This Privacy Policy applies to information collected by:
As it relates to the provision of our Services, we process Personal Data on behalf of and under the instruction of our respective business customers pursuant to our contracts or terms of service, and in accordance with our , available at www.huntress.com/legal. With respect to Personal Data collected or used by our Services, (i) ĢTV is a data processor or subprocessor under the EU General Data Protection Regulation, UK General Data Protection Regulation, and Swiss Data Protection Act (collectively, “European Data Protection Laws”) and a service provider under the California Consumer Privacy Act (“CCPA”) and other similar state or international data privacy laws, and (ii) our business customers are the data controllers under European Data Protection Laws. ĢTV’ customers are responsible for disclosing to their customers and/or end users their rights with respect to their Personal Data and other information regarding the collection and use of that Personal Data, in accordance with the European Data Protection Laws, CCPA, and other laws requiring such disclosures. If you have questions about how your data is being accessed or used by your organization, please refer to your organization's privacy policy and direct your inquiries to your organization's system administrator.
This Privacy Policy does not apply to the Personal Data that we collect and process about job applicants, employees, and contractors; different privacy notices apply to that data. Please visit www.huntress.com/legal for more information.
The Personal Data we collect about you depends on the nature of our relationship, such as whether it is gathered through our Websites, Services, or marketing activities. We collect most of this Personal Data directly from you—through your interactions with us or the Websites and the setup and use of the Services. ĢTV also collects Personal Data through its normal business operations and in the administration of customer relationships. Personal Data may be collected as follows:
Under various data protection laws, we can only use your Personal Data if we have a proper reason for doing so, such as:
We may use your Personal Data in the performance of our contract with you or your organization or to take steps at your request before entering into a contract, including for the following purposes:
We may use your Personal Data for a legitimate interest, including for the following purposes:
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own.
We may use your Personal Data for our legal and regulatory obligations, including for the following purposes:
ĢTV may create anonymous, aggregated, or de-identified data from your Personal Data and other individuals whose Personal Data we collect. We make Personal Data into anonymous, aggregated, or de-identified data by removing or not utilizing information that makes the data personally identifiable to you. We may use this anonymous, aggregated, or de-identified data for research or analytics and we may share it with third parties for our lawful business purposes, including to provide the Service, analyze and improve the Service, analyze and report on security risks, and promote our business. For example, in order to promote awareness, detection, and prevention of Internet security risks, ĢTV may create and share anonymous, aggregated, or de-identified information (related to, e.g., potential or actual security incidents, malware, security threat data, diagnostic and usage related data, effectiveness of security awareness training, contextual data, threat detections, and indicators of compromise) with research organizations and other security software vendors and professionals via publications, blog posts, or social media, and provided no customer identifying information is shared without written permission of that customer. ĢTV may also make use of statistics derived from the information processed to track and publish reports on security risk trends.
ĢTV may share Personal Data with our subsidiaries or affiliates as part of our business operations and administration of our Websites and Services. Personal Data may be held at our offices and those of our subsidiaries or affiliates, representatives, and agents. We may also appoint third-party service providers, or subprocessors, (who will operate under our instructions) to assist us. As such, we may disclose your Personal Data as follows:
Please note the above list is not exhaustive but gives a flavor of the third parties with whom we may share your Personal Data. For more detail about our service providers, including with whom, why, and where Personal Data is stored, transmitted, or processed, please see our Subprocessors List, available at www.huntress.com/legal.
We only allow our service providers to handle your Personal Data if we are satisfied they take appropriate measures to protect your Personal Data. We also impose contractual obligations on service providers to ensure they can only use your Personal Data to provide services to us and to you.
Your Personal Data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country, and in some cases, may not be as protective. Specifically, our servers, service providers, and subprocessors are primarily located in the United States, and we may process your information in jurisdictions where our affiliates/partners and service providers, or subprocessors, are located. See our Subprocessor List, available at www.huntress.com/legal, for more details. However, we have taken appropriate safeguards to require that your Personal Data will remain protected in accordance with this Privacy Policy. These safeguards include ensuring we have data protection agreements between us and our service providers and subprocessors to whom we transfer the Personal Data, which require these companies to protect Personal Data they process from the European Economic Area (“EEA”), United Kingdom (“UK”), or Switzerland in accordance with applicable data protection law. ĢTV offers a , available at www.huntress.com/legal, with European Commission approved Standard Contractual Clauses, to meet the adequacy and security requirements for our customers located in or that operate in the EEA, UK, or Switzerland, and other international transfers of Personal Data with similar privacy regulations.
We have appropriate security measures in place to prevent Personal Data from being accidentally lost, used or accessed in an unauthorized way. We limit access to your Personal Data to those who have a genuine business need to access it. Those processing your Personal Data will do so only in an authorized manner and are subject to a duty of confidentiality. We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
ĢTV is committed to protecting the security of the information it collects and processes. The information is stored on computer servers with limited and controlled access. ĢTV operates secure data networks protected by industry-standard firewall and password protection systems. ĢTV uses a wide range of security technologies and procedures to protect information from threats such as unauthorized access, use, or disclosure. Our security policies are periodically reviewed and enhanced as necessary, your data is encrypted at rest and in transit, and only authorized individuals have access to the data that we process.
More information about our Security practices can be found in our , available at www.huntress.com/legal.
We will only retain your Personal Data for as long as necessary to fulfill the purposes for which it was collected, or as necessary to comply with our business requirements and necessary laws; to comply with any legal, accounting or reporting obligations; to resolve disputes; to protect our assets; to efficiently run our business; and to enforce our agreements. To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we collect or process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements. Following the end of the relevant retention period, we will delete or anonymise your Personal Data.
