your choice, we may share your contact details (such as your name, email address, company name, and phone number) with the event sponsor. If you’d like to opt-out of sharing your details with sponsors, you can always do so either at the time of registration, or by submitting a request.
FortifyData may choose to buy or sell assets, and may share and/or transfer customer information in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, Personal Information could be one of the assets transferred to or acquired by a third party.
We may also share your personal data with our subsidiary and/or affiliate companies for purposes consistent with this Privacy & Cookie Notice.
Protection of FortifyData and Others: We reserve the right to access, read, preserve, and disclose any information as necessary to comply with law or court order; enforce or apply our agreements with you and other agreements; or protect the rights, property, or safety of FortifyData, our employees, our users, or others.
Under certain circumstances, we may be required to disclose your Personal Information in response to valid requests by public authorities, including to meet national security or law enforcement requirements.
We use appropriate technical, organizational, and administrative security measures to protect any information we hold in our records from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.
All of FortifyData’s public-facing resources are PCI DSS certified as reflected in the certificate found here. This means that we maintain the necessary technical requirements to protect and secure payment card data during processing, handling, storage, and transmission. Throughout the infrastructure of its Services, FortifyData has adopted the same security controls mandated for protecting cardholder data to protect personal information provided to FortifyData.
A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first party cookies. Depending on which of our Websites you are visiting, we may also use third party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts, as well as to understand your browsing of the Website (for example, which page you visit or how long you stay on each page).
More specifically, we use cookies and other tracking technologies for the following purposes:
We classify cookies in the following categories:
You may change your cookie preferences or remove cookies and website data in the “settings” section of your internet browser or, if available, by adjusting cookie settings at a website’s cookie management page. This Privacy & Cookie Notice covers all Websites, Services, and Events.
On some of our Websites, we also may utilize Google Analytics, a web analysis service provided by Google, to better understand your use of the Website and Services. Google Analytics collects information such as how often users visit the Websites, what pages they visit and what other sites they used prior to visiting. Google uses the data collected to track and examine the use of the Websites, to prepare reports on its activities and share them with other Google services. Google may use the data collected on the Websites to contextualize and personalize the ads of its own advertising network. Google’s ability to use and share information collected by Google Analytics about your visits to the Websites is restricted by the Google Analytics Terms of Use and the Google Privacy Policy.
Google offers an opt-out mechanism for the web available here.
What choices do I have?
You can always opt not to disclose information to us, but keep in mind some information may be needed to register with us or to take advantage of some of our features.
Cookies
Please see the section above titled Cookies and Other Tracking Technologies for more information about our use of cookies on the Website and how to accept and reject them.
Marketing Communications
You can opt-out of receiving certain promotional or marketing communications from us at any time, by using the unsubscribe link in the emails communications we send, or fill out this Privacy Request Form.
If you have any account for our Services, we will still send you non-promotional communications, like service related emails.
Personal Information you submit on the Websites or through the Services may be sent to the United States and processed by us there or in other countries or on our service providers’ cloud servers. We will always protect your information in accordance with this Privacy & Cookie Notice wherever it is processed. Depending on the scope of a customer’s interactions with FortifyData, personal information submitted to the Services may be stored in or processed by AWS’ data centers in the United States or in Europe (Frankfurt, Germany). In some cases, you may choose to have the Services hosted in another region.
If you would like to access, review, update, rectify, and delete any Personal Information we hold about you, or exercise any other data subject right available to you under the EU General Data Protection Regulation (GDPR) or the Lei Geral de Proteção de Dados (LGPD), you can either click the “Exercise your Rights” link available at the bottom of our Privacy & Cookie Notice, or fill out this Privacy Request Form. FortifyData will review your request and respond to you as quickly as possible.
Please note that we may still use any aggregated and de-identified Personal Information that does not identify any individual, and may also retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
California residents
California residents have specific rights under the California Consumer Privacy Act (‘CCPA’). For more information and to exercise your rights, please see the section headed “The California Consumer Privacy Act” below.
Under the California Consumer Privacy Act (‘CCPA’), California residents have certain rights regarding the personal information that businesses have about them. This includes the rights to request access or deletion of your personal information, as well as the right to direct a business to stop selling your personal information.
We collect identifiers (such as name, address, email, phone number, job title, and transactional information), commercial information (such as a record of the services purchased or demos requested), and Internet or other electronic network activity information (such as usage information, IP address, cookie information, and customer feedback).
FortifyData uses identifiers to provide the services requested, such as to fulfill a request for a demo, provide access to a webinar, or provide you with information about our services.
We use identifiers and commercial information for general website administration, which includes record keeping, troubleshooting, data analysis, testing, and survey purposes.
We use identifiers, commercial information, and internet or other electronic network activity for trend monitoring, marketing, and advertising, as well as to ensure website security.
We collect identifiers and commercial information directly from you.
