Last updated: September 1, 2022
This Privacy Notice (this “Notice”) applies to the website located at www.forallsecure.com (the “Site”) as well as our software, platform, and all services offered by ForAllSecure, Inc. (“ForAllSecure,” “Company,” “we,” or “us”) through the Site or otherwise (collectively, including the Site, our “Services”). We take your privacy seriously. This Notice provides you with information on how we collect, gather, process, share, and use information we may obtain about you during your use of our Services and in the context of interactions with our company.
We collect and process personal and/or business data relating to Site visitors, purchasers and users of Services, and others who interact with our organization. We are committed to being transparent about how we collect and use the data and to meeting privacy and data protection obligations. Please note that this Notice does not apply to the use of data by third-party businesses or services whose services are accessible via a link on or an integration with our Services.
What information do we collect?
ForAllSecure collects information from Site visitors, customers, users of our Services, and others as described in this section. Specifically, we may collect, process and otherwise use the following categories of data (examples listed below may change over time and will vary depending on the ways in which you interact with us and our Services):
- Personal Information: This includes information that can identify, relate to, describe, be associated with, or be reasonably capable of being associated with a particular individual (“Personal Information”). Examples of Personal Information collected by ForAllSecure may include, but are not limited to:
- Identity Data: Information about you and your identity, such as your name, company name or title.
- Contact Data: Information used to contact you, such as your email address, company address, billing address, and phone number.
- Account Data: Information created when you open an account with us (such as your login credentials for our Services) or authentication credentials you may provide in connection with a third party API or other service you wish to test using our Services. This may also include data relating to your usage of your account on our Services.
- Transaction Data: Information relating to a purchase order or request for information on our Site, or other transaction on or relating to our Services, such as the details of your transaction.
- Financial Data: Information provided when you pay for Services, such as a credit card or other financial or billing account number, and other information you provide in connection with a financial transaction.
- Device/Network Data: Information relating to your device, browser, or application e.g. IP addresses, MAC addresses, application ID/AdID/IDFA, identifiers from cookies, session navigation history and similar browsing metadata, and other data generated through applications and browsers, including cookies and similar technologies.
- Freeform Data: Unstructured/free-form data that may include any category of Personal Information described above (and Non-Identifying Information), e.g. data that you give us in free text fields such as emails/comments, feedback forms, or survey responses.
- Non-Identifying Information: This includes information that cannot on its own identify or be associated with a particular person (“Non-Identifying Information”). Examples of Non-Identifying Information collected by ForAllSecure may include, but are not limited to: demographic data, information regarding your use of the Services (to the extent it is not associated with a registered account), and general data. We may aggregate information collected from all users, and in some cases, we may render Personal Information into a form of Non-Identifying Information that does not identify you directly.
Please note that our Services are intended for a general business audience and intended for users age 18 and older. We do not knowingly collect Personal Information from anyone younger than age 18. If we become aware that a child younger than 18 has provided us with Personal Information, we will use commercially reasonable efforts to delete such information from our files. If you are the parent or legal guardian of a child younger than age 18 and believe that we have collected Personal Information from your child, please contact us at: email@example.com.
How do we collect information?
- From you. You may provide a variety of Personal Information to us when you interact with us and our Services, such as providing Identity Data and Contact Data when you initially contact us, transact with us, or apply for a position with our company; Freeform Data that you provide by filling in forms within our Services; Account Data provided when you register for or use your ForAllSecure account; and Transaction Data or Financial Data provided when you make a purchase from us, register for a webinar or event on our Site, subscribe to receive updates from our blog or otherwise interact with us or our Services. You may also provide us with data whenever you correspond or otherwise communicate with us. When you use our Services while you are logged in to your account, or when you conduct search queries on the Services, you may also submit certain information to us (some of which may be intentionally provided by you, and some of which may be provided through automated processes and technologies, as described below).
- From automated processes and technologies. When you use our Site and Services, you provide certain Device/Network Data and Account Data to us. This information includes details of your visits to our Site and use of our Services, including traffic data, logs, and other connection data and the resources that you access and use within our Services. Automated technologies can also provide information about your computer and internet connection, including your device type, IP address, operating system, and browser type and version. It can also include a unique device identifier (“Device Identifier”) for any device (computer, mobile phone, tablet, etc.) used to access the Services. A Device Identifier is a number that is automatically assigned or connected to the device you use to access the Services, and our servers identify your device by its Device Identifier. Some mobile service providers may also provide us or our third-party service providers with information regarding the approximate physical location of the device used to access the Services.
