Privacy Policy

Effective date: June 1, 2021

The purpose of this Cequence Security Privacy Policy (“Privacy Policy” or “policy”) is to explain how Cequence Security, Inc. (“Cequence,” “we,” “us, “our”) collects, uses and discloses information you (“you” or “your”) provide to us or which we otherwise may collect in conducting our business, including in licensing our software products or software-as-a-service and in providing our services (collectively, the “Products”) to you and in making the Cequence website (the “Site” or “www.cequence.ai”) available to you.  Our goal is to provide you with a clear understanding of what information we may collect (depending upon the circumstances in your use of the Site or Products), how we may use it, and the rights you have with respect to such information.  Please read this notice carefully before using the Site or Products.  By accessing or using our Site or Products, you acknowledge that you have read this policy.  This Privacy Policy covers (i) information relating to your use of the site and (ii) personal information provided by you or via third parties.

Personal Information Collected

We collect several different types of information for various purposes.  The information we collect depends on your interactions with us, the Products you use, your location, the privacy settings you choose and applicable law.

Personal Information You Provide

  1. When You Visit Our Site
    When you visit our Site, you may be asked to volunteer personal information.  We collect and store personal information you provide us directly through our Site, your interactions through social media, your participation in a survey or promotion, your completion of a job application, your download of various white papers on our Site, and at events.  We collect such information to fulfill your requests or for sales and marketing activities, conducted in accordance with your marketing preferences.  Information you voluntarily provide may include:

    • Contact information, such as your name, email address, phone number, physical address, and user names.
    • Demographic data, such as your job title, company name, and company location.
    • Content and communications, such as any data you enter into any chat boxes, communications on social media, messaging services (like Slack).
  2. When You Use Our Products
    If you use our Products, your or your employer may provide certain information to us through the Products.  For example, when you register to use the Products, when you communicate with customer support, or otherwise send us an email or communicate in any other way.  In such cases, personal information we collect may include:

    • Business contact information, such as your name, job title, company, phone number, email address, and country.
    • Marketing information, such as your contact preferences.
    • Account log-in information, such as your email or username and password when you sign up for an account with us, and the user ID assigned to you in our systems.
    • Support data, such as personal information you provide or we otherwise access in connection with your support inquiries (contact or authentication data, content of communications with us, and the Products related to your inquiry).

Personal Information we collect automatically

  1. When You Visit Our Site
    When you visit our Site we gather information from your browser or device automatically.  To the extent this automatically collected data includes, or is linked to, personal information, we will treat the data in accordance with this Privacy Policy.

    The personal information we collect may include:

    • Geolocation data, such as your general location using your IP address.
    • Identifiers and device information, such as your device’s operating system, device identifier, customer ID and other device information, IP address, and log data regarding your interaction with our Site.
    • Social media and other platforms, such as information we receive about you when engage with us through third party platforms such as Slack, Google, Facebook, LinkedIn, etc. where data we exchange with such platforms may depend upon your selected privacy settings with such (do not provide us any sensitive data through these platforms; we are not responsible for their data privacy, security or use practices).
  2. When You Use Our Products
    When you use our Products, we collect technical information that is anonymized and sanitized to remove personal or proprietary information.  This information is used to research evolving threat patterns followed by malicious actors. Such information may include:

     

    • Transaction metadata of malicious traffic, including geo-location, time, ISP of the originating request and IP address
    • Tool attributes, including patterns and behaviors seen across various botnet toolkits.
    • Browser Behavior Analytics, including browser attributes such as user agent.
    • Targeted and accessed assets, including kinds of public-facing assets that are targeted by the attacks, such as login, product catalogs, etc.

Information we collect from third-party sources

We may receive your personal information from third party sources and marketing and research partners.  Use of our Products may also provide your personal information when they identify you as a billing, support or technical contact, or when inviting you to use our Products or attend our events.  If you integrate or link a third party service with our Site or Products, we may receive personal information about you from that third party service based upon the settings and permissions you’ve established with such third party service and that third party service’s privacy practices.

