Cyberfish Privacy Policy

Last updated: April 27, 2021

We would like to describe how we collect, use and protect your information when you access our corporate website and our Cyberfish products (collectively, the “Services”). When we refer to “we, “our,” or “us,” we’re referring to Cofense Cyberfish Ltd. and its subsidiaries and affiliates. When we refer to “you” or “your," we’re referring to the business, government or entity ordering and accessing the Cyberfish products or the individual accessing our website.

What does this Privacy Policy cover?

This Privacy Policy covers our treatment of personally identifiable information, which is information related to a living individual who can be identified from that information (“Personal Data”), which we collect when you are accessing or using our Services, but it does not cover the practices of third parties or companies we don’t own or control. We collect various types of Personal Data from our users, as explained in more detail below, and we use this Personal Data internally in connection with our Services, to personalize, provide, and improve our Services, customize content for you, to allow you to set up a user account and profile, to contact you and allow other users to contact you, to market to you, to fulfill your requests for certain products and services, and to analyze how you use the Services. In certain cases, we may also share some Personal Data with third parties, but only as described below.

When you provide us with Personal Data or allow us to access Personal Data, you agree that (i) you are authorized to provide us the Personal Data for us to use, process, and transfer it as set forth hereunder and have informed the relevant third parties of, and they have given their consent to, such use, processing, and transfer as required by applicable data protection laws, including without limitation, for us to use and transfer Personal Data to third parties in order to provide the Services (ii) you will comply with all applicable data protection and privacy laws and regulations, (iii) you have have obtained all necessary rights, permissions, or consents prior to providing your Personal Data and using the Services to comply with applicable laws and regulations, including, without limitation, the EU General Data Protection Regulation 2016/679, the Wiretap Act 1979 of the State of Israel, and the Protection of Privacy Regulations (Information Security) 2017 of the State of Israel, for us to process, store and transfer Personal Data as set forth hereunder and (iv) you are accepting this Privacy Policy and any supplementary privacy statement that may be relevant to you.

We do not knowingly collect personal information from children without appropriate parental or guardian consent. If you believe that we may have collected personal information from someone under the applicable age of consent in your country without proper and required consent, please let us know at privacy@cofense.com and we will take appropriate measures to investigate and address the issue promptly.

What information do we collect?

Information you provide to us:

We receive and store any information you knowingly provide to us. We may collect Personal Data such as your name and email address (including log-in via the Google or Microsoft Office 365 accounts for the use of our Cyberfish products) as part of accessing the Services. For example, we may access, collect or store your name, your email address and certain account information that may be required to register with us or to allow you to use the functionalities provided by Cyberfish products and provide technical support.

If you provide your account credentials to us or otherwise sign in to the Cyberfish products through a third-party site or service, you understand some content and/or information in those accounts (“Third Party Account Information”) may be transmitted into your account with us, and that Third Party Account Information transmitted to our product is covered by this Privacy Policy.

With respect to the Cyberfish products, we collect Personal Data contained in emails customers provide us access to by their use of the Cyberfish products.

We will obtain the Personal Data you provide us during the sales and/or fulfillment process. We may use such Personal Data including name, phone number, mailing address, and email address to contact you, send you, invoices, perform accounting, auditing and collection activities, answer questions, provide support and update you about the solutions.

We collect Personal Data about you when you submit information through our websites such as for requests for product information; registering for whitepapers, reports, newsletters or webcasts; or entering promotions. We may communicate with you if you’ve provided us the means to do so. For example, if you’ve given us your email address, we may send you promotional email offers, emails for new features, special events and important announcements, or email you about your use of the Cyberfish products. Also, we may receive a confirmation when you open such an email sent by us. If you do not want to receive these communications from us, please indicate your preference by sending an email to privacy@cofense.com.

Information collected automatically

Log files record website activity on the Services and enable us to gather statistics about our users’ browsing habits. These entries help us determine how many and how often users have accessed or used our Services, which pages they’ve visited, and other similar data.

