Privacy Policy

BitSight Privacy Policy

Effective Date: July 22, 2024

At BitSight Technologies, Inc. ("we" or "us" or “BitSight”), including our majority owned subsidiaries ThirdPartyTrust, LLC, NSEC Sistemas Informáticos, S.A., BitSight Technologies UK, Limited, BitSight Technologies Singapore Pte. Ltd., BitSight Technologies Argentina SA, and BitSight Technologies France SAS, we respect and protect the privacy of our customers and others who use our websites (including the www.bitsight.com, www.bitsighttech.com, and www.thirdpartytrust.com domains) (the “Sites”) and our products and services (collectively, our “Services”). This privacy policy (the “Privacy Policy”) provides details about how your personal information is collected, secured, transferred, disclosed and used by us. It also describes your choices regarding use, access and correction of your personal information. Personal information is any information that identifies you or would enable someone to contact you, which may include your name, email address, phone number and other non-public information that is associated with such information. It does not include aggregate information, anonymous information or any other non-personally identifiable information. Unless expressly set forth herein or required by law, this Privacy Policy also does not apply to any unsolicited information you provide to us through the Sites or the Services or through any other means, such as information posted to any public areas of the Services (including our online community and blog), any ideas for new products or modifications to existing products, and other unsolicited submissions (collectively, “Unsolicited Information”). All Unsolicited Information shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose, and distribute such Unsolicited Information to others without limitation or attribution. This Privacy Policy does not cover how our customers may use the data that we provide to them in connection with our Services.

Summary and Contents

The summary below provides the key concepts of the full Privacy Policy. If you have questions, please click the links to view the complete text below.

• Information We Collect:  When you interact with us through the Sites or the Services, we may collect personal information and other information from you, including information you give us, information we get from your use of our Services, information we receive from other sources and information collected by third parties on our Sites. Learn more

• Our Use of Your Information:  We collect information only as necessary to fulfill the purposes set forth in this Privacy Policy (including to provide our services) and we will only use this information as described in this Privacy Policy. Learn more

• Disclosure of Your Personal and Other Information:  There are certain circumstances in which we may disclose your personal information to certain third parties without further notice to you, including in connection with online marketing and business transfers to parties including affiliates, service providers, agents, consultants and related third parties, partners and resellers, to other users of the BitSight customer community forum and to comply with legal requirements. Learn more

• Use of Cookies: We may use cookies to collect information about your use of our Sites. Learn more

• Opt-out Choices: You may decide to opt-out of our use of certain cookies and other tracking technologies on our Sites. Learn more

• Retention of Information: Personal and other information we collect will not be kept for longer than is necessary for the business purpose described above for which it is collected and processed and will be retained in accordance with our internal document retention policies. Learn more

• Links from other Sites:  Certain pages of the Sites and Services may, from time to time, contain external links or access to services provided by third parties.  We are not responsible for the privacy practices of other websites or third parties. Learn more

• Security:  We take reasonable steps to protect the personal information provided via the Sites and Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. Learn more

• Children:  Our Sites and our Services are designed for business use and are not directed to persons under 18.  If we become aware that a child under 18 has provided us with personal information, we will delete such information from our files. Learn more

• Location of Data: We are headquartered in the United States of America. Personal information may be accessed by us or transferred to us in the United States or to our affiliates, service providers, agents, consultants and related third parties, partners and resellers, or service providers elsewhere in the world. By providing us with personal information, you consent to this transfer. Learn more

• Transferring Your Personal Information Internationally: We participate in and have certified our compliance with the EU-U.S. Data Privacy Framework, the UK Extension, and the Swiss-U.S. Data Privacy Framework. We are committed to subjecting all personal data received from the EEA, the UK, and Switzerland, respectively, in reliance on each Data Privacy Framework, to the Framework’s applicable Principles. Learn more

