Privacy Policy
Last revised 8/22/2023
Your privacy is important to us, and we want to ensure you understand how we handle your information. This Privacy Policy (“Policy”) outlines how Claroty Ltd. and its subsidiaries (“Claroty,” “we,” or “us”) collect, use, and protect information from users of our websites (like claroty.com, portal.claroty.com, and nexusconnect.io) (collectively, “Websites”), event attendees, and potential customers. This policy is not intended to cover information we gather from use of our products and services (our “Offerings”). Details related to our product and service privacy efforts can be found in your customer agreement, our Data Processing Addendum and the Claroty Trust Center. Throughout this Policy, we might use terms like “user,” “customer,” “you,” and “your” interchangeably.
This Policy does not apply to personal information Claroty processes as a processor or to our employee data. Your use of our website is also governed by our website’s Terms and Conditions.
1. How We Collect and Use Data
1.1 What Information Do We Collect?
We may collect personal information such as business contact information, technical unique identifiers, authentication credentials, and other personal information you share with us. This information may include your Internet Protocol (IP) address, browser information, device ID, and how you connect to our Websites or Web Portals (defined below). If you need to log in to access parts of our site, we collect usernames, passwords, and other login credentials to verify your authorization to access the feature or Offering.
Claroty’s Websites and Offerings are not directed at children, and we do not knowingly collect or sell personal information from individuals under the age of 16.
1.2 How Do We Collect and Use Your Information?
Our Websites provide Internet-based access for users to learn about Claroty and our Offerings and to communicate with us and with others. The web portals that may exist within our Websites(“Web Portals”) provide you with access to our Offerings. When you use our Websites and Web Portals, we gather information, some of which may be considered personal information, in your jurisdiction for the purposes described below:
Information You Provide
Business Contact Information - If you register to attend one of our in-person or virtual events, download one of our Resources, sign up for a Free Trial of an Offering, or visit one of our offices, we will receive personal information about you, which may include your name, phone number, business email address, company name, and country. We use this information consistent with the purpose for which you provided it, such as to contact you about our Offerings or to provide you with company news, updates, and other Claroty-related information. We may also associate personal information that you submit to us, including email addresses, with information collected about you through other means such as cookies, web beacons, or social media plugins. This will help us better tailor content delivered to you in a variety of manners. If at any time you would like to unsubscribe from receiving future emails, you can follow the unsubscribe instructions at the bottom of each email or you may request that we cease use of such information by emailing privacy@claroty.com.
Audio, Electronic, or Visual Information - If you attend one of our in-person or virtual events or agree to be recorded in a telephone or virtual meeting, we may record some or all of that event or meeting with your prior consent. We may document the event in various ways, like taking photos at the event, interviewing you at the event, or recording your participation in interactive sessions. We use this information for business and marketing purposes, to enhance our offerings, to gauge your satisfaction with, or interest in, our offerings, and to enhance your user experience.
Links to Other Websites - Our Websites include links to other websites whose privacy practices may differ from ours. If you submit personal information to any of third party sites or services, your information is governed by the privacy policies and practices of such third parties.
Information Received From Third Party Sources
We may receive personal information about you, such as your name, email address, or other information like a profile picture, from third party sources where those parties have indicated they have your consent or are otherwise legally permitted or required to disclose your personal information to us. For example, we may be provided with information about individuals interested in using our Offerings, joining our company, or when using third-party authentication options to sign up for or log in to our Offerings
How We Use Your Information
We may use the information, including personal information, that you provide to us or that is provided to us by third-party sources for a variety of purposes, including but not limited to:
Business and Operations - We may use personal information you provide to us or that is provided to us by third party sources as required in order to run our business, including running and maintaining our Websites and Webpages and infrastructure; improving customer and user experience; providing support; improving current and developing new features, products, and services; processing payments and agreements; managing contests and promotions; analyzing trends; furthering other legitimate interests where you have provided consent; and other business and operational-related purposes, including running and maintaining our Partner Portal Program.
Marketing and Commercial Activity - We may use the personal information that you provide to us or that is provided to us by third party sources to send you marketing and other communications; to conduct joint marketing efforts with our partners; to conduct digital and direct marketing; to connect you with our partners and resellers; and other marketing and commercial related-purposes.
Security - We may use the personal information that you provide to us or that is provided to us by third party sources to help ensure the security and integrity of our Websites and Web Portals, our physical office locations, and our Offerings; to help prevent fraud; to maintain endpoint and network security; and other security-related purposes.
Legal and Compliance - We may use the personal information that you provide to us or that is provided to us by third party sources to comply with our legal obligations; protect our intellectual property; enforce our legal rights; and other legal and compliance-related purposes.
