November 2024
Guardare is on a mission to empower organizations to implement and manage security effortlessly by providing a unified platform that simplifies risk management and strengthens security across users, devices, and applications. Through our commitment to excellence, integrity, and continuous improvement, we strive to be the trusted partner to help your organization remain resilient, secure, and ahead of evolving cyber threats. Our AI-powered platform provides clear guidance to complete complex cybersecurity tasks, actionable insights, and streamlining compliance efforts. It enables organizations to achieve and maintain strong security with limited dedicated security resources. To learn more, please visit guardare.com/about.
The following Privacy Notice (“Notice”) describes how Guardare and all affiliates of Guardare (collectively “Guardare”) will collect, use, maintain, and disclose information from users of our website (guardare.com), event participants, prospective customers, and other scenarios. For this Notice the terms “you”, “your”, “user”, and “customer” will be interchangeable and will refer to the person whom we may collect personal data from.
1) Navigation Links
2) Data Collection and Use of Data
2.1 What personal information does Guardare collect and retain?
2.2 Where does Guardare obtain Personal Information and how will this information be used?
2.3 Whom does Guardare share personal information with?
3) Use of Cookies and similar technologies
3.2 How does Guardare use them?
3.3 Interest Based Advertising
5) Your Rights Under State Privacy Laws
7) Methods used to protect personal information
8) Retention of personal information
8.1 Data Retention and Management
8.2 Correcting and Updating Your Information
8.4 Customer Data
9) Changes to the Privacy Notice
2) Data Collection and Use of Data
2.1) What personal information does Guardare collect and retain?
Information You Provide Directly to Us
We collect the information you provide to access our tools, use our site, subscribe to our content, or register for activities associated with Guardare. This may include but is not limited to, your name, email address, telephone number, and mailing address.
If you purchase Guardare, become one of our vendors, or otherwise establish a financial transaction-related relationship with us, we collect information about those transactions. This may include, but is not limited to, your credit or debit card information, account and authentication information, tax identifiers, and other billing, delivery, and contact details.
Information We Collect to Deliver and Improve Our Platform and Services
To provide our platform and services, we will collect certain information automatically. This helps us to ensure that our platform and services are operating correctly. These types of information include:
We also collect information about the Guardare products and services that you use and how you use them, such as how often you access our products and which features you use most frequently. We collect this information to improve our platform and your experience with Guardare. For example, we may use this information to reach out to you if you seem “stuck” on a certain process within the platform, to make our platform more intuitive, or to enhance the platform’s most popular features.
On our sites, Guardare and our third-party partners collect information using cookies and other tracking technologies. Please see "What are cookies and how does Guardare use them?" below for more information.
Information from Third Parties
We receive various types of information from third parties on occasion, such as when we jointly offer services or sponsor events. We also collect data from third-party security providers and online databases in connection with our research activities that relate to active or historic threats, vulnerabilities, and risks around the world. This can include data like domain names, IP addresses, email accounts, and usernames that are associated with security risks (for example, known compromised accounts and usernames), and we use this information to enhance the security services and solutions we provide to you. Additionally, we also collect certain information from publicly available sources, including the dark web, in connection with our research activities, solutions, and services, in particular, to identify and help our customers protect against the likes of historic and/or future security threats, vulnerabilities, and risks. This information can include the likes of domain names, IP addresses, email addresses, and usernames, and any other data that might be associated with the applicable security risks of issues identified (for example, known compromised accounts and usernames).
Personal Information Collection
To fulfill the purposes described in this Notice, Guardare may collect personal information such as business contact information, technical unique identifiers, authentication credentials, or other personal information you choose to provide to Guardare. For example, as described in specific sections of this Notice, personal data collected may include, among other things, the Internet Protocol (IP) address, browser information, device ID, the type of computer, and technical information about a user’s means of connection to our websites or web portals, such as the operating system and the Internet service providers utilized and other similar information. When users are required to log in to gain access to a particular website feature or web portal, we collect usernames, passwords, and other login credentials to authenticate access to the feature or offering.
Children Under 16
Guardare’s websites and offerings are not directed at children, and Guardare does not knowingly collect or sell personal information from individuals under the age of 16.
2.2) Where does Guardare obtain Personal Information and how will this information be used?
To Deliver, Improve, and Develop Our Offerings
We use the personal information we collect to deliver our sites, platform, and services, understand the behavior of attackers, and better help our customers keep their environments safe, including to develop and improve our products and services.