• Certifications: Our privacy practices, described in this Privacy Policy, comply with the APEC Cross Border Privacy Rules (CBPR) System and APEC Privacy Recognition for Processors (PRP) System. Learn more

• Your Privacy Rights: Depending on the jurisdiction in which you are located, and how you interact with Bitsight, you may have certain legal rights over the personal information we hold about you. Learn more

• Exercising Your Privacy Rights: Where you are entitled to exercise privacy rights under applicable law, you may access, correct, object to processing or request deletion of your personal information by logging into your account or contacting us. Learn more

• Our Contact Information:   We have designated our Privacy Manager to oversee our compliance with applicable privacy laws. Questions and inquiries concerning your privacy may be submitted by completing this form, by email to [email protected], by phone to 1 (844) 735-0076, or to the address below. Learn more

• Notification of Changes:  Your access to and use of the Sites and the Services is strictly conditioned upon your agreement with and consent to the terms and conditions of this Privacy Policy. In the event of any material modification by us to this Privacy Policy, we will notify you as described below. Learn more

Information We Collect and Their Sources

When you interact with us through the Services or Sites, we may collect, hold, and use the following personal information and other information from you, including:

• Information you give us.
  • Contact Information (Identifiers): We collect personal information from you when you complete our online forms, contact us with inquiries, or as part of your access and use of the Services. This information includes contact information such as name, mailing address, email, phone number, title, company information, and any other information provided by a user of the Services (including a user-submitted photograph).

  • Account and Payment Information: We also collect personal information from you when you log into the Services, provide payment and billing information (excluding credit card information), or post in BitSight customer community forum. You are solely responsible for the personal information you choose to submit in any customer community forums. Please note a third-party payment processor collects credit card information directly from you and holds and processes such information pursuant to their own privacy policy.

  • Call and Video Call Information:  We may collect personal information from you when you call us (including video calls) and calls may be recorded and analyzed for training, quality control and for sales and marketing purposes. We may use third party vendors to facilitate calls. During such calls we will notify you of the recording via either text disclaimer, voice prompt or script.

  • Chat information: We may collect personal information from you when you chat online with us and chats may be recorded and analyzed for training, quality control and for sales and marketing purposes. We may use third party vendors to facilitate chats.Information we get from your use of our Sites or Services (e.g. ISPs)

• Information we get from your use of our Sites or Services (e.g. ISPs): 

  • Internet or other similar network activity (i.e. IP Address, Log Data, and Other Data): As is true of most websites, we gather certain information automatically and store it in log files. This information may include Internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site. Such information we get from your use of our Sites and Services, which is collected passively using various technologies, and cannot presently be used to specifically identify you unless you have previously interacted with us by completing a form on our website or log into the Services (see “Contact Information” and “Account Information” above). We may store such information itself or such information may be included in databases owned and maintained by our affiliates, agents or service providers.

  • Tracking Technologies: As described in this Privacy Policy, we and third parties on our Sites, may use cookies and similar tracking technologies (collectively, “Cookies”) to improve your experience, for our advertising and marketing efforts, or provide feedback to us on your use. For more information, see Cookies Policy below. Information we receive or collect from other sources (e.g. third party vendors)

  • Third Party Data: We may receive information about you from other sources, including public internet sources, third parties from whom we have purchased data, or affiliated companies, and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you. If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us.

• Information collected by third parties on our sites (e.g. vendors and service providers)

  • Social Media Information: Our Sites include social media features and widgets such as Facebook, YouTube, Twitter and LinkedIn or interactive mini-programs that run on our Sites. These features may collect your IP address, which page you are visiting on our Sites, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Sites. Your interactions with these features are governed by the privacy statement of the company providing it.