Whenever you interact with our Services, we automatically receive and record information on our server logs from your browser or device, which may include your IP address, device identification, “cookie” information, information about your browser and operating system, referring/exit pages, operating system, date/time stamp, your location, and the page or feature you requested. “Cookies” are identifiers we transfer to your browser or device that allow us to recognize your browser or device and tell us how and when pages and features in our Services are visited and by how many people. You may be able to change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of the features of our Services.

Our websites uses the following types of cookies for the purposes set out below:

Type of cookies

Purpose

Essential Cookies

These cookies are essential to provide you with services available through our websites and to enable you to use some of its features, e.g., to allow you to log in to secure areas of our websites.  Without these cookies, the services that you have requested cannot be provided.

Functionality Cookies

These cookies allow our websites to remember choices you make when you use our website, such as remembering your user preferences.  The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our website.

Analytics and Performance Cookies

These cookies are used to collect information about traffic to our website.  The information gathered does not identify any individual visitor.  The information is aggregated and anonymous. We use this information to help operate our website more efficiently, to gather broad demographic information and to monitor the level of activity on our website.

We may use Google Analytics and other third party analytics services for this purpose. Google Analytics uses its own cookies.  It is only used to improve how our website works.  You can find out more information about Google Analytics cookies here: https://developers.google.com/analytics/resources/concepts/gaConceptsCookies.  You can find out more about how Google protects your data here: www.google.com/analytics/learn/privacy.html.

You can prevent the use of Google Analytics relating to your use of our website by downloading and installing the browser plugin available via this link: http://tools.google.com/dlpage/gaoptout?hl=en-GB.

Social Media Cookies

These cookies are used when you share information using a social media sharing button or “like” button on our website or you link your account or engage with our content on or through a social networking website such as Facebook, Twitter, or Google+.  The social network will record that you have done this.

Information collected from other websites and Do Not Track policy

Through cookies we place on your browser or device, we may collect information about your online activity after you leave our Services. Just like any other usage information we collect, this information allows us to improve the Services and customize your online experience, and otherwise as described in this Privacy Policy. Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioral advertising services) that you do not wish such operators to track certain of your online activities over time and across different websites. Our Services may not support Do Not Track requests at this time, which means that we may collect information about your online activity both while you are using the Services and after you leave our Services.

Disclosure of Personal Data to third parties

Generally. We neither rent nor sell your Personal Data in personally identifiable form to anyone. However, we may share your Personal Data with third parties who provide us or our affiliates with services that may require us to provide them with your Personal Data in order to provide the service.

Provision of our products: With respect to the Cyberfish product, we may disclose Personal Data to our partners, contracted third-party vendors and service providers (including cloud service providers), who work with us and are contractually bound by applicable confidentiality and data protection obligations, to help us provide the Cyberfish products.

Disclosure within our group of companies. We may also share Personal Data within our family of companies for a variety of purposes, for example, to provide you with the latest information about our products and offer you our latest promotions, for the purposes of operating the Services, and to share threat intelligence learned from the Services.

 

Compliance with applicable law and protection of our company and others: We reserve the right to access, read, preserve, and disclose any information, including Personal Data, that we believe is necessary i) to comply with applicable law, and legal processes including, court orders, subpoenas, search warrants, ii) to enforce our agreements, or iii) to protect the rights, property, or safety of our company, our employees, our users, or others, including in the event of an emergency that threatens an individual’s life, health, or security.

Information that is not personally identifiable: We may collect information that is related to you but that does not personally identify you (“Non-Personal Data”). Non-Personal Data also includes information that could personally identify you in its original form, but that we have modified (for instance, by aggregating, anonymizing or de-identifying such information) to remove or obscure any Personal Data. We may use Non-Personal Data for any reason and may share such information freely with third parties.

