Privacy Policy

Last Updated: 15 May, 2023

Your trust is important to us, and we want to ensure that your personal information is protected. This Privacy Policy explains how we collect and use your personal information in relation to Portnox products, services, events, and websites or applications that link to this Policy (together, the “Portnox Products”). It also describes how you can control or exercise your rights related to your personal information.

1. Personal Information We Collect

   We process information about you while providing the Portnox Products. Below, we outline the kinds of information we collect.

   • Information You Give to Us. We collect information about you when you provide it to us directly.
   • Your Portnox account.We collect information about you when you submit it through the Portnox Products, including when you create an account with us. This may include your name, email address, profile picture, company name, postal address, and phone number. This may also include your payment information when you purchase any of the Portnox Products.
   • We collect information you provide to us when you open a support request or otherwise communicate with us (such as through third-party social-media sites). This may include your name, email address, title, company, and any other information you provide in your request.
   • Other information submitted by you.We collect information about you that you submit to us through the Portnox Products, such as when you participate in any interactive features of the Portnox Products or fill out a form on one of our websites. This information may include your name, email address, and mailing address.

   Information We Collect Automatically

   We automatically collect information about you when you access or use the Portnox Products.

   • Your use of the Portnox Products.We collect information about how you use the Portnox Products, such as your session date, time, and duration; the pages you viewed; and the page you visited before navigating to the products or websites.
   • Device information.We collect information about your computer or device when you access any of the Portnox Products, such as the type of browser you use, your IP address, and the location of your device.
   • Cookies and similar technologies.We use cookies and similar technologies (like web beacons and pixels) to collect information about your interactions with the Portnox Products, including identifiers, usage data, session information, links clicked, pages visited, and mouse movements. Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject browser cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our services. To learn more about how to control cookie settings please consult your internet browser.

   Information We Collect from Other Sources

   We may also obtain information about you from other sources.

   • Other services linked to your account.We may collect information about you when you link your Portnox account with other services. For example, if you create or log into your Portnox account using third-party credentials via single sign-on, we may have access to certain information such as your name and email address, as authorized in your third-party profile settings.
   • Our affiliates.We may receive information about you from one of our affiliates if you interact with them directly, for example through a support request. This may include your name, email address, and information about your request.
   • Third parties.We may receive information about you from third parties that provide business information to us or from public sources. This information may include things like your name, title, email address, phone number, and social-media profile. We may combine this information with information we collect through other means described above.

2. How We Use Personal Information

   We use information about you for the following purposes.

   • To provide the Portnox Products.We use information about you to provide you with access to the Portnox Products, including to create and manage your Portnox accounts, process transactions with you, and send you invoices.
   • For research and to improve the Portnox Products.We use information about you, including website analytics, to improve the Portnox Products, including to monitor and analyze trends, usage, and other activities in connection with the Portnox Products so that we can continually improve them. We may also link or combine information about you with information we get from others to help understand your needs and provide you with better service.
   • To communicate with you.We use information about you to communicate with you, including to send you technical notices, product updates, security alerts, support communications, and administrative messages about the Portnox Products (including important changes to the Portnox Products). This also includes sending you information about your account and data, such as when we update our terms or when we materially change how we use your data.
   • For security.We may use information about you to maintain and increase the security of the Portnox Products, including to detect, investigate, and prevent fraud and other illegal activities from occurring, as well as to protect the rights and property of Portnox, our customers, and third parties.
   • To market and promote the Portnox Products.We use information about you to send you promotional messages and to show you advertisements. This may also include using information about you to create more personalized advertising and suggest Portnox Products that may be of interest to you. We may also use information about you to facilitate contests, sweepstakes, and promotions, and to process and deliver your entries and rewards.
   • To comply with legal obligations.We may use information about you to comply with our legal requirements. For example, we may process and retain information about your payments to us for tax and accounting purposes.
   • With your consent.Finally, we use information about you for any other purposes that you have affirmatively consented to.

3. How We Share Personal Information

   We may share your personal information as follows.

   • Service providers.We use third-party service providers who work on our behalf, including to provide hosting services, authentication services, cybersecurity and anti-fraud services, and advertising, which may require us to share your personal information. A current list of our sub-processors is available here.
   • For legal reasons.In rare cases, we may share information about you in response to a request for information if we believe disclosure is permitted or required by an applicable law, regulation, or legal process, including to comply with a subpoena or applicable court order. Further, we may share your personal information with any person to whom disclosure is necessary to enable us to enforce our rights under this Privacy Policy or under any agreement we enter with you or to protect the rights, property, or safety of Portnox or third parties.
   • Business transfers.We may share your information in connection with, or during negotiations of, any merger, sale of Portnox assets, financing, or acquisition of all or a portion of our business by another company.
   • We may share your personal information with our affiliate companies who may act for us for any of the purposes set out in this Privacy Policy, including our current and future parents, affiliates, subsidiaries, and other companies under common control and ownership.
   • Marketing and analytics.We may share your personal information with analytics and search-engine providers that assist us in the improvement and optimization of our websites.
   • Social Media.Some of our websites may contain social-sharing widgets or features that let you share information you find on our websites on third-party sites, including, for example, Twitter, LinkedIn, and YouTube. By doing so, you authorize us to facilitate this sharing of information, and you understand that the use of shared information will be governed by the social media provider’s privacy notice.
   • We may share your personal information with your consent or at your direction.

4. Security

   The security of your personal information is incredibly important to us. We have implemented and we continually maintain a variety of technical and organizational measures to protect your personal information from unauthorized access and against unlawful processing, accidental loss, destruction, and damage. View our Security page to learn more about the specific security controls we have put in place to safeguard your information.