  • Automated Technologies, Usage and Analytic Data: We may accumulate and aggregate certain statistical and related data - such as what product features you use the most, when an object (like a ticket) is opened and closed, and how often certain features (like workflows) are triggered in your account - when you or your users interact with the Sites and Services in order to improve the performance and functionality of the Sites and Services, to develop new products and/or services or to analyze the usage of the Sites and Services or to provide our products and services, including providing our customers with support and customer success, and for tailored sales and marketing purposes (including profiling for automated targeted marketing campaigns). We engage third party providers to collect usage data . For more information about how we protect your information with these service providers, please see Disclosure of Your Personal and Other Information.

We are the sole owner of information collected on the Sites and Services (including any metadata), except for vendor lists and contact information that you provide to us in connection with your use of our Sites and Services.

To the extent the General Data Protection Regulation (the “GDPR”) applies to any personal information you give us to enable us to provide the service or operate our Sites, we rely on legitimate interest. We also process data based on consent for certain sales and marketing purposes.

Our Use of Your Information and Legal Bases for Processing

We collect information only as necessary to fulfill the business purposes set forth in this Privacy Policy and we will only use this information as described in this Privacy Policy.

If you provide personal information for a specific reason, we will use such personal information in connection with the reason for which it was provided. We may rely on one or more of the following legal bases to process your personal information where the General Data Protection Regulation (“GDPR”) or other similar privacy laws apply:

• Where use of information is necessary to perform our obligations under a contract  e.g. For internal purposes, such as for example, administering your account, including impersonation of account users for support purposes;
• Where use of your information furthers our legitimate interests or the legitimate interests of others, taking into consideration your interests, rights, and expectations, for example: 
  • to communicate with you by responding to your requests, comments and questions, 
  • to help us improve the content and functionality of the Sites and Services and to market our Services to you including for automated personalized marketing campaigns for customers and prospects (which may also be based on consent, as applicable), 
  • to provide aggregated and non-identifiable analytical and benchmarking data for security and other insights, or to prevent fraudulent activity and for any other purpose based on our legitimate interest, 
  • for customizing your experience (e.g. remembering your preferences or restricting access to certain features or content due to applicable law in your location), and 
  • internal operations such as troubleshooting, data analysis, testing and statistical purposes, and product maintenance and improvement
• Where you have consented to our processing of your information for a particular purpose.

Any bulk marketing communication we send to you will contain instructions to "opt-out" of receiving future marketing communications. If at any time you wish not to receive any future marketing communications or wish to have your name deleted from our mailing lists, contact us as indicated below under “Our Contact Information.” You may also opt out as to whether your personal information is (i) to be disclosed to a third party other than as described herein or (ii) believe your personal information is being used for a purpose that is materially different from the purpose(s) for which it was originally collected (or subsequently authorized by you) by contacting us as indicated below under “Our Contact Information.”

Disclosure of Your Personal and Other Information

We do not sell your personal information to any third parties for their own benefit. There are, however, certain circumstances in which we may share your personal information with certain third parties without further notice to you, as set forth below:

• Business Communications. As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, personal information may be part of the transferred assets or otherwise shared as is in our legitimate business interests. 

• Related Parties. We may also share your personal information with our affiliates for purposes consistent with this Privacy Policy. We may share your information with others within your organization (including any affiliates or any other individuals designated as users on your account). 

• Service Providers, Agents, Consultants and Third Parties. Occasionally, we enter into contracts with carefully selected third parties so that they can assist us in servicing you (for example, providing or maintaining databases, analytics, processing payment, fraud detection and deterrence or access to advertising assets), to assist us in our own marketing and advertising activities or to engage in co-marketing activities with us. Our contracts with such third parties prohibit them from using any of your personal information for any purpose beyond the purpose for which it was shared.

• Business Partners and Resellers. We may share your personal information with our partners and resellers so that they can assist you in using our Services and sell or resell our Services to you.

• Data Submitted in Connection with BitSight Customer Community Forum. Your name and/or username and the information you post in the BitSight customer community forums and any activities you engage in will be available to other users of the BitSight customer community forum.

