Coalfire Systems, Inc., (“Coalfire”) takes your privacy seriously. We want you to know how we collect, use, share, and protect your personal data.
Personal data means information that relates to you as an individually identifiable person, such as your name, e-mail address, and mobile number.
1. WHAT PERSONAL DATA WE COLLECT
a) Information You Give Us
We collect personal data that you voluntarily share with us through the Site. For example, we may ask you to register and provide information when you download free information, such as white papers and email newsletters, or if you respond to a marketing campaign.
b) Information We Collect Through Technology On The Site
We collect information through technology to enhance our ability to serve you. When you access and use the Site, Coalfire and, in some cases, our third-party service providers collect information about how you interact with the Site. We describe below methods we use to collect information through technology.
When you visit the Site, we collect your device identifier, browser information, and Internet Protocol (IP) address. An IP address is often associated with the portal you used to enter the Internet, like your Internet service provider (ISP), company, association, or university. While an IP address may reveal your ISP or geographic area, we cannot determine your identity solely based upon your IP address. We do not link your personal data to device identifier information, browser information, and IP addresses. Where, according to local law, IP addresses and the like are considered personal data, then we treat them as such.
We, or our service provider, may send a cookie which may be stored by your browser on your computer’s hard drive. We, or our service provider, may use the information we obtain from the cookie in the administration of this website, to improve the website’s usability and for marketing purposes. We may also use that information to recognize your computer when you visit our website, and to personalize our website for you.
We may use anonymous cookies to record non-personal information such as website activity, date and time of visit, and domain type. We may use this information for retargeting purposes.
Most browsers allow you to refuse to accept cookies. (For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector.) This will, however, have a negative impact upon the usability of many websites, including this one.
We include small graphic images or other web programming code, called web beacons (also known as "pixel tags", “web bugs” or "clear GIFs"), on the Site. The web beacons are minute graphics with a unique identifier. They are used to track the online movements of Web users. In contrast to cookies, which are stored in a user's computer hard drive, web beacons are embedded invisibly on Web pages and are about the size of the period at the end of this sentence.
Your ‘Do Not Track’ Browser Setting
We support the Do Not Track (DNT) browser setting. DNT is a preference you can set in your browser’s settings to let the websites you visit know that you do not want the websites collecting your personal data.
We may track your online activities over time and across third-party websites or online services. For example, we might use web beacons to help us determine what links or advertisers brought you to our Site. We then track your activities on our Site.
c) Information Third Parties Provide About You
We supplement the information we collect about you through the Site with records received from third parties in order to enhance our ability to serve you, to tailor our content to you, and to offer you information that we believe may be of interest to you.
Back to top
2. PURPOSES FOR WHICH WE USE THE PERSONAL DATA WE COLLECT
We use the information we collect to serve you and improve your experience on the Site. These purposes include:
- Responding to requests for information
- Responding to requests for service quotes
- Providing users free white papers
- Registering users for Coalfire promotional materials and events
- Contacting users for marketing, advertising, and sales purposes
- Responding to questions and feedback
- Conducting market research and analysis
- Continuously evaluating and improving the online user experience
- Compliance with the law or to protect the rights, property, or safety of Coalfire, our users, or others
We retain your personal data for the duration of the customer relationship, if any. We also retain your personal data for 12 months after our last interaction with you.
Back to top
3. HOW WE SHARE THE PERSONAL DATA WE COLLECT
We do not sell or rent your personal data to third parties. The following are some of the ways we share your personal data:
- Required Disclosures: We may be required to share personal data in a court proceeding, in response to a court order, subpoena, civil discovery request, other legal process, or as otherwise required by law.
- Legal Compliance and Protections: We may disclose account and other personal data when we believe disclosure is necessary to comply with the law or to protect the rights, property, or safety of Coalfire, our users, or others. This includes exchanging personal data with other companies and organizations for fraud protection and credit risk reduction.
- Corporate Transactions: We reserve the right to disclose and transfer your data, including your personal data:
- To a subsequent owner, co-owner, or operator of the Site or successor database.
- In connection with a corporate merger, consolidation, bankruptcy, the sale of substantially all of our membership interests and/or assets or other corporate change, including to any prospective purchasers.
Back to top
4. HOW WE PROTECT THE PERSONAL DATA WE COLLECT
The security and confidentiality of your personal data is important to us. We have technical, administrative, and physical security measures in place to protect your personal data from unauthorized access or disclosure and improper use.
