AttackIQ abides by the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of Personal Information (as defined below) from European Union member countries and Switzerland. AttackIQ has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view AttackIQ’ certification, please visit http://www.export.gov/safeharbor/
“Personal Information” means any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity.
AttackIQ will inform individuals about the purposes for which it collects and uses Personal Information about them, the types of non-agent third parties to which AttackIQ discloses that information, and the choices and means, if any, AttackIQ offers individuals for limiting the use and disclosure of their Personal Information. Notice will be provided in clear and conspicuous language when individuals are first asked to provide Personal Information to AttackIQ, or as soon as practicable thereafter, and in any event before AttackIQ uses the information for a purpose other than that for which it was originally collected.
AttackIQ will offer individuals the opportunity to choose (opt out of) whether their Personal Information is (a) to be disclosed to a non-agent third party, or (b) to be used for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual. For sensitive Personal Information, AttackIQ will give individuals the opportunity to affirmatively and explicitly (opt in) consent to the disclosure of the information to a non-agent third party or the use of the information for a purpose other than the purpose for which it was originally collected or subsequently authorized by the individual.
AttackIQ will provide individuals with reasonable mechanisms to exercise their choices should requisite circumstances arise. In order to request that AttackIQ not use an individual’s non-public Personal Information, such individual should contact AttackIQ by email at: firstname.lastname@example.org to request access to, correct or delete any Personal Information that you have provided to us. Individuals may also opt out of receiving marketing messages from AttackIQ by notifying AttackIQ at: email@example.com.
AttackIQ will use Personal Information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. AttackIQ will take reasonable steps to ensure that Personal Information is relevant to its intended use, accurate, complete, and current.
AttackIQ may disclose Personal Information to business partners and subcontractors as necessary in connection with the performance of requested services or solutions, or as otherwise appropriate in connection with a legitimate business need. AttackIQ may also disclose Personal Information as necessary in connection with the sale or transfer of all or part of its business. In these situations, AttackIQ will require the recipient of the data to protect the data in accordance with the relevant principles in the Safe Harbors or otherwise take steps to ensure that the Personal Information is appropriately protected. AttackIQ may also disclose Personal Information as required or permitted by law, or when AttackIQ believes that disclosure is necessary to protect its rights and/or to comply with a judicial proceeding, a court order, a law enforcement request, or other legal process.
We are committed to securing all Personal Information provided to us. We have deployed and maintain process and technology measures to provide reasonable assurance that your Personal Information is secured against unauthorized use, loss or disclosure.
Upon request, AttackIQ will grant individuals reasonable access to Personal Information that it holds about them. In addition, AttackIQ will take reasonable steps to permit individuals to correct, amend, or delete information that is demonstrated to be inaccurate or incomplete. AttackIQ agrees to process all reasonable requests for access within a reasonable time period, but reserves the right to deny access or limit access in cases where the burden or cost of providing access would be disproportionate to the risks to the individual’s privacy or in the case of a vexatious or fraudulent request. Any employee of AttackIQ that desires to review or update their Personal Information can do so by contacting their human resources representative.
If you have any questions, comments or concerns about our privacy practices, please contact us by e-mail at firstname.lastname@example.org.