Date of Last Revision: September 9, 2019
Disclosure of Your Personal and Other Information: We do not sell your personal information. There are, however, certain circumstances in which we may share your personal information with certain third parties without further notice to you, including in connection with business transfers, to affiliates, service providers, agents, consultants and related third parties, partners and resellers, to other users of BitSight Connect and to comply with legal requirements. Learn more
Accessing and Updating Your Personal Information: Upon request we will provide you with information about whether we hold any of your personal information and allow you to access, correct, or request deletion of such information. In the event you close any account in connection with the Services, we will remove your name and other personal information. Learn more
Links from the Sites: Certain pages of the Sites and Services may, from time to time, contain external links. We are not responsible for the privacy practices of other websites. Learn more
Security: We take reasonable steps to protect the personal information provided via the Sites and Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Learn more
Children: Our Sites and our Services are not directed to persons under 18. If we become aware that a child under 18 has provided us with personal information, we will delete such information from our files. Learn more
International Use: We are headquartered in the United States of America. Personal information may be accessed by us or transferred to us in the United States or to our affiliates, service providers, agents, consultants and related third parties, partners and resellers, or service providers elsewhere in the world. By providing us with personal information, you consent to this transfer. Learn more
EU-U.S. and Swiss-U.S. Privacy Shield: We participate in and have certified our compliance with the EU-U.S. and Swiss-U.S. Privacy Shield Framework. Learn more
Our Contact Information: We have designated our Privacy Manager to oversee our compliance with applicable privacy laws. Questions and inquiries concerning your privacy may be directed by email to firstname.lastname@example.org or to the address below. Learn more
When you interact with us through the Services or Sites, we may collect personal information and other information from you, including:
We may accumulate and aggregate certain statistical and related data in order to improve the performance and functionality of the Sites and Services, to develop new products and/or services or to analyze the usage of the Sites and Services. As noted above, we may use aggregated data for such purposes as we, in our sole discretion, deems to be appropriate.
We are the sole owner of information collected on the Sites and Services (including any metadata), except for vendor lists and contact information that you provide to us in connection with your use of our Sites and Services.
If you provide personal information for a certain reason, we may use such personal information in connection with the reason for which it was provided. We may also use personal information to administer your account, to respond to customer service requests, to help us improve the content and functionality of the Sites and Services, to better understand our users and to improve the Sites and Services and to market our Services to you. We may combine any or all of this data with other information we collect about you.
We may also use this information to contact you in the future to tell you about services we believe will be of interest to you. Each bulk marketing communication we send to you will contain instructions to "opt-out" of receiving future marketing communications. In addition, if at any time you wish not to receive any future marketing communications or wish to have your name deleted from our mailing lists, contact us as indicated below under “Our Contact Information.” You may also opt out as to whether your personal information is (i) to be disclosed to a third party other than as described herein or (ii) to be used for a purpose that is materially different from the purpose(s) for which it was originally collected (or subsequently authorized by you) by contacting us as indicated below under “Our Contact Information.”
We do not sell your personal information. There are, however, certain circumstances in which we may share your personal information with certain third parties without further notice to you, as set forth below:
We may also share aggregated and non-personal information with any third party, including the media and industry observers. For example, we may disclose security trends or the number of customers that have evaluated or purchased our products and services.
Upon request we will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging into your account or contacting us at email@example.com. We will respond to your request within a reasonable timeframe. Please be aware that even after we have processed your request for such a change, we may retain certain residual information in the backup and/or archival copies of our database.
In the event you close any account in connection with the Services, your account will be deactivated and your name and other personal information will no longer be accessible by you. We may retain your personal information for as long as your account is active or to provide you services, improve our Services, comply with our legal obligations, resolve disputes and enforce our agreements.
Certain pages of the Sites and Services may, from time to time, contain external links. You should verify and validate any and all privacy practices of other websites. We encourage you not to provide personal information, without first assuring yourself of the privacy policies of such other websites.
WE ARE NOT RESPONSIBLE IN ANY WAY FOR ANY USE AND/OR MISUSE OF ANY PERSONAL INFORMATION OR OTHER INFORMATION PROVIDED BY YOU AT SUCH OTHER WEBSITES.
We take reasonable steps to protect the personal information provided via the Sites and Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. For example, access to your personal information and/or your information on the Services is password-protected (it is your responsibility to protect the security of any of your login information). Notwithstanding our efforts, we cannot guarantee absolute or unqualified protection of this information given the open nature and resulting instability of the Internet, and we make no representations or warranties as to the effectiveness of our security and assume no liability for security breaches or any failure in the security of your computer equipment, your internet service provider or other networks and communications providers. If you have any questions about the security of your personal information, you can contact us at firstname.lastname@example.org.
Our Sites and our Services are not directed to persons under 18. We do not knowingly collect personal information from children under 18. If a parent or guardian becomes aware that his or her child has provided us with personal information without such parent or guardian's consent, he or she should contact us. If we become aware that a child under 18 has provided us with personal information, we will delete such information from our files.
We participate in and have certified our compliance with the EU-U.S. Privacy Shield Framework and the Swiss – U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union, Switzerland and the United Kingdom to the United States, respectively. We are committed to subjecting all personal information received from European Union (EU) member countries, the United Kingdom and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List.
We are responsible for the processing of personal information we receive under each Privacy Shield Framework and subsequent transfers to a third party acting as an agent on our behalf. We comply with the Privacy Shield Principles for all onward transfers of personal information from the EU, the United Kingdom and Switzerland, including the onward transfer liability provisions.
With respect to personal information received or transferred pursuant to the Privacy Shield Frameworks, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
We have designated our Privacy Manager to oversee our compliance with applicable privacy laws. Questions and inquiries concerning your privacy may be directed by email to email@example.com or write us:
BitSight Technologies, Inc.
111 Huntington Ave, Suite 2010
Boston, MA 02199
Attn: Legal Department/Privacy Manager
We will use commercially reasonable efforts to respond to your inquiries, questions or comments within five (5) business days of their receipt.