In general, we only process our customers' information to deliver our sites, solutions, and services. Although we may collect the information listed above, we do not access information that we process on our customers’ behalf, such as user, network, vulnerability, incident, or asset information, unless our customers have requested we do so to investigate issues with our solution or carry out a service.
For additional information, see “How We Use Your Personal Information”, below.
To Communicate with You
We use your information to communicate with you about our sites, solutions, services, features, surveys, newsletters, offers, promotions, and events, and to provide other news or information about Guardare and our partners, per your communications preferences.
We will also use your information to respond to you when you contact us.
To Conduct Research Initiatives
The vast majority of the data we collect through our research initiatives is publicly available. It is collected to educate and enrich the security community and foster secure adoption of technology. For example, one of our research initiatives uses the metadata from publicly exposed services to identify large-scale misconfigurations and vulnerabilities in consumer, enterprise, and critical infrastructure systems.
For Advertising Purposes
We may use the information we collect to personalize our advertising and marketing communications and to deliver promotions and offers to you that we think may interest you.
For Our Internal Business Purposes
We may use the information we collect for our internal business purposes, such as data analysis, audits, developing new products and services, enhancing our sites, platform, and services, improving our products and services, identifying site usage trends, and determining the effectiveness of our promotional campaigns.
For Legal Purposes
We may use the information we collect as we believe to be necessary or appropriate: (i) under applicable law; (ii) to comply with legal processes; (iii) to respond to requests from public and government authorities; (iv) to enforce this Privacy Policy and our Terms of Use; (v) to protect our operations; (vi) to protect our rights, privacy, safety, or property, and/or that of you or others; and (vii) to allow us to pursue available remedies or limit the damages that we may sustain.
Information Provided By You
Guardare websites provide Internet-based access for users to learn about Guardare and its offerings and to communicate with Guardare and others. When an individual, partner, or reseller uses our websites and web portals, Guardare gathers information, some of which may be considered personal information in your jurisdiction, and is used consistent with the below purposes.
Business Contact Information - If you register to attend a Guardare-hosted in-person or virtual event, download one of our Resources, sign up for a Free Trial, or engage with our website support agent, we will receive personal information about you, including your name, phone number, business email address, company name, and country. We use this information consistent with the purpose for which you provided it, such as to contact you about Guardare’s offerings, company news, updates, and other Guardare-related information. We may also associate personal information that you submit to us, including email addresses, with information collected about you through other means such as cookies, web beacons, or social media plugins. This will help us better customize content delivered to you through a variety of ways, including online advertisements. We include unsubscribe instructions at the bottom of each email if at any time you would like to unsubscribe from receiving future emails.
Audio, Electronic, or Visual Information - If you attend a Guardare-hosted in-person or virtual event or agree to be recorded in a telephone or virtual meeting, we may record some or all of that event or meeting. We may document the event in various ways, such as by taking photos at the event, interviewing you at the event, or recording your participation in a live question-and-answer or other interactive session. We use this information for business and marketing purposes, including to enhance our offerings and your customer or user experience.
Community Forums and Other User Generated Content - We make available various community forums and blogs, where you can interact with other users and make your own posts. Your posts in Guardare community forums or blogs are publicly available information that you choose to disclose, and such posts may be read, collected, and processed by others who visit these websites. We are under no obligation to publish, maintain, or retain any of your posts. If you provide us with feedback about our company, offerings, or websites, we consider this to be freely given and we may use your feedback without compensation or credit being attributed.
Links to Other Websites - Our websites include links to other websites whose privacy practices may differ from those of Guardare. If you submit personal information to any of those sites or services, your information is governed by their privacy notices. We encourage you to carefully read the privacy notice of any website or service you visit.
Information That We Obtain From Third-Party Sources
From time to time, we may receive personal information about you, including your name, email address, or other information such as a profile picture, from third-party sources where those parties have indicated that they have your consent or are otherwise legally permitted or required to disclose your personal information to us. For example, we may be provided with information about individuals interested in using our offerings, joining our company, or when using third-party authentication options to sign up for or log in to our offerings.
How We Use Your Personal Information
We may use the information, including personal information, that you provide to us or that is provided to us by third-party sources for a variety of purposes, including but not limited to the following:
2.3) Whom does Guardare share personal information with?
With Our Customers and Organizations Participating in or Promoting Research
We will share information that we identify about security risks and/or incidents that affect or relate to our customers with those customers. Additionally, information related to the research we conduct may be shared with various research and security organizations, including academic institutions or publications, but only when this information is already freely publicly available and/or non-identifiable. We may also publish this research online on our website or through third-party social media sites.