The types of information we collect from third parties may include contact information, demographic data, and content and communications.  We use this information to maintain and improve the accuracy of the records we hold about you, identify new customers, and provide a more tailored advertising experience.  We may combine this information with other information we collect about you through our Site and Products.

When you are asked to provide personal information, you may decline, but doing so may limit the use of certain products or their capabilities.  We are not responsible for the data policies and procedures of any third parties, and you should review the privacy policies of each website you visit.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Site and we hold certain information.  Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags, and scripts to collect and track information and to improve and analyze our Site and Products.  You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site. The cookies we use include the following:
  1. Strictly Necessary Cookies These cookies are necessary for the Site to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personal information.
  2. Performance Cookies These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our Site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
  3. Functional CookiesThese cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
  4. Targeting CookiesThese cookies may be set through our Site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
  5. Social Media CookiesThese cookies are set by a range of social media services that we have added to the Site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.
  6. Web BeaconWe may collect information using Web beacons. Web beacons are electronic images that may be used on our Site, Products, or in our emails.  We use Web beacons to deliver cookies, count visits, understand usage and campaign effectiveness, and to tell if an email has been opened and acted upon.
  7. Google AnalyticsWe use cookies served by Google Analytics to collect limited data directly from your browser to enable us to better understand your use of the Site and Products including making use of the demographics and interests reports services of Google Analytics. Further information on how Google collects and uses this data can be found at www.google.com/policies/privacy/partners/. You can opt-out of all Google supported analytics by visiting https://tools.google.com/dlpage/gaoptout.

Service Providers

We may employ third party service providers to facilitate and provide our Products on our behalf, perform related services or assist us in analyzing how our Products are used.  These service providers have access to your personal information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose if you opt out of their usage of your data.

  1. Analytics

    We may use service providers to monitor and analyze the use of our Products.

    • Google Analytics. On our Site, we also may utilize Google Analytics, a web analysis service provided by Google, to better understand your use of the Site and Products. Google Analytics collects information such as how often users visit the Site, what pages they visit and what other sites they used prior to visiting. Google uses the data collected to track and examine the use of the Site, to prepare reports on its activities and share them with other Google services. Google may use the data collected on the Site to contextualize and personalize the ads of its own advertising network. Google’s ability to use and share information collected by Google Analytics about your visits to the Site is restricted by the Google Analytics Terms of Use and the Google Privacy Policy. Google offers an opt-out mechanism for the web available here.
    • Marketo Marketing Automation. This website uses Marketo marketing automation tracking code which uses cookies to collect personal data and website behavior tracking while on our site. This data is used for the purpose of aiding our marketing efforts to deliver personalized and relevant content to our visitors. For more information on the privacy practices of Marketo, please visit the Marketo Privacy page: https://documents.marketo.com/legal/privacy/, and for more information about cookies, please go to the Marketo cookie policy page.
  2. Behavioral Remarketing

    We use remarketing services to advertise on third party websites to you after you visited our Site. We and our service providers use cookies to inform, optimize, and serve ads based on your past visits to our Site.

    • Google Ads (AdWords) remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en
    • Twitter remarketing service is provided by Twitter Inc. You can opt-out from Twitter’s interest-based ads by following their instructions: https://support.twitter.com/articles/20170405 You can learn more about the privacy practices and policies of Twitter by visiting their Privacy Policy page: https://twitter.com/privacy
    • AdRoll remarketing service is provided by Semantic Sugar, Inc. You can opt-out of AdRoll remarketing by visiting this AdRoll Advertising Preferences web page: http://info.evidon.com/pub_info/573?v=1&nt=1&nw=falseFor more information on the privacy practices of AdRoll, please visit the AdRoll Privacy Policy web page: http://www.adroll.com/about/privacy

Links to Other Sites

Our Site may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.  We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites, products or services.