- From third parties. Other parties, such as our service providers and event partners, may collect certain Personal Information and Non-Identifying Information from you and provide this information to ForAllSecure. For example, when you register for an event organized by an event partner of ForAllSecure, your registration data (which may include Identity Data, Contact Data, Transaction Data and Financial Data) may be shared with us by the event partner. If you interact with a service provided to us on our platform by a third party (such as a company facilitating event registrations, or third parties who assist us with marketing or analytics), that party may share information with us to enable us and the service provider to better provide and tailor our communications and Services to you and other users or customers.
How do we use the data?
Data will be processed and stored in a range of different places, including in your ForAllSecure account and on other information technology systems (including email) owned or controlled by us. We process and otherwise use the information we collect for purposes such as the following:
- Identity Data, Contact Data, and Account Data may be used to facilitate our interactions with you, to respond to your inquiries and other requests, to contact you about our goods and services that may be of interest to you (subject to your right to opt-out of any marketing communications).
- Account Data, Transaction Data, Device/Network Data, and Freeform Data is used to provide our Services to you, to improve our Services and the user experience, for customer service, to secure our Services, and to understand how users interact with our Services.
- Transaction Data and Financial Data are used to provide information requested by you, process your orders.
- Identity Data and Freeform Data may be used to make decisions about hiring and recruitment, should you apply for a position with our organization.
- Account Data and Device/Network Data may be used to determine what content on our Services you may be most interested in.
- Identity Data and Contact Data may be used to notify you about changes to our Services or any products or services we offer or provide.
- Identity Data, Contact Data and Account Data may be used to provide you with the information, products, or services that you or your affiliates request from us, and to enable you to participate in interactive features within our Services.
- All Personal Information may be used:
- To carry out our obligations and enforce rights arising from any contracts entered into between you and us;
- To detect, protect against, and prosecute privacy and security incidents and fraudulent or illegal activity; and
- To fulfill any other purpose for which you provide it or for which you provide consent.
Your use of our Services indicates your agreement with the use of the cookies described below. If you do not agree with our use of these technologies, do not use our Services for any reason, and please contact us at firstname.lastname@example.org if you have questions or concerns.
Necessary cookies. These cookies are essential, as they enable you to interact with the Services and use their features, such as accessing areas secured by user credentials. Without these cookies, we might not be able to provide or offer some services you may request.
Analytics and measurement. These cookies enable the collection of information about your use of content and various features of our Services, and are combined with previously collected information, to measure, understand, and report on your usage of the Services
Targeting cookies. These cookies are used to deliver advertisements that are relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of an advertising campaign. They remember that you have visited a website and this information may be shared with other organizations such as advertisers. This means after you have been to our Site you may see some advertisements about our services elsewhere on the Internet.
Matching/ linking data. These cookies combine data from online or offline sources that were initially collected in other contexts and allow processing of a user’s data to connect such user across multiple devices.
Geolocation cookies. These third party cookies allow processing of a user’s precise geographic location data in support of a purpose for which the cookie installer has consent.
Do Not Track. Please note that your browser settings may allow you to automatically transmit a “Do Not Track” signal to websites and online services you visit. Like many websites and online services, ForAllSecure does not currently alter its practices when it receives a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result. For further information visit www.aboutcookies.org.
With whom does ForAllSecure share your information?
We may share any Personal Information and Non-Identifying Information we consider to be relevant with any of the following:
- our current or future subsidiaries and affiliates in order to streamline provision of Services or for other business purposes, or a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets.
- contractors, service providers, and other third parties we use to support our business, such as cloud hosting providers, payment processors, and event management vendors.
- third parties who assist us in fulfilling the purpose(s) for which you provide it, including marketing our products or services to you or enabling you to engage in providing services to other users or our customers.
- third parties to market their products or services to you (subject to your right to opt-out of such communications).
- law enforcement, government entities or others, to comply with any court order, law, or legal process, including to respond to any government or regulatory request.
Note, some of these disclosures may be made to governments that do not ensure the same degree of protection of your Personal Information as your home jurisdiction. We may, in our sole discretion (but without any obligation) object to the disclosure of your Personal Information to such parties.
How do we protect data, transfer it, and for how long do we keep it?
We take the security of your data seriously. We use reasonable security measures to safeguard the Personal Information we process, such as internal policies and controls designed to reduce the possibility of data loss, destruction, unauthorized disclosure, or misuse. Please note that we sometimes share Personal Information with third parties as noted above, and we do not have the ability to control all aspects of these third parties’ security. We do not warrant perfect security and although we use certain controls to prevent unauthorized access to your data, please be aware that no security measures are perfect or impenetrable.
International Data Transfers
ForAllSecure is a U.S. company. If you are located outside the United States and choose to provide information to us, we transfer at least some Personal Information to the United States for processing, and our service providers may process Personal Information in the United States and elsewhere. These countries may not have the same data protection laws as the country in which you initially provided the information. When we transfer your information to the United States, we will protect it as described in this Notice. Data we collect may be transferred to, stored, and processed in any country or territory where one or more of our affiliates or service providers are based or have facilities. While other countries or territories may not have the same standards of data protection as those in your home country, we will continue to protect personal data that we transfer in line with this Privacy Notice.
