1. Personal Information We Collect
Information Provided by You
- Account information. When you create an account for our Platform you provide us with Personal Information, such as your name, email address, telephone number, job title, company name, country, and password.
- Contact information and other information you choose to provide to us. When you contact us via a contact form on our Website, fill out a form on our Website, for example to request a demo, a risk assessment or to read a report, contact us via email, or by other means, you provide us with Personal Information, such as your name, email address, telephone number and the contents and nature of your correspondence with us.
- Event and meeting information. When you register to attend an event, or schedule an in-person meeting with us, you provide us with Personal Information, such as your name, email address, telephone number and details on the event or meeting you would like to attend with us.
- Third Party information. When you engage with Armis content through outside parties, offline or online, or consent to sharing your information with our partnered vendors, we collect or update existing information to ensure we provide you a quality experience and send any appropriate communications. Participating parties may include media agencies, data vendors, and integration partners.
- Support information. When you request technical support services, we will process your Personal Information such as your name and the contact details you use to contact us, as well as information on the reasons for your support request, and any additional information you may provide in that context.
Information Collected via Automated Means
- Identifiers and usage. When you use our Services, we and third parties may automatically collect your IP address, advertising identifiers and potentially non-personal information about your device including model, version and operating system.
Information Collected from Other Sources
- Information from third parties. We obtain Personal Information about you from third parties, such as people directories, data brokers, corporate information directories and other entities. This information may include name, email, phone, location, social profile and other similar information. We may also obtain Personal Information from third parties we work with to organize events.
2. Use of Personal Information
We may use the Personal Information for one or more of the following purposes:
- Providing you with the Services. We use your Personal Information to operate, maintain and provide you with the Services. In particular we will use your Personal Information to perform our contractual obligation towards you to allow you to create an account, browse and use the Platform, and to contact you in case of any issue with your account. The Personal Information we process when doing so includes your registration, contact information and how you interact with the Services.
- Providing you with support and otherwise communicating with you. If you reach out to us for support, we will perform our contractual obligation towards you by using your Personal Information to respond and resolve your queries and facilitate support. We may send you technical notices, updates, security alerts and support and administrative messages and communicate with you through live chat, email or telephone. The Personal Information we process when doing so includes your correspondence with us, your name, contact details, and, to the extent applicable to your query or complaint, transaction and usage information.
- Processing your transactions and executing payments on your account or bill for products or services purchased by you.
- Marketing. We use your Personal Information to communicate with you regarding promotions, events, and other news, products or services we think will be of interest to you. Where required, we will obtain your consent to do so. We may send you periodic emails regarding your order or other products and services. You can opt out of such communications when you register for the Platform, by following the unsubscribe mechanism, or by otherwise emailing us at [email protected].
- Improving or monitoring usage of our Services. It is in our legitimate interests to improve our Services and analyze the use of our Services, which includes conducting troubleshooting, testing and research and to keep the Services secure. When doing so we may use Personal Information that we automatically collect about you, such as identifiers and information.
- Enforcing our Terms and Conditions, to comply with legal obligations and to defend Armis against legal claims or disputes. It is in our legitimate interests to enforce our terms and policies, to ensure the integrity of our Services and to defend ourselves against legal claims or disputes. Where we do so, we will use the Personal Information relevant to such a case. Some processing may also be necessary to comply with a legal obligation placed on Armis, for example to keep records of transactions.
- Events and webinars. We use your Personal Information to organize and invite you to events and webinars.
- Surveys. We may use your Personal Information to solicit and process your opinions through surveys.
3. Our Use of European Personal Information
If you are in the European Economic Area (EEA), the United Kingdom (UK) or Switzerland we only process your Personal Information when we have a valid legal basis.
- Consent. We may use your Personal Information when you have given your consent to do so.
- Contractual necessity. We may use your Personal Information to perform our end of our contracts with you. For example, to provide you with the Services.
- Legal obligation. We may use your Personal Information when we are legally required to. For example, to comply with tax and accounting obligations, or to comply with a court order.
- Legitimate interest. We may use your Personal Information when we, or a third party, have a legitimate interest in doing so. For example, we have a legitimate interest in understanding usage and improving the Services. We only rely on our or a third party’s legitimate interests to process Personal Information when these interests are not overridden by your rights and interests.
4. Cookies and Similar Technologies
Cookies are small files of letters and numbers that we store on your browser or the hard drive of your computer. They contain information that is transferred to your computer’s hard drive.
You can block cookies by setting your internet browser to block some or all or cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Services.
5. Sharing of Your Personal Information
We disclose Personal Information about you with the following recipients and in the following circumstances:
- Vendors and service providers. We rely on vendors and service providers for the provision of our Services, such as cloud service providers who we rely on for data storage, disaster recovery and to perform our obligations to you, such as Amazon Web Services; analytics providers who help us to understand our user base and how our Services are used, such as Google Analytics and 6Sense; providers of data management tools, such as Marketo and Salesforce; and providers of business communication tools, such as Slack. You can learn more about Google’s practices by visiting https://www.google.com/policies/privacy/partners/. Any engagement of a third-party service provider will be governed by appropriate contractual requirements.
- Armis group. We share Personal Information about you with our affiliates and subsidiaries for shared business interests or to process event based requests.
- Law enforcement. Information about our users, including Personal Information, will be disclosed to law enforcement agencies, regulatory bodies, public authorities or pursuant to the exercise of legal proceedings if we are legally required to do so, or if we believe, in good faith, that such disclosure is necessary to comply with a legal obligation or request, to enforce our terms and conditions, to prevent or resolve security or technical issues, or to protect the rights, property or safety of Armis, our users, a third party, or the public.