• Legal Requirements. We may disclose your personal information as is in our legitimate interests when such disclosure is necessary or advisable, in our sole discretion, to conduct an investigation, respond to a third party or law enforcement subpoena or court order, bring legal action, prevent harm to others or pursue other relief when you or a third party are or may be: violating our terms and conditions of use; causing injury or other harm to, or otherwise violating our property or other legal rights, or those of other users of our Sites and Services or third parties; or violating federal, state, local, or other applicable law. This disclosure may include transferring information to the U.S. and outside the European Economic Area.

We may also share aggregated and non-identifiable information with any third party, including the media and industry observers and as part of our products and services. For example, we may disclose security trends, benchmarking data or the number of customers that have evaluated or purchased our products and services.

Use of Cookies

We may use Cookies served by a third party (e.g., Google Analytics) to collect information about your use of our Sites so that we can provide advertising about products and services tailored to your interests. Where required by law, we base the use of third party cookies upon consent. We use the following types of Cookies:

• Essential Cookies: These Cookies are required for providing you with features or Services that you have requested. For example, certain Cookies enable you to log into secure areas of our Services. Disabling these Cookies may make certain features and Services unavailable.
• Functional Cookies: These Cookies allow us to analyze Site usage so we can measure and improve performance.  For example, Google, Inc. (“Google”) uses Cookies in connection with its Google Analytics services. For more information on how Google uses this information, click here.
• Advertising Cookies: These Cookies are used to deliver advertising that is more relevant to you and your interests. They may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns.

For more information about specific Cookies being used on our Site, and the information they collect, please see our Cookie Consent Manager. If you would prefer to not receive personalized ads based on your browser or device usage, see Opt-out Choices for more information or see our Cookie Consent Manager. 

Opt-out Choices

There are a number of ways you can opt-out of certain interest-based advertising and other online tracking activities, which we have summarized below. Please note that these opt-out tools are not associated with BitSight, and we cannot guarantee that these tools work as their providers advertise them:

Advertising industry opt-out tools: To opt-out of interest-based advertising by participating companies in the following consumer choice mechanisms, please visit: 

• Digital Advertising Alliance (DAA)’s self-regulatory opt-out page (http://optout.aboutads.info/) and mobile application-based "AppChoices" download page (https://youradchoices.com/appchoices)
• European Interactive Digital Advertising Alliance (EDAA)'s consumer opt-out page (http://youronlinechoices.eu)
• Network Advertising Initiative (NAI)’s self-regulatory opt-out page (http://optout.networkadvertising.org/).

Platform opt-outs. Some of our advertising partners offer opt-out features that let you opt out of use of your information for interest-based advertising, including: Google, LinkedIn, and Bing.

• Blocking advertising ID use in your mobile device settings. Your mobile devices may offer settings that enable you to make choices about the collection, use, or transfer of your advertising ID associated with your mobile device for interest-based advertising purposes.
   
• Blocking Cookies in your browser. Most browsers let you remove or reject Cookies, including Cookies used for interest-based advertising. To do this, follow the instructions in your browser settings. Many browsers accept Cookies by default until you change your settings. For more information about Cookies, including how to see what Cookies have been set on your device and how to manage and delete them, visit www.allaboutcookies.org.
   
• Using privacy plug-ins or browser add-ons. You can block our websites from setting Cookies used for interest-based ads by using a browser with privacy features or installing browser plugins and configuring them to block third party Cookies. For example, if you do not want Google Analytics to collect and use information about your use of our Sites, then you can install a browser add-on to opt- out of Google Analytics.

Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt out on every browser and device that you use. Opting-out of interest-based advertising does not mean that you will no longer receive online ads. It only means that such ads will no longer be tailored to your specific viewing habits or interests. You may continue to see ads on and about the Services.

Visiting our Cookie Consent Manager. You can click here to customize your Cookie consent preferences. See Use of Cookies above for more information.