International collection, processing, transfers, and storage of Personal Data

 

We are a business with global operations. As a result, we collect, process, transfer, and store Personal Data on a global basis in respect to our affiliates and subsidiaries, as well as our third-party vendors, service providers and partners. That means that we, our affiliates, subsidiaries, partners, third-party vendors, and service providers, may collect, process, transfer, and store your Personal Data in locations outside of your country. By using and accessing our Services or providing Personal Data to us, you consent to such collection, processing, transfer, and storage of your Personal Data.

 

Where we transfer your Personal Data to another country, we will ensure that it is protected and transferred in a manner consistent with applicable legal requirements. Please note that these data transfer practices may vary based on your location and the applicable Service being used. For example, we may process or otherwise transfer Personal Data in or to any country outside the European Economic Area or any country not deemed adequate by the European Commission pursuant to applicable data protection laws to the extent necessary for the provision of the Services. If requested by a customer of the Cyberfish products, we will enter the EU Standard Contractual Clauses as approved by the European Commission, or equivalent approved contractual mechanism, to ensure an adequate level of data protection in respect of the Personal that will be transferred. You can obtain more details of the protection given to your Personal Data when it is transferred outside your country by contacting us as described below in the Contact section.

Is my Personal Data secure?

We use reasonable administrative, technical, and physical safeguards designed to protect the security of your Personal Data from unauthorized disclosure, loss, misuse or alteration, but unfortunately, we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of information at any time. Where required under law, we will notify you of any unauthorized disclosure, loss, misuse or alteration of Personal Data that may affect you so that you can take the appropriate actions for the due protection of your rights.

Modifying your account information?

We currently do not provide the functionality for you to access and edit your Personal Data relating to your account required to access and use Cyberfish products. If you want to change the real name, including other Personal Data, used as your account credentials you will have to do so via the third-party account you are using to access the Cyberfish products, such as your Google or Microsoft Office 365 accounts. Your Cyberfish account is created via these third-party services, therefore we do not have control over the access and editing functionalities in respect to such accounts.

Your rights

In addition to any other rights under applicable law, you may have the following rights when we process your Personal Data which you can exercise by contacting us using the details listed the Contact section below. Please note that in some circumstances we may not be able to fulfil your requests, or we may ask you to provide us with additional information in connection with your request.

 

Opt-out.  You may contact us anytime to opt-out of: (i) direct marketing communications; or (ii) any new processing of your Personal Data that we may carry out beyond the original purpose. Please note that your use of the Cyberfish products and websites may be impacted upon such opt-out.

Access. You may access the Personal Data we hold about you at any time by contacting us directly.

Amend. You can also contact us to update or correct any inaccuracies in your Personal Data.

Delete. You can request that we erase your Personal Data.

 

For individual users of of the Cyberfish products, if you want to exercise the rights in this section related to the products, please directly contact our customer organization that is using the Cyberfish product.

California rights

If you are a California resident, the California Consumer Privacy Act of 2018 (“CCPA”) may give you certain rights relating to your Personal Data. Please visit the California Attorney General’s privacy laws page for more information. At points throughout our website, you may be able to provide your contact information. If you provide your contact information through our website, we will maintain that contact information until you request that we delete it. If you want us to delete such contact information, please email us, as per the Contact section below, from the email address you provided originally. We will not discriminate against you for exercising your privacy rights. We do not sell any Personal Data (as defined in the CCPA) collected from our website or our services to third parties and have not done so in the previous twelve (12) months.

Under the California Civil Code, Sections 1798.83-1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Data which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties. If you are a California resident and would like a copy of this notice, please submit a written request to privacy@cofense.com.

Updates to the Privacy Policy

We may need to change this Privacy Policy from time to time. We reserve the right, at any time, to modify, alter, or update this policy, and any such modifications, alterations, or updates will be effective upon posting. If you use the Services after any changes to the Privacy Policy have been posted, this will constitute your acceptance of such changes.

Contact

If you have any questions or concerns regarding this Privacy Policy, or would like to reach our data protection officer, please contact us by email at privacy@cofense.com.