- Change of corporate ownership. If we are involved in a merger, acquisition, bankruptcy, reorganisation, partnership, asset sale or other transaction, we may disclose your Personal Information as part of, or in consideration of, that transaction.
6. Third Parties
The Services may contain features or links to websites and services provided by third parties. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, and governing privacy and security, even if accessed through the Services. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through the Services and we encourage you to learn about third parties’ privacy and security policies before providing them with your Personal Information.
7. Your Rights and Choices
If you do not wish to have your email address or other contact information used by Armis for marketing purposes to promote our own or our affiliates’ or subsidiaries’ products or services, you can opt out by contacting us as set out in the ‘Contact Us’ section below. If we have sent you a newsletter or promotional email, you may opt-out of receiving them by following the instructions included in each newsletter or communication.
Your European Privacy Rights
If you are in the EEA, the UK or Switzerland you also have the following additional rights in relation to your Personal Information that we hold.
- Access. You have the right to access the Personal Information we hold about you, and to receive an explanation of how we use it and who we share it with.
- Correction. You have the right to correct any Personal Information we hold about you that is inaccurate or incomplete.
- Erasure. You have the right to request for your Personal Information to be erased or deleted.
- Object to processing. You have the right to object to our processing of your Personal Information where we are relying on a legitimate interest or if we are processing your Personal Information for direct marketing purposes.
- Restrict processing. You have a right in certain circumstances to stop us processing your Personal Information other than for storage purposes.
- Portability. You have the right to receive, in a structured, commonly used and machine-readable format, Personal Information that you have provided to us if we process it on the basis of our contract with you, or with your consent, or to request that we transfer such Personal Information to a third party.
Please note that, prior to any response to the exercise of such rights, we will require you to verify your identity. In addition, we may have valid legal reasons to refuse your request and will inform you if that is the case. For more information on your rights, please contact us as indicated in the ‘Contact Us’ section below.
8. Data Hosting and EU-U.S. & Swiss-U.S. Privacy Shield
Armis, Inc. is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Armis, Inc. complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Armis, Inc. is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission (FTC). In certain situations, Armis, Inc. may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, Armis, Inc. commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Armis, Inc. at: [email protected].
Armis, Inc. has further committed to refer unresolved Privacy Shield complaints to https://www.jamsadr.com/eu-us-privacy-shield, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit https://www.jamsadr.com/eu-us-privacy-shield, for more information or to file a complaint. The services of https://www.jamsadr.com/eu-us-privacy-shield are provided at no cost to you.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may invoke binding arbitration when other dispute resolution procedures have been exhausted.
9. Cross-border Data Transfer
We may transfer the Personal Information that we collect about you to recipients in countries other than the country in which the Personal Information originally was collected. Those countries may not have the same data protection laws as the country in which you initially provided the Personal Information.
If you provide us with your Personal Information when using the Services from the European Economic Area (“EEA”), Switzerland or the UK, please note that you are transferring your Personal Information outside of those regions to the United States for storage and processing. When we transfer your Personal Information outside of the EEA, Switzerland or the UK, we will ensure that relevant safeguards are in place to afford adequate protection for your Personal Information. Further details regarding the relevant safeguards can be obtained from us on request.
10. Data Retention
The period of time for which we keep Personal Information depends on the purpose for which we collected it. In all cases we keep it for as long as necessary to fulfill your requests or inquiries, provide the Services or comply with our legal obligations, resolve disputes and enforce our agreements. We will then delete the Personal Information, in accordance with our retention policy, unless we are legally required to retain it or if we need to retain it in order to comply with our legal obligations (for example, for tax and accounting purposes).
Subject to any applicable legal requirements, we typically retain Personal Information you provide to us through our Services for the duration of our relationship with you and until we do not have any contact with you for an extended period of time. When deleting Personal Information, we will take measures to render such Personal Information irrecoverable or irreproducible, and the electronic files which contain Personal Information will be permanently deleted.
11. Security of Personal Information
We take reasonable measures to help protect Personal Information from loss, theft, misuse and unauthorized access, disclosure, alteration, and destruction. We follow generally accepted standards to protect the Personal Information submitted to us, both during transmission and once it is received. To safeguard this information, we use technical, administrative and physical data protection controls including firewall barriers, data encryption techniques and authentication procedures, among others, that are designed to improve the integrity and security of Personal Information that we collect and maintain. However, the transfer of Personal Information through the internet will carry its own inherent risks and we do not guarantee the security of your data transmitted through the internet. You make any such transfer at your own risk.
The Services are not directed to children. We do not knowingly collect Personal Information from children. If you, as a parent or guardian, become aware that your child has provided us with Personal Information without your consent, please contact us as indicated in the ‘Contact Us’ section below. If we become aware that a user is under the age of 18 and has provided us with Personal Information without verifiable parental consent, we will delete such information from our files.
13. Notifications and Complaints
Should a data breach occur, you will be notified via email to the extent legally required.
If you wish to lodge a complaint about how we process your Personal Information, please contact us at [email protected]. We will endeavour to respond to your complaint as soon as possible. If you live in the EEA, Switzerland or the UK, you may also lodge a claim with the Information Commissioner’s Office in the UK or the data protection supervisory authority in the EU country in which you live or work, or where you believe we have infringed data protection laws.
15. Contact Us
300 Hamilton Avenue, Suite 500
Palo Alto, California 94301