Do Not Track. “Do Not Track” is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. Please note that we do honor DNT signals or similar mechanisms transmitted by web browsers except for the www.thirdpartytrust.com website, which does not currently honor DNT or other similar signals.

Retention of Information

Personal and other information we collect will not be kept for longer than is necessary for the business purpose described above for which it is collected and processed and will be retained in accordance with our internal document retention policies. The criteria used to determine our retention periods include: (a) the length of time we have an ongoing relationship with our customers and provide services, (b) whether there is a legal obligation to which we are subject, and (c) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations). 

We may retain your personal information for as long as your account is active, to provide you services, improve our Services, comply with our legal obligations, resolve disputes and/or enforce our agreements.

Links from other Sites

Certain pages of the Sites and Services may, from time to time, contain external links or access to services provided by third parties. You should verify and validate any and all privacy practices of other websites. We encourage you not to provide personal information, without first assuring yourself of the privacy policies of such other websites. 

WE ARE NOT RESPONSIBLE IN ANY WAY FOR THE PRIVACY PRACTICES OF OTHER WEBSITES OR THIRD PARTIES OR FOR ANY USE AND/OR MISUSE OF ANY PERSONAL INFORMATION OR OTHER INFORMATION PROVIDED BY YOU AT SUCH OTHER WEBSITES OR SERVICES.

Security

We take reasonable steps to protect the personal information provided via the Sites and Services from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. For example, access to your personal information and/or your information on the Services is password-protected (it is your responsibility to protect the security of any of your login information). Notwithstanding our efforts, we cannot guarantee absolute or unqualified protection of this information given the open nature and resulting instability of the Internet, and we make no representations or warranties as to the effectiveness of our security and assume no liability for security breaches or any failure in the security of your computer equipment, your internet service provider or other networks and communications providers. If you have any questions about the security of your personal information, you can contact us at [email protected].

Children

Our Sites and our Services are designed for business use and are not directed to persons under 18. We do not knowingly collect personal information from children under 18 and as such do not sell or share personal information of consumers under the age of 18. If a parent or guardian becomes aware that his or her child has provided us with personal information without such parent or guardian's consent, he or she should contact us. If we become aware that a child under 18 has provided us with personal information, we will delete such information from our files.

Location of Data

We are headquartered in the United States of America. Personal information may be accessed by us or transferred to us in the United States or to our affiliates, service providers, agents, consultants and related third parties, partners and resellers, or service providers elsewhere in the world. By providing us with personal information, you consent to this transfer. We will protect the privacy and security of personal information according to this Privacy Policy, regardless of where it is processed or stored, however you explicitly acknowledge and consent to the fact that personal information stored or processed in the United States will be subject to the laws of the United States, including the ability of governments, courts or law enforcement or regulatory agencies of the United States to obtain disclosure of your personal information.
 

Transferring your Personal Information Internationally

BitSight Technologies, Inc. and its wholly owned subsidiary ThirdPartyTrust, LLC (“Bitsight US”) comply with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce. Bitsight U.S. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union and the United Kingdom in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. BitSight U.S. has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/ or visit the U.S. Department of Commerce’s Data Privacy Framework List.

Bitsight U.S. is responsible for the processing of personal data it receives, under the Data Privacy Framework, and subsequently transfers to a third party acting as an agent on its behalf.  Bitsight U.S. complies with the Data Privacy Framework Principles for all onward transfers of personal data from the EEA, UK, and Switzerland, including the onward transfer liability provisions.

With respect to personal information received or transferred pursuant to the Data Privacy Framework, we are subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Under certain conditions, more fully described on the Data Privacy Framework website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

 

Certifications

Our privacy practices, described in this Privacy Policy, comply with the APEC Cross Border Privacy Rules (CBPR) System and APEC Privacy Recognition for Processors (PRP) System. The APEC CBPR and PRP systems provides a framework for organizations to ensure protection of personal information transferred among participating APEC economies. More information about the APEC framework can be found here.

