Privacy Policy

Last updated: October 21, 2021

1. Purpose of Policy

1.1.This privacy policy (the “Privacy Policy”) describes the manner in which Noname Gate, Inc. and its authorized affiliate Noname Gate Ltd. (collectively “Noname Security”, “we”, “us”, “our”) collect, use, maintain, and disclose information from users of our website available at: nonamesecurity.com (the “Website”), event participants, business contacts at prospective and existing customers (“Customers”), and from the use of our software service (our “SaaS Platform”) and Partner Relationship Management system (the “PRM”) by “End Users” (the personnel of our Customers who are authorized by the Customer to use the SaaS Platform and/or the PRM); or other situations in which Noname Security is a data controller. Noname Gate Inc. and Noname Gate Ltd. are also referred to as the “Noname Security Group.

1.2.The SaaS Platform is distinguished from the customer-managed “on premise” implementation of Noname Security’s proprietary software application (the “Software”) where the Software is at no time in the possession or control of Noname Security. In such cases, the Customer’s privacy policy applies. 

1.3. Please read this Privacy Policy carefully, so you can understand our practices and your rights in relation to Personal Information. “Personal Information” means information that can be used, alone or together with other data, to uniquely identify any living human being and any information deemed as personally identifiable information by applicable privacy laws. Please note that this is a global privacy policy and some of its provisions only apply to individuals in certain jurisdictions. Nothing in this Privacy Policy is intended to limit in any way your statutory right, including your rights to a remedy or means of enforcement. 

 

2. What Information We Collect, Why We Collect It and How It is Used 


Noname Security processes Personal Information for various purposes, as detailed below: 

2.1. Data collection through the Website:
  1. When you browse our Website and we collect information via cookies and analytics tools. For further information, please see Section‎7 below and our cookie policy;
  2. When you use our “Careers” webpage and when we process your job application;
  3. When you submit a contact us form or request a demo;
  4. When you submit a form to register for a webinar or events or to download an ebook or other gated content;
  5. When you subscribe to our distribution list(s) / newsletter(s) / blog(s).

2.2. Data collection through the PRM

  1. When you create an account and when you log in to our PRM.

2.3. Data collection for managing our business, operations and marketing 

  1. To manage agreements and relations with our business partners such as our service providers, Customers, resellers, distributors, agents and/or finders (e.g. contact details);
  2. To communicate with business contacts to provide support and maintenance to Customers;
  3. To register visitors to our offices and events;  
  4. To ensure the security of the Website, PRM and Platform including to maintain endpoint and network security and prevent fraud and/or misuse of our Website, Platform and PRM;
  5. To enforce our legal rights including to protect our intellectual property, to establish legal claim or defense, to manage legal proceedings and/or to comply with our legal obligations;
  6. To manage contests and promotions; 
  7. To send marketing and other communications.
2.4. In addition, we shall process your Personal Information in these cases:
  1. When you interact with us on our social media profiles (e.g., Facebook, Instagram, Twitter, LinkedIn);
  2. To achieve other legitimate interests or where you have provided your consent.

2.5. For more details on the processing of Personal Information under each use case, please see the table below:

Specific Personal Data we collect

Why is the Personal Data collected and for what purposes?

Legal basis (GDPR only, if applicable)

Third parties with whom we share your Personal Data 

Data collection through our Website

1. When you browse our Website and PRM and we collect information via cookies or analytics tools – for further information on the processing for this use case please section ‎7 below and/or our cookie policy.
2. When you use our “Careers” webpage and when we process your job application

Any information you decide to provide in your CV and job application including name, address, phone email, references, education and professional experience.

  • To contact you regarding the position you applied for.

Steps for entry into a contract with a data subject

3rd party platforms such as:

Comeet – information management and storage



3. When you contact us, including to request a product demo and when you register to our events 
  • Full name
  • Work email address
  • Job title
  • Company
  • Phone
  • State (US)
  • Country 
  • To respond to your inquiry 
  • To register you to a demo at your request
  • to register you to our events

Consent

3rd party platforms such as:

Hubspot for form processing and updating our CRM.

BrightTALK for webinar registration and content download form processing.

4. When you subscribe to our distribution list(s) / newsletter(s) / blog(s) 
  • Full name
  • Email address
  • To send you communications at your request

Consent

3rd party platforms such as:

No 3rd party platforms in use.

Data collection through the PRM:

5. When you create an account and when you log in to our PRM
  • Full name
  • Email address
  • Username
  • password
  • To enable you to use our PRM

Consent

3rd party platforms such as:

PRM



Data collection for managing our business, operations and marketing 

6. To manage agreements and relations with our business partners such as our service providers, Customers, resellers, distributors, agents and/or finders (e.g. contact details)
  • Full name
  • Work email address
  • Job title
  • Company
  • Phone
  • Country 
  • To communicate with you in order to facilitate the business relations with the organization you represent and are engaged with

Legitimate interest

3rd party platforms such as:

Salesforce

Hubspot

Document 360

PRM

7. To communicate with business contacts to provide support and maintenance services to Customers
  • Full name
  • Work email address
  • Job title
  • Company
  • Phone
  • Country 
  • To communicate with you in order to facilitate the business relations with the organization you represent and are engaged with

Legitimate interest

3rd party platforms such as:

Hubspot

Salesforce



8. Enforce our legal rights including to protect our intellectual property and/or to comply with our legal obligations
  • Any information that may be required depending on the legal proceeding
  • To enforce our rights and manage legal proceedings
  • To comply with legal obligations

Legitimate interest


Compliance with legal obligations

3rd party platforms such as for the following purposes:

Depending on the case. information to be provided to the data subject as applicable.

9. To send marketing and other communications
  • Full name
  • Email address
  • To respond to inquiries, requests, and to provide relevant updates and information

Legitimate interest

3rd party platforms such as for the following purposes:

HubSpot

Salesforce

 

2.6.Finally, please note that in certain cases, we will anonymize or de-identify your Personal Information and further use it (for internal and external purposes, including, without limitation, to improve the services and for research purposes). “Anonymous Information” means information which does not enable identification of an individual user, such as aggregated information about the use of our services. We may use Anonymous Information and/or disclose it to third parties without restrictions (for example, in order to improve our services and enhance your experience with them).

3. With Whom Does Noname Share Personal Information?

3.1. In addition to the recipients described in Section 2.3 above, we may share your Personal Information as follows:

  1. Under no circumstance does Noname Security sell, trade, or rent the personal information we collect from our Website to others; (provided however that where the use of certain cookies or analytics tools is considered a sale under the CCPA (defined in Section 8.2 below) we use such cookies or tools as required under the CCPA.
  2. Operations. We will share Personal Information with qualified security vendors, if necessary to identify and repair errors, to conduct audits, and for security purposes.
  3. Business Partners. We share Anonymous Information regarding visitors and users of our Website, PRM and SaaS Platform with our affiliates and business partners with whom we jointly offer products or services for the purposes outlined above.
  4. Customers. When we collect Personal Information through our SaaS Platform, it is made available to the SaaS Platform Customer who was the source of the information and we use it as described in the Privacy Policy, terms and conditions, contract or otherwise as directed by our Customers.
  5. Service Providers. We use third party service providers or partners to help us operate our business; provide, support, maintain, or secure our Website, PRM and SaaS Platform; or administer activities on our behalf, such as events or marketing campaigns. It is necessary to provide or allow access to Personal Information to these third-parties for those purposes.
  6. Legal and Professional Advisors. We provide information regarding our business to our auditors, legal counsel and other advisors. In some cases, the shared information will contain Personal Information, which shall be used by such parties only for the purpose of providing their professional services.
  7. Legal Disclosures. We may also disclose Personal Information as required by applicable laws, regulations and rules (including, without limitation, federal, state or local laws), with regulators, courts or competent authorities; to comply with a subpoena or similar legal process; or when we believe that disclosure is necessary or appropriate to protect our rights, protect safety or the safety of others, for investigating, detecting, taking steps to prevent, and prosecution of fraud or other illegal activity, or respond to a government request.
  8. Noname Security Group Companies. We may also share Personal Information with our affiliated companies about you, internationally. They may combine this Personal Information with other details they hold about you, for the purposes explained in this Privacy Policy. Noname Security uses several legal mechanisms, including EU Standard Contractual Clauses, to help ensure that your rights and protections are respected by all companies of the Noname Security Group.
  9. M&A, re-organization. If, in the future, we sell or transfer, or we consider or negotiate selling or transferring, some or all of our business, shares or assets to a third party, we will disclose your Personal Information to such third party (whether actual or potential) in connection with the foregoing events. In the event of bankruptcy, consolidation or restructuring, financing, or acquisition of all or a portion of our business by or to another company or a comparable event, we reserve the right to transfer, disclose or assign your Personal Information in connection with the foregoing events.
  10. IIf you want to receive the list of the current recipients of your Personal Information, please make your request by contacting us at privacy@nonamesecurity.com.

 

4. Software-as-a-Service (SaaS) Platform

 

4.1. To the extent Noname Security collects personal information through its SaaS Platform, we only collect, process and store information under the authority and direction of our Customers, which often are corporate entities. To the extent such data is accessed within the Noname SaaS Platform, access is limited to individuals determined by the Customer organization or by Noname for the purposes of service and support in fulfillment of contractual obligations.

4.2. If you are an End User, inquiries about the specific processing of a your Personal Information via Noname Security should be directed to the Customer you are engaged with. Regardless, the use of the information collected through our SaaS Platform is limited to the purpose of providing the security service for which our Customers have engaged Noname Security through a contractual agreement. We do not use any Personal Information collected through our SaaS Platform to contact or market products or services to End Users.

 

5. How We Protect Information

 

5.1. We adopt data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of Customer data and Personal Information. We follow generally accepted practices to protect Customer data and the Personal Information collected and submitted to us, both during transmission and once we receive it. However, please note that we cannot guarantee that such information will not be compromised as a result of unauthorized penetration to our servers. As the security of information depends in part on the security of the computer, device or network you use to communicate with us and the security you use to protect your user IDs and passwords, please make sure to take appropriate measures to protect this information.

5.2. Noname Security provides evidence of controls through a variety of means, as requested by the Noname Security Customer, such as results of independent audit of security controls or relevant certifications. For more information on Noname Security data security and protection controls and policies, please contact privacy@nonamesecurity.com.

 

6. International Data Transfers

 

6.1. Noname Security’s operations are global, and therefore, we may store information in the United States and other locations worldwide where Noname has facilities.

6.2. Storage: We store the Personal Information with the following companies: SalesForce - US and Hubspot – US, Comeet - US.

6.3. External transfers: Where we transfer your Personal Information outside of EU/EEA (for example to third parties who provide us with services), we will generally obtain contractual commitments from them to protect your Personal Information. When we engage in such transfers of Personal Information, it relies on i) Adequacy Decisions as adopted by European Commission on the basis of Article 45 of Regulation (EU) 2016/679 (GDPR) (for example, when we access from Israel), or ii) Standard Contractual Clauses issued by the European Commission and additional measures as required under the GDPR.

6.4. For inquiries related to Noname Security’s privacy considerations for EEA customers and persons, please contact privacy@nonamesecurity.com.

 

7. Retention of Personal Information


7.1. Personal Information gathered through corporate operations (e.g. websites, marketing, customer contact information) is retained only as long as needed to fulfill the purpose for which we collected it and for a reasonable period thereafter in order to: i) comply with audit, contractual, legal, tax or accounting  requirements, or ii) where we have a legitimate interest in doing so. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may retain Anonymous Information indefinitely or to the extent allowed by applicable law. We may retain Personal Information preserved in automatically generated computer backup or archival copies generated in the ordinary course of our information technology systems procedures.

7.2. We have an internal data retention policy to ensure that we do not retain your Personal Information perpetually. Regarding retention of cookies, you can read more in our cookie policy.

 

8. Data Protection Rights


8.1. European Economic Area, United Kingdom, and Switzerland

For residents of the European Economic Area, United Kingdom, or Switzerland, individual data protection rights are as follows:

  1. If you wish to access, correct, update or request deletion of your Personal Information, you can do so at any time by contacting Noname Security using the contact details provided below or by email at privacy@nonamesecurity.com;
  2. You can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information. You have the right to object to profiling. You can exercise these rights by contacting Noname Security using the contact details provided below or by email at privacy@nonamesecurity.com;
  3. You have the right to opt-out of marketing communications we send to you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing, such as telemarketing, then please contact Noname Security using the contact details provided below or by email at privacy@nonamesecurity.com;
  4. If Noname Security has collected and currently processes your Personal Information with your consent, then you can withdraw your consent at any time. Please note that there may be circumstances in which we are entitled to continue processing your data, in particular if the processing is required to meet our legal and regulatory obligations. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your Personal Information conducted in reliance on lawful processing grounds other than consent;
  5. You have the right to complain to a data protection authority about Noname Security’s collection and use of your Personal Information.
8.2. California Consumer Protection Act 2018
  1. The California Consumer Protection Act 2018 ("CCPA") provides consumers (California residents) with specific rights regarding the processing of their personal information. Section 2 of this Notice includes the categories of consumer Personal Information Noname Security has processed during the past 12 months. Subject to exceptions, you may request disclosure or request deletion of your Personal Information at any time by contacting Noname Security using the contact details provided below or by email at privacy@nonamesecurity.com;
  2. You have the right to know what Personal Information is being collected about you, This include the right to request that we disclose what Personal Information of yours  we collect, use, disclose, and sell;
  3. You have the right to request the erasure/deletion of your Personal Information (e.g. from our records and the records of our service providers). Please note that there may be circumstances in which we are required to retain your Personal Information, for example for the establishment, exercise or defense of legal claims;
  4. You have the right to know whether your Personal Information is sold or disclosed and to whom;
  5. You have the right to restriction of, or object to, processing of your Personal Information, including the right to opt in or opt out of sale of your Personal Information to third parties, if applicable, where such requests are permitted by law;
  6. You have the right not to receive discriminatory treatment for the exercise of the privacy rights conferred by the CCPA;
  7. You have a right to lodge a complaint with your local data protection supervisory authority (i.e., your place of habitual residence, place or work or place of alleged infringement) at any time or before the relevant institutions in your place of residence (e.g. the Attorney General in your State);
  8. Even if you opt out, we may still collect and use non-Personal Information regarding your activities on our services and for other legal purposes as described above. While we cannot guarantee privacy perfection, we will address any requests to the best of our ability as soon as possible. We will process such requests in accordance with applicable laws;
  9. If you are an individual protected by CCPA, you can make your requests by email or via our toll-free telephone number +1 (855) 277-9913.  You may use an authorized agent to submit a request on your behalf if you provide the authorized agent written permission signed by you. 

8.3. Noname Security responds to verifiable requests received from individuals who wish to exercise their data protection rights in accordance with applicable data protection laws. When contacting us, please provide us with detailed information about the Personal Information you are requesting we correct, update, amend, or remove, and the timeframe and manner in which you believe we came to collect your Personal Information. To protect your privacy, we may take steps to verify your identity before fulfilling your request. Subject to legal and other permissible considerations, we will make every reasonable effort to honor your request promptly in accordance with applicable law or inform you if we require further information in order to fulfill your request. When processing your request, we may ask you for additional information to confirm or verify your identity and for security purposes, before processing and/or honoring your request. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. In the event that your request would adversely affect the rights and freedoms of others (for example, would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with your request in a different way than initial requested, we will address your request to the maximum extent possible, in full accordance with applicable law. 

8.4. If we obtained your Personal Information from a Customer or third party acting on your behalf, you should contact the company or person you provided your information to directly.

 

9. Cookies and Similar Technologies


Noname Security public Website, PRM and SaaS Platform may use cookies, local storage (HTML5), scripts and similar technologies to disclose general purpose of collection and use.

9.1. Log Files

We use log files. We use such information to analyze trends, administer the Website, track users’ movement around the Website, and gather demographic information.

9.2. Analytical Tools

  • Google Analytics. The Website uses a tool called “Google Analytics” to collect information about use of the Website. Google Analytics collects information such as how often users visit this Website, what pages they visit when they do so, and what other websites they used prior to coming to this Website. We use the information we get from Google Analytics to maintain and improve the Website and our products. We do not combine the information collected through the use of Google Analytics with Personal Information we collect. Google’s ability to use and share information collected by Google Analytics about your visits to this Website is restricted by the Google Analytics Terms of Service, available at https://marketingplatform.google.com/about/analytics/terms/us/, and the Google Privacy Policy, available at http://www.google.com/policies/privacy/. You may learn more about how Google collects and processes data specifically in connection with Google Analytics at http://www.google.com/policies/privacy/partners/. You may prevent your data from being used by Google Analytics by downloading and installing the Google Analytics Opt-out Browser Add-on, available at https://tools.google.com/dlpage/gaoptout/
  • Hotjar. The Website uses Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf. For further details, please see Hotjar’s privacy policy at https://www.hotjar.com/legal/policies/privacy. You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our Website and Hotjar’s use of tracking cookies on other websites on this link https://www.hotjar.com/legal/compliance/opt-out
  • Advertising Partners.  Through our services, we allow third party advertising partners to set technologies and other tracking tools to collect information regarding your activities and your device (e.g., your IP address, mobile/website identifiers, page(s) visited, location, time of day). We also combine and share such information and other information (such as demographic information and past purchase history) with third party advertising partners. These advertising partners will use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit third party websites within their networks. This practice is commonly referred to as “interest-based advertising” or “online behavioral advertising. We allow access to other data collected by the services to share information that may be useful, relevant, valuable or otherwise of interest to you. If you prefer not to share your Personal Information with third party advertising partners, you may let us know.
  • We reserve the right to remove or add new analytic tools.

 

10. Interaction with Third Party Products

10.1. We enable you to interact with third party websites, mobile software applications and products or services that are not owned or controlled by us (each a “Third Party Service”). We are not responsible for the privacy practices or the content of such Third Party Services. Please be aware that Third Party Services can collect Personal Information from you. Accordingly, we encourage you to read the terms and conditions and privacy policies of each Third Party Service.

 

11. Specific Provisions Applicable Under California Privacy Law

 

11.1. California Privacy Rights: California Civil Code Section 1798.83 permits our customers who are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to: privacy@nonamesecurity.com. Please note that we are only required to respond to one request per customer each year.

11.2. Using an authorized agent. You may submit an application through someone holding a formal Power of Attorney. Otherwise, you may submit a request using an authorized agent only if (1) you provide the authorized agent with written permission to make a request and (2) you verify your own identity directly with us. We will require the agent to submit proof to us that they have been authorized to make requests on your behalf.

11.3. Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers.  We do not respond to or honor DNT signals transmitted by web browsers, but we may allow third parties, such as analytics tools providers, to collect personally identifiable information about an individual consumer’s online activities over time and across different web sites when a consumer uses the Services.

11.4. Deletion Of Content From California Residents: If you are a California resident under the age of 18 and a registered user, California Business and Professions Code Section 22581 permits you to remove content or Personal Information you have publicly posted. To remove, please send an email to: privacy@nonamesecurity.com. Please be aware that after removal you will not be able to restore removed content. In addition, such removal does not ensure complete or comprehensive removal of the content or Personal Information you have posted and that there may be circumstances in which the law does not require us to enable removal of content.

 

12. Use by Children

12.1. We do not offer our products or services for use by children and, therefore, we do not knowingly collect Personal Information from, and/or about children under the age of eighteen (18). If you are under the age of eighteen (18), do not provide any Personal Data to us without involvement of a parent or a guardian. For the purposes of the GDPR, we do not intend to offer information society services directly to children. In the event that we become aware that you provide Personal Information in violation of applicable privacy laws, we reserve the right to delete it. If you believe that we might have any such information, please contact us at privacy@nonamesecurity.com.

 

13. Changes to this Privacy Notice

13.1. Noname Security may update this Privacy Policy at any time to reflect changes to our information practices. If we make significant changes in how we use your personal information, we will notify you by email if reasonable possible and legally required; or by means of a notice on the Website.

 

 

14. Contacting Us


14.1. If you have any questions about this Privacy Policy or our privacy practices, please contact us at:

Chief Information Security Officer

Noname Security

181 Metro Dr Suite 290, San Jose, CA 95110

privacy@nonamesecurity.com