Data Privacy

All our products and services are built with strong security features that continuously protect your information. The insights we gain from maintaining our services help us detect and automatically block security threats. We work hard to protect you and our services from unauthorized access, alteration, disclosure, or destruction of information. Measures implemented include but are not limited to:

• We use strong encryption to keep your data private while in transit.
• We encrypt data on all of our devices to keep your data private while at rest.
• We continuously review our information collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems.
• We restrict access to personal information to employees, contractors, and agents who need that information in order to process it. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined, terminated, and prosecuted if they fail to meet these obligations.

A cookie is a tiny piece of text sent to your browser by a website you visit. It helps the website to remember information about your visit, like your preferred language and other settings, and to recall who you are after having logged in.

You can set your browser to ask before allowing cookies or to not allow cookies at all. Please refer to your browser's help to find out about the options available. Please be aware, that it is not possible to log on to our services or place an order with cookies fully deactivated.

A CDN (Content Delivery Network or Content Distribution Network) is a geographically distributed network of proxy servers and data centers. The goal is to provide high availability and high performance by distributing the service spatially relative to end-users.

To allow faster and more reliable access to our services we use Amazon CloudFront, CDN77, and Cloudflare.

Some of our services including but not limited to our Threat Intelligence Services and Feeds run on AWS (Amazon Web Services) hosted in european datacenters.

AWS General Data Protection Regulation (GDPR) Center

Chat on our websites, our Knowledgebase, and our Status Page are provided by Crisp IM SARL.

Privacy Statement

The comment system on our website is provided by Disqus.

Disqus Privacy Policy

Our own communication services including but not limited to email run on Google Workplace (G Suite). All services are hosted in european datacenters.

Google Cloud & the General Data Protection Regulation (GDPR)

Scheduling of meetings and events is provided by SavvyCal.

Privacy Policy of savvycal.com

Our order process is conducted by our online reseller Paddle.com. Paddle.com is the MOR (Merchant of Record) for all our orders. Paddle provides all customer service inquiries and handles returns.

Paddle GDPR

We use Zoom for meetings, video conferencing, and online events.

Zoom and the European Union’s General Data Protection Regulation (GDPR)

1. Information to be provided where personal data are collected from the data subject (Art. 13):
   this means we must inform you how we are going to use your personal data. We do this through this privacy policy and by informing you how your data will be used each time we collect it.
2. Information to be provided where personal data have not been obtained from the data subject (Art. 14): not applicable, all personal data will be obtained from the data subject
3. Right of access by the data subject (Art. 15):
   you have the right to access your personal data that we hold. This is called a subject access request. We must respond to your request within one month.
4. Right to rectification (Art. 16):
   if you think the data we hold on you is incorrect, please inform us so we can put it right.
5. Right to erasure ('right to be forgotten') (Art. 17):
   you have the right to request that we delete your data. We will do so, provided that we do not have a compelling reason for keeping it.
6. Right to restriction of processing (Art. 18)
7. Notification obligation regarding rectification or erasure of personal data or restriction of processing (Art. 19)
8. Right to data portability (Art. 20):
   you can obtain and reuse your personal data for your own purposes across different services.
9. Right to object (Art. 21):
   you have the right to object to
   • Direct marketing: you can opt out of direct marketing any time by following the instructions on how to unsubscribe included in any direct marketing message that we send to you.
   • Any processing where our lawful basis is legitimate interest (see above). If you would like to formally object to any of our legitimate interest processing, please contact us.
10. Automated individual decision-making, including profiling (Art. 22):
    this is not something we do at all. If that ever changes, this policy will be updated accordingly.

You can use the social media icons provided on our sites to post content and and to comment on social networks.

When you click on any of these icons, you will be directed to the respective site. That site will be registering that action and may use that information. Please refer to the respective policies of that site to see how exactly they use your information and to find out how to opt out or delete such information.