For example, we use Transport Security Layer (TSL) encryption to protect the data collection forms on our Site. In addition, access to customer information is restricted to authorized personnel only. Only employees who need the personal data to perform a specific job (for example, a customer service representative) are granted access to personal data. Employees with access to personal data are kept up-to-date on our security and privacy practices. Credit card numbers are used for payment processing and automatic renewals where applicable, and are not retained for other purposes.
It is important for you to protect against unauthorized access to your password and to your computer. Be sure to close your browser after you have completed your visit to the Site.
Please note that despite our reasonable efforts, no security measure is ever perfect or impenetrable, so we cannot guarantee the security of your personal data.
Back to top
5. YOUR CHOICES REGARDING YOUR PERSONAL DATA
You may contact privacy@Coalfire.com to access, update, correct, and delete your personal data.
- To prevent your data from being used by Google Analytics, you can install Google’s opt-out browser add-on.
- To opt out of interest-based advertising, you can visit http://optout.networkadvertising.org/#!/ and follow NAI’s on-screen instructions. Note that if you opt out through the NAI, you will still receive advertising, but the advertising will not be tailored to your interests. In addition, if you opt out through NAI and later delete your cookies, use a different browser, or buy a new device, you will need to opt out of interest-based advertising again.
- To opt out of ads on Facebook or Google that are targeted to your interests, use your Facebook, LinkedIn, or Google Ads settings.
- Check your mobile device for settings that control ads based on your interactions with the applications on your device. For example, on your iOS device, enable the “Limit Ad Tracking” setting, and on your Android device, enable the “Opt out of Ads Personalization” setting.
CALIFORNIA ONLINE PRIVACY PROTECTION ACT COMPLIANCE/YOUR CALIFORNIA PRIVACY RIGHTS
California residents who use the Site may request that we provide certain information regarding our disclosure of your personal data to third parties for their direct marketing purposes. You can make such a request by e-mail to privacy@Coalfire.com.
Back to top
6. INFORMATION SPECIFIC TO NON-U.S. USERS
a) All locations outside of the United States
The personal data collected through the Site is downloaded to a server maintained by Coalfire. Coalfire is located at AWS-East-01 in the United States. Coalfire will comply with requests to exercise individual data rights in accordance with applicable law. You can contact privacy@Coalfire.com to request to exercise your data rights.
b) European Economic Area and Switzerland
The information in this section, as well as the information in the section above titled “All locations outside of the United States”, applies to users in the European Economic Area and Switzerland (collectively, the “EEA”).
Individuals in the EEA (“EEA Individuals”) are not required by statute or by contract to provide any personal data to the Site. Coalfire sometimes uses EEA Individuals’ personal data submitted through the Site for automated decision-making. For example, Coalfire may display advertisements and send emails to you containing content automatically chosen based on the products you have ordered from us in the past. However, Coalfire will not use EEA Individuals’ personal data submitted through the Site for automated decision-making, including profiling, which produces legal effects or similarly significantly affects the EEA Individual.
Cross-Border Data Transfers:
The personal data collected through the Site will be transferred to the United States. The recipients of personal data collected through the Site (listed in Section 3 above) are located in the United States or in the country where the data was collected. The European Commission has not issued a determination that the United States ensures an adequate level of protection for personal data.
Legal Bases For Processing:
Coalfire processes your personal data with your consent and as required by law. In addition, Coalfire processes your personal data as necessary for the performance of the sales contract, for example, when processing your requests, and to take steps, at your request, before entering into a contract with you. For example, if you ask us for quotes for products and services you are interested in buying, we may send them to you. Coalfire also processes personal data as necessary for its legitimate interests as follows:
- Marketing and advertising: Unless you opt out as described below, we use your personal data regarding products and services you have ordered, or in which you have otherwise demonstrated an interest, as necessary to provide you information about the products and services that we think might interest you in accordance with applicable law.
- Network and information security, fraud prevention, and reporting suspected criminal acts: In the event of fraud, a security incident, or a suspected criminal act, we would examine personal data that appeared to be linked to the incident as necessary to determine what happened, remediate, report to the authorities, and prevent a recurrence.
Right to Object to Processing for Direct Marketing or Legitimate Interests:
EEA Individuals have the right to object to the processing of their personal data for purposes of Coalfire’s direct marketing or legitimate interests by contacting Coalfire at privacy@Coalfire.com.
EEA Individuals have the right to access their personal data collected by the Site and to request that Coalfire update, correct, or delete their personal data as provided by applicable law. EEA Individuals also have the right to object to, or restrict, Coalfire’s processing of their personal data.