Use of Personal Information

We may use the collected personal information for various purposes:

  1. To provide and maintain our Site and Products
    We may use your personal information in the operation and administration of the Site and to provide, operate and maintain the Products.
  2. To notify you about changes to our Products and provide necessary functionality
    We may send you service, technical and other types of notifications (such as distribution and Product updates, patches and fixes) in providing the Products and necessary functionality.
  3. To provide you customer support
    If you request online support or if you contact us by other means including via a phone call, we process your personal information to perform our obligations under our agreement with you and/or (if we have not entered into an agreement with you) to the extent it is necessary to fulfill your requests and communicating with you.
  4. To gather analysis or valuable information to improve our Site and Products
    We may use your personal information to analyze trends and track your usage of and interactions with our Site, Products and marketing activities in order to improve such and provide you with more relevant content and service offerings.
  5. To monitor the usage of our Products
    We may use your personal information to review compliance with our agreement with you or your organization to the extent that it is in our legitimate interest to ensure adherence to the relevant terms.
  6. To detect, prevent and address technical issues
    We may use your personal information to promote the safety and security of our Site and Products, including to investigate and prevent fraudulent transactions, unauthorized access to the Site or Products, and other illegal activities.
  7. To use for transactional considerations
    We may use your personal information to complete transactions and send you related information, including purchase confirmations and invoices, to perform our agreement with you and to extent necessary to accomplish our transactional interests.
  8. To administer events
    We may use your personal information to plan and host events or webinars for which you have registered or that you attend, including sending related communications to you, billing, registration and to connect with other event attendees, to perform our agreement with you, or to the extent necessary to fulfill your requests to attend any such events.
  9. To send marketing communications
    We may use your personal information for marketing purposes in accordance with your preferences, such as to communicate with you about services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.
  10. To comply with legal obligations
    We may use your personal information when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws to the extent this requires the processing or disclosure of personal information to protect our rights and interests as necessary in protecting against misuse or abuse of our Site, the Products you use, operate the Site and business, meet our contractual and legal obligations, protect security of our systems and our customers, or fulfill other legitimate interests as described in this Privacy Policy and in our notices to you.

Disclosure of Personal Information

We may share your personal information in the following situations:

  1. With your consent

    In the event you provide your consent, we may disclose your personal information to third parties.

  2. Business partners and third parties

    We may disclose your personal information to our sponsors and co-sponsors of an event, whose information we believe may be relevant to you, or to research and advisory firms whose reports are offered through our Site.

  3. Third party vendors and other service providers

    We may share your personal information with our third party vendors and service providers that we use to provide services such as payment processing, reselling products or services, support ticket portals, secure transfer software, cloud hosting, video conference services, marketing automation platforms, project management tools, registration services, collaboration and communication tools, data backup services, and professional services.

  4. Business transactions

    We may share your personal information if we are involved in a company transaction such as a merger, acquisition, share or asset sale, reorganization, or financing or in the event of a bankruptcy, dissolution, or similar proceeding.

  5. Compliance with laws

    Under certain circumstances, we may disclose your personal information if required to do so by law, subpoena, in response to valid requests by public authorities (e.g. a court or a government agency).

  6. Legal rights

    We may disclose your personal information to:  (a) enforce our agreements; (b) to protect and defend our rights or property; (c) to prevent or investigate possible wrongdoing in connection with the Products; (d) to protect the personal safety of users of the Products or the public; or (e) to protect against legal liability.