 

Your Privacy Rights

Depending on the jurisdiction in which you are located, and how you interact with Bitsight, you may have certain legal rights over the personal information we hold about you, subject to local privacy laws. These may include the right, depending on your jurisdiction, to:

• Obtain access to your personal information that is being processed by us, including: the categories and/or specific pieces of personal information we collected, the categories of sources from which personal information is collected, the business or commercial purpose for collecting personal information, and the categories of third parties to whom we disclosed personal information
• Correct inaccurate personal information.
• Request the deletion of your personal information.
• Opt out of the sale or sharing of personal information for targeted advertising.
• Object to the processing of your personal information carried out on the basis of our legitimate interests in the EEA, UK, and Switzerland, and ask us to restrict the processing of your personal information.
• Request the portability of your personal information in a structured, commonly used, and machine-readable format.
• Withdraw your consent at any time, if we have collected and processed your personal information with your consent. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
• Opt out of marketing communications sent by Bitsight.

Applicable laws may also give you the right to lodge a complaint with a local supervisory authority related to this Privacy Policy.

Residents of Colorado, Connecticut, Virginia, Utah, and other U.S. states may have additional rights which may include the rights included above in the absence of a valid exemption.
 

Exercising Your Privacy Rights

Where you are entitled to exercise privacy rights under applicable law, you may access, correct, object to processing or request deletion of your personal information by logging into your account or contacting us (including our European representative) by completing the Privacy Request Form. You must provide the information listed in the Privacy Request Form so that we can verify your identity, including validating your name and the email you use when interacting with Bitsight. You may also authorize another person or third party to submit a request to exercise your rights by providing written permission in conjunction with the submission of the requested information or by giving the third party your power of attorney. We will acknowledge your request and provide a follow-up substantive response within a time period permitted by applicable law. In the event that we need an extension to fulfill a request, we will notify you. If we deny your request, we will provide reasons for that denial. 

If your personal information has been submitted to us by or on behalf of a Bitsight customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable customer directly.

We will not discriminate against you for exercising any of your rights with respect to your personal information.

Please be aware that even after we have processed your request, we may retain certain residual information in the backup and/or archival copies of our database or any data that we may retain in compliance with applicable law. 
 

Right to Opt-Out of the Sale of Your Personal Information

You may opt-out of the sale or sharing of your personal information for targeted advertising by clicking the Cookie Preferences link in the footer of our Website and opting out of the Functional and Advertising Cookies, or by implementing the Global Privacy Control (GPC). For instructions on how to download and use GPC, please visit https://globalprivacycontrol.org. See Use of Cookies above for more information.

Further, we do not share the personal information of California residents with third parties for their own direct marketing purposes.

Our Contact Information

We have designated our Privacy Manager to oversee our compliance with applicable privacy laws. Questions and inquiries to us (including our European representative) concerning your privacy may be directed:

• By email to [email protected].
• By phone at 1 (844) 735-0076, or you can write us at:
  • BitSight Technologies, Inc.
    111 Huntington Ave, Floor 4
    Boston, MA 02199
    United States
    Attn: Legal Department/Privacy Manager

We will use commercially reasonable efforts to make an initial response to your inquiries, questions or comments within five (5) business days of their receipt.

All data subject or similar access requests must be made by completing this Privacy Request form.

Notification of Changes

Your access to and use of the Sites and Services is strictly conditioned upon your agreement with and consent to the terms and conditions of this Privacy Policy, as it may be amended and/or updated from time to time at our sole discretion. In the event of any material modification by us to the way and purpose we process your personal information, we will notify you by email (sent to the email specified in your account) or by means of a notice on www.bitsight.com prior to the change becoming effective and your continued use of the Sites and Services will indicate your acknowledgement of such changes and agreement to be bound by the modified Privacy Policy terms. If you object to any such changes, you may not continue to access or use the Sites or Services. We encourage you to periodically review this page for the latest information on our privacy practices.