1.3 How We Share Your Personal Information
We may disclose personal information, including business contact information or aggregated demographic information about visitors and users of our Websites with our subsidiaries, partners, sponsors, and service providers as described in more detail below, consistent with the purposes previously outlined above. In some circumstances, disclosure of such information could be considered to be “sharing” or a “sale” under the California Consumer Privacy ACt CCPA. When we collect personal information through our Offerings, it is made available to the customer who was the source of the information and we use it as described in this Policy, our agreement with a customer or partner of Claroty, or otherwise as directed by our customers.
Internet Activity Service Providers - We may disclose internet or other electronic network activity information, such as browsing history, search history, and information regarding a consumer’s interaction with a website, or advertisement if you enable or do not disable advertising and social media cookies.
Social Media Features - Our Websites include hyperlinks to third-party social media webpages. These webpages may collect your IP address, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our Websites. Your interactions with these features are governed by the privacy policy of the company providing them.
Event Sponsors - If you choose to register for or attend one of our virtual or in-person events or webinars, enter a contest or raffle with us and a sponsor, or use one of our Resources from our website, we may disclose your contact information, content interest information, activity data, and any other information, including personal information, collected in the course of these activities for commercial purposes to those sponsors. In many cases, you intentionally disclose your details by providing your information to these sponsors through consent via a registration form or at the applicable sponsor’s booth.
Partners and Resellers - We may disclose your personal information, such as contact information, business details, and content interest and activity details, to our partners and resellers for business purposes, such as to provide product support, carry out business communications, or conduct joint marketing efforts. In many cases, you intentionally disclose your details by providing your information to these sponsors through consent via a registration form.
With our Subsidiaries, Related to Corporate Transactions, the Provision of Professional Services, and Legal Disclosures - For all categories of data we collect, we disclose personal information to our affiliates and subsidiaries for business purposes, including any service providers and agents that work on our behalf. We may also disclose your personal information to our professional service providers (for example, our auditors, insurance providers, financial service providers, and legal advisors) as needed for us to run our business; provide our Offerings and Websites; support, maintain, or secure our Offerings and Websites; or administer activities on our behalf, such as events or marketing campaigns. We may also disclose your personal information as required by law, such as to comply with a subpoena or similar legal process, or when we determine disclosure is necessary or appropriate to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request
2. Legal Basis for Processing Personal Information (EEA Visitors Only)
If you are a visitor from the European Economic Area or the United Kingdom, Claroty’s legal basis for collecting and using the personal information collected will depend on the type of personal information and the specific context in which we collect it.
We collect personal information (i) as needed to perform a contract, (ii) to process personal information that is in our legitimate interests and not overridden by your rights, (iii) when you provide your consent, (iv) to comply with a legal obligation, (v) to perform a task for the public interest, or (vi) for the protection of your or another’s vital interests.
If we collect and use your personal information in reliance on our legitimate interests or those of any third party, we will explain those interests to you at the relevant time through this Policy or upon your request. Typically, legitimate interests involve our every day operations, such as the ability to operate our Offerings, communicate with you to provide our Offerings, respond to your inquiries, or conduct marketing efforts. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our customers.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact information at the end of this Policy.
3. Cookies and Similar Technologies
When you access or use our Websites, we or our third party service providers may use industry-wide technologies such as “cookies” or other similar technologies which store certain information on your computer or device (“Cookies”), which will allow us to enable automatic activation of certain features and make your experience much more convenient and effortless. We or our authorized third party service providers may use both session cookies (which expire once you close the Site) and persistent cookies (which stay on your system until you delete them). It is easy to disable or delete Cookies. Most browsers will allow you to erase cookies from your computer’s hard drive, block acceptance of cookies, or receive a warning before a cookie is stored. However, if you disable or erase cookies, your online experience may be limited. Cookies usually store only non-personal Information, such as the web pages you have visited, the duration of your browsing, etc. Claroty does not control such third party service providers.
4. Our Offerings
If you are a user of one of our Offerings, we obtain the personal information you provide us during the sales and/or fulfillment process or when you enter and use our Partner Program Portal. We may use the personal information you provide to contact you and to provide and inform you of Offerings, send you an invoice, ask you to fill out a survey so we can determine how our Offerings are used and enhance your customer and user experience, perform accounting, auditing and collection activities, answer questions, and provide support or other similar services.
5. How We Protect Your Information
We adopt technological and organizational safeguards to protect against unauthorized access, alteration, disclosure or destruction of customer data and your personal information. Details about such safeguards can be found at the Claroty Trust Center. We follow generally accepted practices to protect customer data and the personal information collected and submitted to us, both during transmission and once we receive it. If you have questions about the security of your personal information collected through our Offerings or Websites, you can contact us at privacy@claroty.com.
6. International Data Transfers
Claroty’s mission is global, and therefore, we may store information in the United States and other locations worldwide where we or our service providers have facilities. Where applicable, Claroty relies upon an adequate mechanism, such as standard contractual clauses, for the international transfer of personal information. Specific to our Offerings, Claroty provides a Data Processing Addendum to customers that incorporates the EU Standard Contractual Clauses.