Your choices about Personal Information

  1. Access, correction, or deletionIf you wish to request access, correction, or deletion of any of your personal information held by us or a change in the way we use your personal information (for which we reserve the right to charge you a fee, as permitted by applicable law), please submit your request to privacy@cequence.ai. However, we may decline requests that are unreasonable, prohibited by law, or are not required to be honored by applicable law.
  2. How to control your communications preferencesYou can stop receiving promotional emails from us by clicking on the “unsubscribe link” provided in such emails or by contacting us at the contact details set forth below.  We make every effort to promptly process all unsubscribe requests.  If you opt out, we may still send you transactional communications (e.g., non-promotional emails such as emails about training and events you registered to attend and technical or security notices).
  3. CookiesMost web browsers are set to accept cookies by default. If you prefer, you can usually set your browser to remove cookies and to reject cookies. If you choose to remove reject cookies, this could affect certain features or services of our Site or Products.
  4. Analytics and online advertisingOur third party analytics and service providers may provide you with options to opt-out of certain information collection.
  5. Do not trackThere are many ways through which web browser signals and other similar mechanisms (for example, “Do Not Track”) can indicate your choice to disable tracking, and, while we and others give you choices described in this Privacy Policy, we do not currently honor these mechanisms.
  6. European Data Protection Rights (EEA Residents)If the processing of personal data about you is subject to European Union data protection law (such as the GDPR), you have certain rights with respect to that data:
    • You may request access to and correction or deletion of your personal information at any time; however, we are not obligated to delete your information to the extent we need to comply with a legal obligation or to establish, exercise or defend legal claims.
    • You can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information.
    • If the processing of your personal information is based on your consent, you have a right to withdraw consent at any time for future processing; withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
    • You have the right to complain to a data protection authority about our collection and use of your personal information, but we encourage you to first contact us with any questions or concerns. For more information, please contact your local data protection authority. Contact details for data protection authorities in the European Economic Area (“EEA“) are available at https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
    • We do not engage in any automated decision making with your personal information.
    You may exercise the rights above by e-mailing us at privacy@cequence.ai
  7. California Privacy Rights (California Consumers)The California Consumer Privacy Act (“CCPA”) requires businesses that collect personal information from California residents to make certain additional disclosures.  The CCPA applies to you if you reside in the State of California.  The CCPA provides California residents with the following rights:
    • You may request access to, or for a copy of the personal information we have collected, used, disclosed, and sold about you over the past twelve (12) months (see Section 8 “Disclosures Required under California Law” below for additional information).
    • You may also request that we delete certain personal information we have collected from you.
    • You have a right not to receive discriminatory treatment for the exercise of your CCPA privacy rights.
    • You may also have the right to opt out of the sale of your personal information. In consideration of the right, we do not sell information as the terms “sale” or “sell” are traditionally understood (i.e. for money). However, making a California resident’s personal information (including IP addresses, cookies IDs, and mobile IDs) available to third parties as described above may broadly be considered a “sale” under the CCPA, given its broad definition of “sale.” The definition could also include the sharing of personal information with third parties in exchange for something of value, even if no money changes hands.  As discussed in this Privacy Policy, our advertising and analytics providers may collect your IP address, cookie ID, and mobile ID when you use our websites, and such vendors may further share your information to provide similar advertising or analytics services to their other customers.
    If you are a California resident seeking to exercise your CCPA rights, or if you are an authorized agent wishing to exercise CCPA rights on behalf of someone else, please e-mail us at privacy@cequence.ai. Please note that to protect your personal information, we will verify your identity by a method appropriate to the type of request you are making. We may also request that your authorized agent have written permission from you to make requests on your behalf, and we may also need to verify your authorized agent’s identity to protect your personal information.

Disclosures required under California Law

California law requires us to provide California consumers with some additional information regarding how we collect, use, and share your “personal information” (as defined in the CCPA). Throughout this Privacy Policy, we provide details about the information we collect from you or your device and explain how we use and share such information.

As described in detail in Section 1 “Personal Information Collected” above we may collect the following categories of information about you through you visiting our Site or the Products:

  • Identifiers, such as name and contact information;
  • Device identifiers, such as IP address;
  • Internet or other network or device activity, such as browsing history or app usage;
  • Geolocation information; and other information that identifies or can be reasonably associated with your device;
  • Commercial information, such as transaction data;
  • Professional or other employment related information, such as where you work and your title; and
  • Telemetry data.