We retain your data only for as long as we need to. We will retain and use your Personal Information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies).
Other rights regarding your Personal Information
Depending on where you live, and subject to our obligations under applicable laws, you may have certain rights and choices regarding your Personal Information. For example, in addition to choices described elsewhere in this Notice, you may have some or all of the following rights and choices, which you may exercise by contacting email@example.com or as otherwise described below:
Marketing and Advertising Rights:
- Opt-out of Marketing: All individuals have the right to opt-out of receiving marketing communications from ForAllSecure at any time. You may exercise your choices regarding marketing communications by clicking on the “unsubscribe” link in emails we send you, or by emailing firstname.lastname@example.org.
- California residents and residents of certain other states may have the right to request a list of Personal Information we have disclosed about you to third parties for direct marketing purposes during the preceding calendar year.
- Behavioral Advertising: You may opt out or withdraw your consent to behavioral advertising. In some cases, we may be able to process third party opt-out requests directly, however in some cases, you must opt out of third party services directly via the third party. If you wish to take steps to opt-out of tracking by certain online advertisers, you can visit the Digital Advertising Alliance’s opt-out page at http://www.aboutads.info/choices or the Network Advertising Initiative at www.networkadvertising.org/optout_nonppii.asp. You can limit or opt out of our processing for behavioral advertising by emailing email@example.com.
Do Not Sell: ForAllSecure does not currently “sell” (as defined by the California Consumer Privacy Act and other state laws as of the date of this Notice) any Personal Information subject to this Privacy Notice, and it does not exchange Personal Information for any type of financial incentive. However, this practice could change in the future. If you wish to be placed on our “do not sell” list in the event that we begin selling Personal Information in the future, please send an email to firstname.lastname@example.org and request to be added to this list.
Other Regional Rights:
- Access Rights: You may have the right to receive certain information, such as the following (these rights, and the applicable types of data and time periods, will vary depending on the laws applicable to the state or country in which you reside):
- Provide you with the categories of Personal Information we have collected or disclosed about you; the categories of sources of such information; the business or commercial purpose for collecting or selling your personal information; and the categories of third parties with whom we shared Personal Information.
- Provide you with access to and/or a copy of certain Personal Information we hold about you.
- In some circumstances, you may have the right to obtain certain Personal Information in a portable format.
- Erasure: You may have the right to request that we delete certain Personal Information we have about you. We may either decide to delete your Personal Information entirely, or we may anonymize or aggregate your Personal Information such that it no longer reasonably identifies you. Certain Personal Information may be exempt from such requests under applicable law. For example, we need certain types of information so that we can provide our Services to you, we may be required to retain certain information for legal purposes, and there may be other reasons we may need to keep certain Personal Information under various applicable laws. In addition, i you ask us to delete your Personal Information, you may no longer be able to access or use the Services.
- Correction: You may have the right to request that we correct certain Personal Information we hold about you.
- Limitation of Processing: Certain laws may allow you to object to or limit the manner in which we process some of your Personal Information, including the ways in which we use or share it. For example, you may have these rights if the processing was undertaken without your consent in connection with our legitimate business interests (although we may not be required to cease or limit processing in cases where our interests are balanced against your privacy interests).
- Regulator Contact: You may have the right to contact or file a complaint with regulators or supervisory authorities about our processing of Personal Data. To do so, please contact your local data protection or consumer protection authority.
- Other: You may have the right to receive information about the financial incentives that we offer to you, if any. You may also have the right to not be discriminated against (as provided for in applicable law) for exercising certain of your rights.
If you believe that you have specific rights under your jurisdiction and you would like to exercise any of these rights, please email us at email@example.com. Other than marketing opt-out and do-not-sell requests, you will be required to verify your identity before we fulfill your request. In certain jurisdictions, you may be able to designate an authorized agent to make a request on your behalf, subject to certain requirements of your applicable law. We may require that you provide the email address we have on file for you (and verify that you can access that email account) as well as an address, phone number, or other data we have on file, in order to verify your identity. If an agent is submitting the request on your behalf, we reserve the right to validate the agent’s authority to act on your behalf.
We may update this Privacy Notice at any time and any changes will be effective upon posting. If there are substantial changes to the way we treat your Personal Information, we will display a notice through the Site prior to the change becoming effective. We may also notify you by email, in our discretion.
If you have questions about this Privacy Notice, would like a copy of some or all of your data, or would like to opt out of future sales of your data, please email us at firstname.lastname@example.org or write to us by mail addressed to 3710 Forbes Ave, Pittsburgh, PA 15213.