With Third-Party Vendors, Consultants, Service Providers, or Other Business Partners
Some third parties provide services on our behalf and may require access to your information to carry out that work, including billing, customer support, etc. These service providers are authorized to use your information only as necessary to provide the services and solutions in scope and are subject to contractual controls to protect the confidentiality and security of your information. Our service providers include those who host our sites or assist us in providing functionality on our sites, providing data analytics on our sites, and sending out emails about our sites and our products and services.
In the Case of a Merger, Sale, Financing, or Acquisition
We may share or transfer your information in connection with or during negotiations of, any merger, sale of company assets, financing, divestiture, or acquisition of all or a portion of our business to another company or in the unlikely event of bankruptcy. You will subsequently be notified via email and/or via a prominent notice on our sites of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information. The recipient of your information will be informed of the need to protect your personal information in accordance with this Privacy Policy.
For Legal Purposes
We may share personal information with companies, organizations, or individuals outside of Guardare if we have a good-faith belief that access, use, preservation, or disclosure of the information is reasonably necessary to:
If we receive a government or law enforcement request for customer data, we will promptly notify the customer and provide them with a copy of the request unless we are legally prohibited from doing so. Further, we may challenge government or law enforcement requests for customer data that we consider to be overly broad or unlawful.
Disclosure of Personal Information
We may disclose personal information, including business contact information or aggregated demographic information regarding visitors and users of our websites with our affiliates, partners, sponsors, and advertisers as described in more detail below, consistent with the purposes previously outlined. This may be considered “sharing” or a “sale” under the applicable state law, such as the California Consumer Privacy Act (CCPA). When we collect personal information through our offerings, it is made available to the Guardare customer who was the source of the information.
Online Behavioral Advertising
We partner with a third party to display advertising on our websites or to manage our advertising on other sites. Our third-party partners may use technologies such as cookies, scripts, and tags to gather information about your activities on this site and other sites to provide you with advertising based on your browsing activities and interests. If you wish to not have this information used to serve you interest-based ads, you may opt-out from participating companies by visiting the Digital Advertising Alliance's self-regulatory opt-out page or the Network Advertising Initiative’s Opt-Out page. Please note this does not opt you out of being served ads; you will continue to receive generic ads.
Social Media Features
Our websites include social media features. These features may collect your IP address, and which webpage you are visiting on our websites, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on our websites. Your interactions with these features are governed by the privacy policy of the company providing them.
Event Sponsors
If you choose to register for or attend a Guardare-hosted or jointly-hosted event or webinar or if you enter a contest or raffle with us and a sponsor, then we may disclose your contact information, content interest information or other activity data, and any other information, including personal information, collected in the course of these activities to those sponsors for commercial purposes. In many cases, you intentionally disclose your details by providing your information to these sponsors through consent via a registration form or by scanning your badge at the applicable sponsor’s booth. Virtual events hosted by third-party platforms may also collect additional data from you when you visit their sites. The treatment of this information is subject to each of these other entities’ respective privacy statements.
Partners and Resellers
We may disclose your personal information, such as contact information, business details, and content interest and activity details, to our partners and resellers for business purposes, such as to carry out our business or for joint marketing efforts to reach our customers and prospective customers. In many cases, you consent to the disclosure of your details by filling out a registration form.
Referrals
Where we provide a referral option that you choose to use to share information with a point of contact about us, we will ask you for the contact's name and email address. We will automatically send your contact a one-time email inviting them to visit our website. Guardare will store this information for the sole purpose of sending the one-time email and for tracking the success of our referral program. An individual whose name has been provided to us may contact us at privacy@guardare.com to request that we remove their information from our database.
With Our Affiliates, Related to Corporate Transactions, the Provision of Professional Services, and Legal Disclosures
For all categories of data we collect, we disclose personal information to our affiliates and subsidiaries for business purposes, including any service providers and agents that work on our behalf. We may also disclose your information as required for us to carry out a corporate transaction, such as a merger or sale of assets of all or part of our company. We will also disclose your personal information to our professional service providers (for example, our auditors, insurance providers, financial service providers, and legal advisors) as needed for us to run our business, provide our offerings, support, maintain, or secure our offerings and our websites; or administer activities on our behalf, such as events or marketing campaigns. We may also disclose your personal information as required by law, such as to comply with a subpoena or similar legal process; or when we believe that disclosure is necessary or appropriate to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.
3.1) What are cookies?
Cookies are small data files that are placed on your computer or mobile device when you visit a website. Cookies are widely used by website owners to make their websites work more efficiently and to provide reporting information.