In addition, EEA Individuals have the right to data portability concerning their personal data. Subject to certain limitations, the right to data portability allows EEA Individuals to obtain from Coalfire, or to ask Coalfire to send to a third party, a digital copy of the personal data that they provided to the Site. EEA Individuals’ right to access their personal data includes their right to receive a copy of all, or a portion, of their personal data in Coalfire’s possession as long as Coalfire’s providing the personal data would not adversely affect the rights and freedoms of others.
EEA Individuals can exercise these rights by contacting privacy@Coalfire.com. Coalfire will respond to such requests in accordance with applicable data protection law. If EEA Individuals believe that their personal data has been processed in violation of applicable data protection law, they have the right to lodge a complaint with the relevant data protection authority in the country where they reside, where they work, or where the alleged violation occurred.
EEA Individuals may use the contact information above, at any time, to withdraw their consent for the processing of their personal data where Coalfire requires their consent as a legal basis for processing their personal data. Any withdrawal will apply only prospectively, and Coalfire will continue to retain the personal data that EEA Individuals provided before they withdrew their consent for as long as allowed or required by applicable law.
In addition, you may cancel or modify the email communications you have chosen to receive from Coalfire by following the instructions contained in emails from us. Alternatively, you may visit http://www2.coalfire.com/unsubscribe/u/21732 with your request and enter what email addresses you wish not to receive Coalfire emails. Your email address will instantly be unsubscribed.
Data Protection Officer and EU Representative:
Coalfire’s representative in the European Union is Andrew Barratt. You can reach our representative at Suite 9A 53 Portland Street
Manchester, UK, -- M1 3LD
Back to top
Back to top
This web site contains proprietary notices and copyright information, the terms of which must be observed and followed. This site and all content in this site may not be copied, reproduced, republished, uploaded, posted, transmitted, distributed, or used for the creation of derivative works without Coalfire's prior written consent, except that Coalfire grants you non-exclusive, non-transferable, limited permission to access and display the Web pages within this site, solely on your computer and for your personal, non-commercial use of this Web site. This permission is conditioned on your not modifying the content displayed on this site, your keeping intact all copyright, trademark, and other proprietary notices, and your acceptance of any terms, conditions, and notices accompanying the content or otherwise set forth in this site. Notwithstanding the foregoing, any software and other materials that are made available for downloading, access, or other use from this site with their own license terms, conditions, and notices will be governed by such terms, conditions, and notices.
Your failure to comply with the terms, conditions, and notices on this site will result in automatic termination of any rights granted to you, without prior notice, and you must immediately destroy all copies of downloaded materials in your possession or control. Except for the limited permission in the preceding paragraph, Coalfire does not grant you any express or implied rights or licenses under any patents, trademarks, copyrights, or other proprietary or intellectual property rights. You may not mirror any of the content from this site on another Web site or in any other media.
Information on this web site is not promised or guaranteed to be correct, current, or complete, and this site may contain technical inaccuracies or typographical errors. Coalfire assumes no responsibility (and expressly disclaims responsibility) for updating this site to keep information current or to ensure the accuracy or completeness of any posted information. Accordingly, you should confirm the accuracy and completeness of all posted information before making any decision related to any services, products, or other matters described in this site.
Coalfire provides no assurances that any reported problems will be resolved by Coalfire, even if Coalfire elects to provide information with the goal of addressing a problem.
Use of Trademarks and Logos
All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
Use of certain reference documents, collateral and use cases
Coalfire is solely responsible for the contents of Coalfire authored documents as of the date of publication. The contents of these documents are subject to change at any time based on revisions to the applicable regulations and standards (HIPAA, PCI DSS et.al). Consequently, any forward-looking statements are not predictions and are subject to change without notice. While Coalfire has endeavored to ensure that the information contained in these documents have been obtained from reliable sources, there may be regulatory, compliance, or other reasons that prevent us from doing so. Consequently, Coalfire is not responsible for any errors or omissions, or for the results obtained from the use of this information. Coalfire reserves the right to revise any or all of this document to reflect an accurate representation of the content relative to the current technology landscape. In order to maintain contextual accuracy of these documents, all references to these documents must explicitly reference the entirety of these documents inclusive of the title and publication date; Neither party will publish references to these documents without prior written approval. If you have questions with regard to any legal or compliance matters referenced herein you should consult legal counsel, your security advisor and/or your relevant standard authority.
Back to top