We collect internet or other electronic network activity from your usage of the FortifyData Websites and its Services.
FortifyData shares personal information as necessary for certain “business purposes,” as defined by the CCPA (Cal. Civ. Code 1798.140(d)). This includes sharing identifiers, commercial information and internet or other electronic network activity with providers of payment processing, customer relationship management, consulting, email, product feedback and helpdesk services.
While FortifyData does not sell personal information in exchange for any monetary consideration, we do share personal information for other benefits that could be deemed a “sale,” as defined by the CCPA (Cal. Civ. Code 1798.140(t)(1)). This includes sharing identifiers, commercial information and internet or other electronic network activity with advertising networks, website analytics companies, and event sponsors.
When you visit or log in to our website, cookies and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email or home address. We (or service providers on our behalf) may then send communications and marketing to these email or home addresses. You may opt out of receiving this advertising by visiting https://app.retention.com/optout
While FortifyData does not sell personal information in exchange for any monetary consideration, we do share personal information for other benefits that could be deemed a “sale,” as defined by the CCPA (Cal. Civ. Code 1798.140(t)(1)). We support the CCPA and wish to provide you with control over how your personal information is collected and shared.
You have the right to direct FortifyData to not sell your personal information. Click here to exercise your right to opt-out.
You may change your cookie preferences or remove cookies and website data in the “settings” section of your internet browser.
Please note that we may still use aggregated and de-identified personal information that does not identify you or any individual; we may also retain information as needed in order to comply with legal obligations, enforce agreements, and resolve disputes.
You have the right to request disclosure about what categories of personal information FortifyData has sold or disclosed for a business purpose about you and the categories of third parties to whom the personal information was sold or disclosed. Additionally, you have the right to request disclosure of specific pieces of information. Below is a full list of the information that you can include in your request.
If you would like to exercise your right to request disclosure, please fill out this request form. FortifyData will examine your request and respond to you as quickly as possible.
You have the right to request that FortifyData delete any personal information about you that FortifyData has collected from you. Please note that there are exceptions where FortifyData does not have to fulfill a request to delete information, such as when the deletion of information would create problems with the completion of a transaction or compliance with a legal obligation.
If you would like to exercise your right to delete, please fill out this request form. FortifyData will examine your request and respond to you as quickly as possible.
FortifyData will not discriminate against you for exercising any of the rights afforded to you (e.g., through denying services, or providing a different level or quality of services).
In compliance with the CCPA, we commit to resolve complaints about your privacy and our collection or use of your Personal Information. California residents with inquiries or complaints regarding this Privacy & Cookie Notice should first contact FortifyData at:
Bola Ogungbemi
Data Protection Officer
dataprotection@fortifydata.com
California and Delaware law require FortifyData to indicate whether it honors “Do Not Track” settings in your browser concerning targeted advertising. FortifyData adheres to the standards set out in this Privacy & Cookie Notice and does not monitor or respond to Do Not Track browser requests.
Nevada law allows consumers to opt out of the sale of their personally identifiable information by online service providers such as website operators. FortifyData doesn’t sell personally identifiable information today and does not plan to start. If FortifyData ever starts selling such personal information, current FortifyData customers will be opted out. If you have any questions, please contact us at dataprotection@fortifydata.com.
We do not knowingly collect or solicit personal information from anyone under the age of 18. If you are under 18, please do not attempt to register for the Services or send any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under age 18, we will delete that information as quickly as possible. If you believe that a child under 18 may have provided us Personal Information, please contact us at dataprotection@fortifydata.com.
For your convenience, hyperlinks may be posted on the Websites that link to other websites (the “Linked Sites”). We are not responsible for, and this Privacy & Cookie Notice does not apply to, the privacy practices of any Linked Sites or of any companies that we do not own or control. Linked Sites may collect information in addition to that which we collect on the Websites. FortifyData does not endorse any of these Linked Sites, the services or products described or offered on such Linked Sites, or any of the content contained on the Linked Sites. We encourage you to seek out and read the privacy notice of each Linked Site that you visit to understand how the information that is collected about you is used and protected.
FortifyData is regularly trying to improve its Websites and Services so we may need to change this Privacy & Cookie Notice from time to time. We will alert you to material changes by, for example, placing a notice on our Websites and/or by sending you an email (if you have registered your e-mail details with us) when we are required to do so by applicable law. You can see when this Privacy & Cookie Notice was last updated by checking the date at the top of this page. You are responsible for periodically reviewing this Privacy & Cookie Notice.
For customers, please contact the FortifyData contact identified in your order form.
For non-customers, you may contact us at the details below
Controller Details
FortifyData Headquarters
1825 Barrett Lakes Blvd., Suite 300
Kennesaw, GA 30144 USA
+1.888.396.4110
Data Protection Officer
Bola Ogungbemi
Email address: dataprotection@fortifydata.com
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |