This Policy does not apply to information collected by any third party, including through any application or content that links to or is accessible from the Fidelis Services. If you do not agree to the terms of this Policy, please do not use, access, download, install, or utilize (collectively, “use”) any Fidelis Services or otherwise provide us with any personal data.
Below we have outlined the categories of personal data that Fidelis will collect, and the applicable processing purposes associated with the Fidelis Services. Fidelis does not process personal data revealing religious beliefs, racial or ethnic origin, political opinions, philosophical beliefs, trade union membership, or sex life. Fidelis will only process personal data that is necessary for carrying out the purpose for it was collected. The legal basis for the processing purposes listed below is either (i) in connection with a contract, (ii) legitimate business interests (if such interest is not overridden by an individual’s fundamental rights and freedoms or interests), (iii) other applicable legal provisions, or (iv) an individual’s explicit consent. The legitimate business interests are mainly order fulfillment, responding to customer inquiries, communicating with customers and Site users who have requested communication from Fidelis, and promoting Fidelis’ business.
As an integral part of its functionality, the Software will automatically collect, transmit, process, and store certain data and files (“Environment Data”). Such Environment Data is transmitted to our servers so that we can identify potential or actual malicious code, malware, or other intrusive artifacts or processes (collectively “Potentially Malicious Activity”); ensure that the environment being monitored is securely configured; track Software usage and performance; improve the detection, analysis, and response capabilities of the Software; and research emerging threats.
Fidelis supports multiple deployment configurations of the Software to meet our customer’s varying functional, security, privacy, and compliance requirements:
The specific Environment Data collected by the Software differs for each Product and Service and depending on the Software deployed, may include network traffic samples; executable code; potentially malicious data files; the path and file name of potentially malicious code and files; file and system integrity information; system vulnerabilities; memory contents; user names and user account information; IP and MAC Addresses; network information; hardware type; model number; hard disk size; CPU type; disk type; RAM size; systems architecture; operating system versions; BIOS model and version; device ID and location; information about third-party products; and other configurations, settings, and artifacts that exist on, or are being introduced into the computer system, network, or cloud environment being monitored by the Software.
We will automatically collect certain aggregate information and analytical data related to the use of the Fidelis Websites and Services (including visiting the Site – see “Tracking Technologies” below), including the date and time of the visit; the Internet Protocol (“IP”) address of the computer; information about the browser and operating system used; the state or country from which the Site was accessed; the Internet address visited before reaching the Site; error logs; the name of the domain and host used to access the Internet; the features of the Site that were accessed; and other hardware and software information. We will associate the data we automatically collect about you with personal data that you share with us. We use data automatically collected about you as described in this Policy and to manage traffic loads and information technology requirements for providing reliable service, as well as to enhance the Site by tailoring our content to your interests and needs.
If you opt-in (online or in person) to our mailing list or to receive additional information, attend a webinar, or sign up to attend a live event, you will receive emails that include company news, updates, related product or service information, marketing materials, and other information related to Fidelis Services including any information that you have requested. In order to receive these communications, you must provide your name, company name, email address, and phone number. We will associate any personal data you submit to us with information collected about you through other means such as cookies, web beacons, or social media plugins. This will help us better tailor content delivered to you through a variety of ways, including online advertisements. Some of our third-party business partners provide Fidelis with services that require us to provide them with your personal data. These third-party business partners are not permitted to use the information collected on our behalf except to help us conduct business, improve, or provide the Fidelis Services. We include unsubscribe instructions at the bottom of each email if at any time you would like to unsubscribe from receiving future emails.
Information you provide when you create an account on our Site, register your Software, or in relation to the receipt of any other Service includes your name, company name, personal and/or business email address, phone number, and any other personal data you provide (“Account Information”). Your Account Information is stored securely with controlled access and used to inform you of updates, respond to inquiries for service requests, authenticate your use of the Software, manage the Site and the Software, assess the usage of the Services, and (where you have signed up to receive communication from us) send you email and marketing communications.
We will also collect and processes your personal and financial information (bank account information and business contact information) so that we can process your purchase of our Software and Services.
In connection with providing Fidelis Services to its clients, Fidelis collects personal data from employees and customers of our clients, users of our clients’ networks and systems, and individuals that connect to our clients’ networks and systems. The use of information collected as a result of providing Fidelis Services to our clients will be limited to the purposes for providing the Software or Services to the client. We will transfer personal data to other companies that help us provide our Software and Services to our clients. Transfers to subsequent third parties are covered by the service agreements with our clients.