You have the following rights, which you can exercise free of charge:
If you would like to exercise any of those rights, please:
We will comply with any request within the time required by the relevant legal authority.
If you contact us regarding Personal Data related to our Services for which we are a data processor, we will attempt to refer your request to the relevant organization (e.g., your employer, our customer) who is the data controller for your Personal Data. You may also reach out to that organization directly.
Whether or not we are required to fulfill any request you make will depend on a number of factors (e.g., why and how we are processing your Personal Data). If we reject any request you may make (whether in whole or in part) we will let you know our grounds for doing so at the time, subject to any legal restrictions.
Our Websites and Services do not respond to Do Not Track requests or headers from some or all browsers. To learn more about the use of cookies or other technologies to deliver more relevant advertising and your choices about not having this information used by certain service providers, please click (http://www.aboutads.info/choices/) (for users in the United States) or (http://youronlinechoices.eu/) (for users in the European Union).
Our Websites or Services may contain links to third-party websites or resources or contain third-party advertisements. Any access to and use of such linked websites is not governed by this Policy, but instead is governed by the terms of use and privacy policies of those third-party websites. We are not responsible for the information practices of such websites.
Our Websites and Services do not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. In fact, as currently operated, persons under the age of 18 may not use the Websites or Services. By providing information to ĢTV, you represent that you are 18 years of age or older. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from anyone under the age of 13 without verification of parental consent, we take steps to remove that information from our servers.
If you are a data subject located in the EEA the UK, or Switzerland you have the rights under the European Data Protection Laws (as applicable) in respect of your Personal Data as noted in the “Your Rights” section above.
You also have the right to lodge a complaint with:
The Information Commissioner’s Office
Water Lane, Wycliffe House
Wilmslow - Cheshire SK9 5AF
Tel. +44 303 123 1113
Website:
If you have any questions about our Privacy Policy or practices, you may contact us. In provision of the Websites and Services provided by ĢTV, we are represented in the EU and the UK by the DPO Centre Ltd:
For Individuals in the EU, please contact our EU Representative at:
eurep@huntresslabs.com
Alternatively, they can be reached by mail:
The DPO Centre Europe Ltd
Alexandra House
3 Ballsbridge Park, Dublin, D04C 7H2
+353 1 631 9460
For Individuals in the UK, please contact our UK Representative at:
ukrep@huntresslabs.com
Alternatively, they can be reached by mail:
The DPO Centre Ltd
50 Liverpool Street
London, EC2M 7PY
+44 (0) 203 797 6340
This section provides additional details about the Personal Data, or “personal information,” we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act or “CCPA,” as amended by the California Privacy Rights Act or “CPRA”, to the extent such information is not exempt from the CCPA.
California law requires that we detail the categories of personal information that we collect and disclose for certain “business purposes,” such as to service providers that assist us with securing our Websites and Services or marketing our products, and to such other entities as described in earlier sections of Privacy Policy. In addition to the information provided above, we may collect the following categories of personal information from you, your employer, data analytics providers, and third-party services providers for our business purposes:
We collect this information for the business and commercial purposes described in the “How and Why We Process Your Personal Data” section above. We share this information as described in the “Who We Share Your Personal Data With” section above. The CCPA defines “sell” broadly to include disclosing or making available personal information to a third party in order to receive certain benefits or services from them. While we do not “sell” personal information to third parties in exchange for monetary compensation, we may make personal information available, which may be defined as a sale by the CCPA; this is common practice among companies that operate online, such as sharing with third party advertisers for purposes of targeting advertisements on ĢTV and non-ĢTV websites, applications, and services. As defined by the CCPA, we may “sell” usage details and identifiers to third party advertising networks, social networks, co-sponsors of marketing events, and data analytics providers. In addition, we may allow third parties to collect personal information from our sites or services if those third parties are authorized service providers who have agreed to our contractual limitations as to their retention, use, and disclosure of such personal information, or if you use our sites or services to interact with third parties or direct us to disclose your personal information to third parties. To learn more, please see our Cookies Policy, available at www.huntress.com/cookies.
As further described above, we may collect personal information from the following sources:
In addition to the rights detailed above in the “Your Rights” section of this Policy, subject to certain limitations, the CCPA provides California consumers the right to request to know more details about the categories or specific pieces of personal information we collect (including how we use, disclose, or may sell this information), to delete their personal information, to opt out of any “sales”, to know and opt out of sharing of personal information for delivering advertisements on non-ĢTV websites, and to not be discriminated against for exercising these rights.
California consumers may make a request pursuant to their rights under the CCPA by contacting us at privacy@huntress.com. We will verify your request using the information associated with your account, including email address. Government identification may be required. Consumers can also designate an authorized agent to exercise these rights on their behalf. Authorized agents must submit proof of authorization.
This Policy may change from time to time and your continued use of the Websites and Services is deemed to be acceptance of such changes. Please check the Policy periodically for updates.
You can contact us by email or mail if you have any questions about this Privacy Policy or the information we hold about you, to exercise a right under a data protection law, or to make a complaint. If you are a EEA/UK/Swiss resident, see the “Additional Information for EEA/UK/Swiss Residents” section above for contact information for our representatives in those regions. For all others, our contact details are shown below:
Privacy
ĢTV Labs Incorporated
6996 Columbia Gateway Dr, Ste 101
Columbia, MD 21046