The sources from which we collect personal information are described in Section 1 “Personal Information Collected” of this Privacy Policy. The business and commercial purposes for which we collect this information are described in Section 5 “Use of Personal Information” of this Privacy Policy. The categories of third parties to whom we disclose this information for a business purpose are described in Section 6 “Disclosure of Personal Information” of this Privacy Policy.

How we store and protect Personal Information

  1. Storage and processing

    Your information collected through the Sites and our Products may be stored and processed in any country in which we our any of our subsidiaries, affiliates, or service providers maintain facilities including your region, the United States, European Economic Area, Canada, or Germany amongst others.  Our processing locations are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem.  We take steps designed to ensure that the data we collect under this Privacy Policy is processed according to the provisions of this Privacy Policy and applicable law wherever the data is located.

  2. International data transfers

    When we transfer personal information from the European Economic Area, the United Kingdom, or from Switzerland to the United States or other countries which have not been determined by the European Commission to have laws that provide an adequate level of data protection, we use legal mechanisms, including contracts, designed to help ensure your rights and protections.  Specifically, our website servers are located in the United States and our affiliates, partners, third parties and service providers operate in the United States, European Economic Area, Canada, or Germany amongst others. This means when we collect your personal information, we may process it in any of these countries.  However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy.  The safeguard we primarily rely upon is the European Commission-approved standard contractual data protection clauses.

  3. Keeping your personal information safe

    We care about the security of your personal information and take reasonable and appropriate technical and organizational measures designed to prevent loss, misuse, and unauthorized access, disclosure, alteration, and destruction of personal information – remember that no method of transmission over the Internet or method of electronic storage is 100% secure.  No security system is impenetrable, and we cannot guarantee the security of our systems or your information. For this reason, you should be mindful of the information you provide to us.

  4. Lawful basis for processing personal information (EEA only)

    If you are located in the European Economic Area (EEA), Cequence Security, Inc. is the data controller of your information.  Our legal basis for collecting and using the personal information in Section 5 “Use of Personal Information” will depend on the personal information concerned and the specific context in which we collect it.  However, we will normally collect personal information only where we have your consent to do so, where we need the personal information to perform under an agreement with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms.  In some cases, we may also have a legal obligation to collect personal information from you.

    If we ask you to provide personal information to comply with a legal requirement or to perform under an agreement with you, we will indicate this at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as the possible consequences, if any, if you do not provide your personal information).  Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of a third party), we will indicate to you at the relevant time what those legitimate interests are.

    If you have questions about the legal basis for processing or want to find out more, please contact us at privacy@cequence.ai.

  5. Retention

    We retain personal information as long as necessary for the purposes for which the personal information is used and for longer periods as necessary for us to comply with applicable law.  For example, we retain your account information for as long as your account is active or as needed to provide you with Products you have requested or authorized, including maintaining and improving the performance of the Products and protecting system security.  We also retain personal information as needed to maintain appropriate business and financial records, protect our legal interests, resolve disputes, or comply with legal or regulatory requirements.  When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or if this is not possible (for example, because your personal information has been stored in backup archives), then we will store your personal information using appropriate security measures and take appropriate steps designed to isolate it from any further processing until deletion is possible.

Children's Privacy

Our Site and Products do not address anyone under the age of 18.  We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us at privacy@cequence.ai.  If we become aware that we have collected personal information from children without verification of parental consent, we take steps to remove that information from our servers.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.  We will let you know via email and/or a prominent notice on our Site, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.  You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, please contact us:
  • By visiting this page on our website: https://www.cequence.ai/contact-us/
  • By phone: +1 650-437-6338
  • By email: privacy@cequence.ai
  • By mail: Cequence Security, Inc. Attn: Privacy, 5201 Great America Pkwy #240, Santa Clara, California, 95054 USA