Guardare uses both first-party and third-party cookies. First-party cookies are set directly by Guardare to improve your website experience. Third-party cookies, such as those from Google Analytics and Google Ads, help us analyze website usage and deliver relevant ads. These third-party cookies can recognize your device across different websites. To opt out of Google Analytics tracking, you can download the Google Analytics opt-out browser add-on.
We may use tracking technologies, such as pixels, to gather information about your online behavior. This information helps us tailor ads to your interests and measure their effectiveness. For more details about ad targeting and how to opt-out, please refer to the "Interest-Based Advertising" section of this Privacy Policy.
3.2) How does Guardare use them?
We use both first-party and third-party cookies for various purposes. Essential cookies are necessary for our website's functionality. Other cookies help us understand user preferences and tailor your experience. Third-party cookies, such as those used for advertising and analytics, are also employed by other companies.
3.3) Interest Based Advertising
We may gather information about your online behavior on our sites to provide you with personalized ads. We may also obtain this information from third-party websites that display our ads.
We work with third-party advertising partners to provide you with interest-based ads. These partners may use cookies, pixels, and other tracking technologies to collect information about your online activity and interests over time to show you relevant ads across various websites and services. Although this may be considered “sharing” under certain privacy laws, please note that we do not “sell” your personal information as that term is traditionally understood; we do not exchange your information for money or provide it to third parties in a way that would typically be considered a “sale” under applicable law.
Our advertising partners help us target specific audiences through demographic, interest-based, and contextual advertising. These partners track your online activity across various websites, including ours, using cookies, web server logs, and web beacons. This data allows them to show you relevant ads based on your interests. The information collected includes your browsing history on our sites and other participating websites. This process helps us measure the effectiveness of our marketing campaigns. For instance, we use targeted advertising services to display our ads on other websites based on your past interactions with our sites and other online activities.
You can opt out of receiving interest-based advertising through industry programs. Visit the Network Advertising Initiative website (NAI) at https://thenai.org/, or explore your options through the Digital Advertising Alliance (DAA) at https://digitaladvertisingalliance.org/ for web-based advertising and mobile advertising. Opting out doesn't mean you'll see no ads from us, but you'll no longer receive personalized ads based on your browsing history across different websites.
Guardare and our service providers use cookies, local storage (HTML5), scripts, and similar technologies to ensure all our websites and web portals function properly, help us continuously improve them, and customize a user's experience.
4) Product Offering
The Guardare platform will be collecting and analyzing various types of organizational data to deliver risk profiles, guidance on application configuration, and alignment with security practices and frameworks. Much of the data collected will be considered Metadata. Metadata could include devices, the individuals using those devices, and what software applications are being accessed from these devices. It can also include login times and attempts, registry keys, types and versions of operating systems, browsers, and information about software applications. In some cases, personal information will be collected as it may appear within the metadata such as that associated with usernames, filenames, file paths, and machine names. This personal information is used to help our customers and improve our capabilities in the way described in our more specific product or service documentation and agreements.
Guardare will utilize data from various security applications where integrations have been completed to provide a more holistic view of risk. The platform will clearly outline what data will be ingested through the integration and the customer will always have the ability to disable said integration should they not want that specific data utilized within the platform. Doing this could however impact the vectors being considered to generate the holistic risk score and limit the platform’s ability to provide guidance/recommendations on the products being used and ways to optimize them.
In the event that Guardare collects any form of personal information, generally, that information will be collected under the authority and direction of its customers, in most cases corporate entities or other forms of organizations. Guardare is using this information at scale for the customer the information came from, to provide a view of organizational risk. Guardare will not use that personal information for any targeted marketing or communication to an organization's employees unless determined necessary by the console admin to do so. Regardless, the use of the information collected through our Offerings is limited to the purpose of providing the service for which our customers have engaged Guardare or as otherwise outlined in our agreements. We do not use any personal information collected through our Offerings to contact or market products or services to these individuals. We also do not provide any personal information obtained through the Offerings to third parties to contact or market products or services to these individuals
5) Your Rights Under State Privacy Laws
In addition to the disclosures and rights set forth elsewhere in this Notice, you may have certain rights based on applicable state law, for example, California Consumer Privacy Act (CCPA), as amended by the California’s Privacy Rights Act (CPRA). Other states have passed consumer privacy laws that may be applicable to Guardare and your use of this Site. These supplemental disclosures and rights apply to you and your use of our Platform to the extent applicable state law applies to Guardare and your use of our Platform. Please contact us if you have any questions regarding your rights under applicable state law.