7. Retaining Personal Information
We will retain your personal information for as long as needed to fulfill the purpose for which we collected it and for a reasonable period thereafter in order to comply with audit, contractual, or legal requirements, or where we have a legitimate interest in doing so. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. We may retain aggregated or de-identified data indefinitely, or to the extent allowed by applicable law, as such information would not be considered personal information. We may retain personal information preserved in automatically generated computer backup or archival copies generated in the ordinary course of our information technology systems procedures.
8. Residents of the European Economic Area, United Kingdom, and Switzerland
If you reside in the European Economic Area, United Kingdom, or Switzerland and where we are a data controller, your data protection rights are as follows:
If you would like to access, correct, update or request deletion of your personal information at any time, you can contact us using the contact details provided below or by email at privacy@claroty.com. You can object to processing of your personal information, ask us to restrict processing of your personal data, or request portability of your personal information. You can exercise these rights by contacting Claroty using the contact details provided below or by email at privacy@claroty.com. You have the right to opt-out of marketing communications we send to you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing emails we send you. To opt-out of other forms of marketing, such as telemarketing, then please contact us using the contact details provided below or by email at privacy@claroty.com. If we have collected and are currently processing your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent. You have the right to complain to a data protection authority about our collection and use of your personal information.
We respond to verifiable requests received from individuals who wish to exercise their data protection rights in accordance with applicable data protection laws. When contacting us, please provide us with detailed information about the personal information you are requesting we correct, update, amend, or remove, and the timeframe and manner in which you believe we came to collect your personal information. If we obtained your personal information from a customer or third party acting on your behalf, you should contact the company or person you provided your information to. If you would no longer like to be contacted by one of our customers or would like to have your personal information corrected, updated, amended, or removed, please contact the customer (“data controller”) that you interact with directly.
9. Residents of the United States
9.1 California and Virginia Residents
Under the California Privacy Rights Act (‘CPRA’) and Virginia Commonwealth Data Protection Act (‘CDPA’), residents of California and Virginia have certain rights regarding the personal information that businesses collect and process about them. This includes the rights to request access or deletion of your personal information, as well as the right to direct a business to stop selling or sharing your personal information.
We are required to detail the categories of personal information we collect and/or share. The details of categories of personal information we collect and/or share are included in this policy.
We collect, and in the past 12 months have collected, the following categories of personal information for our business purposes:
Personal Identifiers.
Information collected by cookies and other technologies, including IP address.
Internet or other electronic network activity information`, including app log information, content you view or engage with, and app, browser and device information.
Inferences drawn from any of the above categories of personal information.
While we do not sell personal information in exchange for any monetary consideration, we do share personal information for other benefits as defined by Cal. Civ. Code 1798.140(ad)(2). We have shared in the preceding 12 months personal information as necessary for specific “business purposes,” as defined by Cal. Civ. Code 1798.140(e) and as specified in this Policy. This includes sharing personal identifiers, commercial information, and internet or other electronic network activity with payment processing providers, customer relationship management, consulting, e-mail, product feedback, helpdesk services, advertising networks, website analytics companies, and event sponsors. You have a right to direct us not to sell or share your personal information. We do not sell or share the personal information of consumers who are under 16 years of age.
For more information on how to exercise your rights, including the list of privacy rights that may be available to you, or to access, review, update, correct, delete any personal information we hold about you, or exercise any other privacy rights available to you, including the right to opt out from selling or sharing your personal information, please contact us at privacy@claroty.com.
We aim to respond to your request within the required timeframes. If we need more time, we will inform you of the reason and extension period in writing. We will reply to you by mail or email, at your option. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
9.2 Right to Appeal – California and Colorado
If we do not take action on your request within the 45-day response period, or in the event of an extension, within the maximum 90-day response period, we will inform you in writing of the reasons for not taking action, as well as provide an explanation of any rights you have to appeal the decision.
9.3 Right to Appeal – Virginia and Connecticut
You have the right to appeal a refusal to take action on a request within a reasonable period of time after your receipt of our decision. Within 60 days of receipt of an appeal, we will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If the appeal is denied, you will be provided with a method through which you may contact the Attorney General of Virginia (if you are a Virginia resident) or Attorney General of Connecticut (if you are a Connecticut resident) to submit a complaint.
9.4 California and Delaware “Do Not Track” disclosures
Privacy regulations in the United States, such as the laws of California and Delaware, require us to indicate whether we honor your browser’s “Do Not Track” settings concerning targeted advertising. Claroy adheres to the standards set out in this Policy and does not monitor or respond to Do Not Track browser requests.
10. Privacy Policy Changes
We may update this Policy from time to time to reflect changes to our information practices. For the latest information on our privacy practices, we encourage you to periodically review this Policy.
11. Contact Us
If you have any questions about this Policy, please contact us at privacy@claroty.com.