Except as provided in this Policy, we do not sell, trade, lease, rent, or otherwise transfer your personal data to third parties. We reserve the right to share your information with third-party business partners and service providers who assist us in operating our Site, conducting our business, and providing you with the Fidelis Services. Fidelis requires these third parties to take commercially reasonable steps to safeguard your personal data and not use your personal data for other purposes unless you consent.
We will also disclose your personal data as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that such disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, respond to a government request, or to conduct investigations of violations of our End User License Agreement. For example, if we conduct a fraud investigation and conclude that one side has engaged in deceptive practices, we may provide that person or entity’s contact information to victims who request it.
We may also provide access to, assign, or disclose information maintained by us, including your Account Information, in connection with a corporate transaction, such as a merger, acquisition, or purchase of all or substantially all of our assets.
We remind you that you may at any time exercise the following rights:
Any requests related to the above rights may be made by contacting us at firstname.lastname@example.org.
Fidelis acknowledges that you have the above rights regarding your personal data. However, Fidelis has no direct relationship with the individuals whose personal data it will process on behalf of Fidelis’ clients. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to Fidelis’ client (the data controller).
We have implemented measures designed to secure your personal data from accidental loss and from unauthorized access, use, alteration, and disclosure (such as identity an access management, password rotation, access control monitoring, and leading firewall technologies). Personal data provided to us in accordance with this policy will be encrypted in transit.
The information we collect will be stored in the United States because our operations are primarily in the United States. As such, your information will be transferred to, used, processed, or maintained on computers located outside of your province, country, or other governmental jurisdiction, and privacy laws may not be as protective as those in your jurisdiction. In situations where you are located outside the United States and choose to provide information to us, we will transfer your information to the United States and process it there.
Where transfers of personal data are made outside of the European Economic Area (“EEA”) to countries that have different standards of data protection, we will ensure that appropriate safeguards to adequately protect the personal data are implemented to ensure such data transfers in compliance with applicable data protection laws. We have implemented international data transfer agreements based on EU Standard Contractual Clauses in order to provide appropriate and suitable safeguards for personal data being transferred to countries outside the EEA where an adequate level of protection is not already guaranteed. A copy can be obtained by contacting us (contact information provided below).
We do not knowingly collect any information from anyone under 16 years of age, and the Fidelis Services are not intended nor are they directed to children under the age of 16. If you become aware that your child has provided us with personal data without your consent, please contact us at email@example.com. A parent or guardian of a child under the age of 16 may review and request deletion of such child’s personal data as well as prohibit the use thereof. If we become aware that a child under 16 has provided us with personal data, we will take steps to remove such information from our active systems and will terminate the child’s account.
Unless otherwise required by law, Fidelis will erase personal data when it is no longer necessary in relation to the purposes for which was collected or otherwise processed; when you withdraw your consent (where lawfulness of processing was based on your consent) and there is no other legal ground for the processing; when you object to the processing and there are no overriding legitimate grounds for the processing; when your personal data has been unlawfully processed; and when it is necessary to comply with legal obligations.
Please also visit our Terms of Service section establishing the use, disclaimers, and limitations of liability governing the use of the Site at Terms of Service.
This Policy applies only to information collected through our Site or by the use of our Software or the utilization of our Services and not to information collected offline. Your download and use of our Software is subject to additional terms and conditions that define your rights, as well as our rights, with respect to the Software and its use. Those additional terms and conditions are contained in the Evaluation Agreement or End User License Agreement that you are required to accept prior to downloading the Software.
Each time you use the Fidelis Services, the current version of this Policy will apply. We reserve the right to change this Policy at any time to reflect changes in the law, the Fidelis Services we provide, our business and technology, and our data collection and use practices. Accordingly, each time you use the Fidelis Services, you should check the date of this Policy (which appears at the top of the Policy) and review any changes since the last version. If we make any material changes, we will notify you by the email address specified in your Account Information or by means of a notice on the Site prior to the change becoming effective.
Your continued use of the Fidelis Services following the posting of changes to this Policy will mean you accept those changes.
If there are any questions regarding this Policy or our privacy practices, you may contact us using the information below:
Fidelis Security, LLC
Vice President & General Counsel
871 Marlborough Ave Suite 100
Riverside, CA, 92507
If you are a resident in the European Economic Area, Fidelis Security, LLC is the data controller of your personal data, except where we are only acting as a processor on behalf of another controller.