Opt-Out Rights. While we do not “sell” your information to third-parties for their own marketing purposes or other purposes as that term is typically understood, you may have additional opt-out rights under applicable state law with respect to sharing your personal information for interest-based advertising.
Other Consumer Rights. You may have additional rights, such as the right to request access, correct, delete, and/or obtain a copy of your personal information; to opt-out of certain automated decision-making or profiling based on your personal information; and/or to appeal decisions that we make with respect to a consumer rights request that you submit to us pursuant to applicable law.
Exercising Your Opt-Out and Other Consumer Rights. If you have questions about your rights or would like to exercise your rights under state law, please contact us at privacy@guardare.com or call us at 866-454-7670.
Non-Discrimination
We will not discriminate against you for exercising any of your rights under applicable state law. Unless permitted by applicable law, we will not:
Right to Appeal
If we decline to act on your request concerning your personal information or you disagree with our decision or action on your request, you have the right to appeal our decision. To submit an appeal, please contact us at privacy@guardare.com with the subject line "Appeal Request." Please include details of your original request and any relevant information supporting your appeal.
We will review your appeal and respond within the timeframe required by applicable law.
If you are not satisfied with our response to your appeal, you may contact your state's Attorney General for further assistance. Contact information for all state Attorneys General is available at https://www.naag.org/find-my-ag/.
6) International Users
Our Platform and Website are not intended for active use by and are not directed to residents of the European Union. All data is stored and processed in the United States. By using and accessing our site, users who reside or are located in countries outside of the United States agree and consent to the transfer to and processing of personal information on servers located outside of the country where they reside, and that the protection of such information may be different than required under the laws of their residence or location.
7) Methods used to protect personal information
Guardare is a security first company. We take data security very seriously and have taken steps to require all Guardare employees follow the steps to protect your sensitive data. The security of customer data and your personal information is not only important to us; it is our mission.
Please note that no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. It is your responsibility to protect the security of your login information. If you have questions about the security of your personal information collected through our offerings or websites, you can contact us at privacy@guardare.com.
8) Retention of personal information
8.1) Data Retention and Management
We will retain your information for as long as your account is active or as needed to provide you with products and/or services. We will also retain your personal information for as long as needed to fulfill the purpose for which we collected it and for a reasonable period thereafter to comply with audit, contractual, or legal requirements, or where we have a lawful and legitimate interest in doing so. If you wish to cancel your account or request that we no longer use your information to provide our offerings, contact us at privacy@guardare.com.
We will retain and use your information as necessary for legitimate business reasons, including to comply with our legal obligations, resolve disputes, and enforce our agreements. When we have no ongoing legitimate business reason to process your information, we will either delete or anonymize it, or if this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your information and isolate it from any further processing until deletion is possible.
We may retain aggregated or de-identified data indefinitely or to the extent allowed by applicable law. We may also retain personal information which will be preserved in automatically generated computer backup or archival copies generated in the ordinary course of our information technology systems procedures.
8.2) Correcting and Updating Your Information
Upon request, Guardare will provide you with information about whether we hold any of your personal information. You may access, correct, update, or request deletion of your personal information by emailing us at privacy@guardare.com. We will respond to your request within a reasonable timeframe and in accordance with applicable data protection laws.
8.3) Communications Opt-Out
We may use your information to send you a newsletter or other marketing communications in accordance with your communication preferences. You may choose to stop receiving our newsletter or marketing communications at any time by following the unsubscribe instructions included in the newsletters or communications. Alternatively, you can opt out of receiving such newsletters and communications by contacting us at privacy@guardare.com.
8.4) Customer Data
If you opt to end your engagement with Guardare, you have the opportunity to collect and transfer any data that is possible to export. If you request that Guardare delete your data, the request will be processed in accordance with applicable law and regulation.
9) Changes to the Privacy Notice
We may update the Guardare Privacy Policy to reflect changes to our information practices. If we make significant changes in how we use your personal information, we will notify you by email (sent to the email address specified in your account) if feasible, or through a notice on this website prior to the change becoming effective. If required by applicable data protection laws, we will seek your consent to any material change in how we use your personal information before that change takes effect.
We encourage you to periodically review this page for the latest information on our privacy practices.
10) Contacting Guardare
Guardare empowers organizations to achieve and maintain security effortlessly by providing a unified platform that simplifies risk management and strengthens security across users, devices, and applications. Through our commitment to excellence, integrity, and continuous improvement, we strive to be the trusted partner that ensures your organization remains resilient, secure, and ahead of evolving cyber threats.
To learn more about Guardare you can email us at info@guardare.com or call our team of Guardians at 866-454-7670
.svg)