5. Retention

   We only keep your personal information for as long as necessary to fulfill the purposes we collected it for, after which it will be deleted or archived unless we are required to keep it to comply with our legal obligations or for another legitimate and lawful purpose. To determine the appropriate retention period for personal information, we consider several factors, including:

   • the terms of our agreements with you;
   • our legitimate interests (as outlined in this Privacy Policy);
   • our legal obligations; and
   • the amount and nature of your personal information.

   In some cases, we may anonymize your personal information so that you are no longer identifiable, in which case we may use the resulting information without further notice to you.

6. Children

   The Portnox Products are not directed to individuals under the age of 16, and we do not knowingly collect or sell the personal information of children under 16, unless the collection of that personal information is in conjunction with an educational institution engaging Portnox as a vendor and using the Portnox Products to help secure their students.

7. Your Choices

   You have choices about how Portnox collects and uses your personal information.

   • Account information.Our customers may access, update, or change personal information they have provided to us by logging into the relevant Portnox application or emailing us at [email protected]. Subject to the terms of their agreements with us, customers may deactivate their accounts by emailing us at [email protected], but we may retain certain personal information as necessary to comply with our legal obligations or for legitimate business purposes, such as to resolve disputes or enforce our agreements. We may also retain cached or archived copies of personal information for a certain period.
   • You may opt out of receiving promotional emails from Portnox by following the instructions in those emails or by emailing [email protected]. If you opt out of receiving promotional communications, we may still send you non-promotional emails, such as those about your account or our ongoing business relationship. If you would like to opt out of receiving promotional phone calls, please contact us as outlined in the “Contact Us” section below

8. Supplemental Notice for the EEA, UK, and Switzerland

   This section provides additional details about the personal information we process subject to the General Data Protection Regulation (GDPR) and UK GDPR.Controller of Your Information

   Unless otherwise stated in a supplemental notice, Portnox, Inc. is the data controller of your personal information.

   Your Rights

   Subject to applicable law, you have the following rights with respect to your personal information.

   • Right to access.You have the right to access your personal information that we hold, and receive it in a portable way.
   • Right to update.You have the right to request that we update your personal information.
   • Right to delete.You have the right to have your personal information deleted.
   • Right to restrict processing.You have the right to request us to restrict or suppress the processing of your personal information where our processing is inappropriate.
   • Right to object.You have the right to object to the processing of your personal information.
   • Right to withdraw consent.You have the right to withdraw your consent at any time where we are processing your personal information based on your prior consent.

   To exercise your rights, please email [email protected] or contact us as outlined in the “Contact Us” section below. Please note that we may ask you to provide us with additional information to confirm your identity.

   Legal Bases for Processing Personal Information

   We process your personal information on one or more of the following legal bases:

   • where necessary to enter into or perform under a contract with you, including to provide the Portnox Products;
   • where necessary for us to comply with a legal obligation;
   • for our legitimate interests, as outlined in this Privacy Policy; or
   • with your consent.

   International Data Transfers

   Your personal information may be collected in, transferred to, accessed from, or stored in a country other than the one you are in, including the United States, which may have data protection rules that are different from those of your country.

   Your personal information is only transferred out of your country in accordance with applicable data protection law, including, for example, to third countries that adequately safeguard personal data, or under the European Commission-approved Standard Contractual Clauses.

   Complaints

   You may lodge a complaint with a data protection authority for your country or region where you have your habitual residence, where you work, or where an alleged infringement of applicable data protection law occurs. A list of EEA data protection authorities is available here, and the contact details for the UK Information Commissioner’s Office is available here.

9. Supplemental Notice for California

   This section provides additional details about the personal information we collect about California consumers and the rights afforded to them under the California Consumer Privacy Act, as amended (CCPA).Your RightsSubject to applicable law, you have the following rights with respect to your personal information.

   • Right to access.You have the right to request that we disclose to you what personal information we collect, use, disclose, share, and sell about you.
   • Right to delete.You have the right to request that we delete your personal information that we’ve collected.
   • Right to update.You have the right to request that inaccurate personal information we hold about you be corrected.
   • Right to restrict the use and disclosure of your sensitive information.You have the right to request that we limit our use and disclosure of your sensitive personal information.
   • Right to nondiscrimination.You have the right not to receive discriminatory treatment because you’ve exercised any of your rights under the CCPA.

   If you or your authorized agent wishes to exercise any of these rights, please email [email protected] or contact us as outlined in the “Contact Us” section below. Please note that we may ask you or your agent to provide us with additional information to confirm your identity.

   Categories of Personal Information Collected

   The personal information that we’ve collected in the past 12 months fall into the following categories specifically established under the CCPA:

   • Identifiers such as a real name, postal address, unique personal identifier, online identifier, internet protocol address, and email address.
   • Information under Cal. Civ. Code §1798.80(e), such as your name, address, telephone number, or any financial information.
   • Commercial information, such as information related to products or services you’ve purchased.
   • Internet or other electronic network activity information, such information regarding your interaction with the Portnox Products.
   • Geolocation data.
   • Audio, electronic, visual, or similar information, such as audio recordings of calls with you.
   • Inferences drawn on the information above, such as aggregated metrics.
   • Account log-in or credit card number in combination with your credentials allowing access to your account.

   For more information about the categories of personal information we collect, please see the “Personal Information We Collect” section above.

   Categories of Personal Information Disclosed for a Business Purpose

   The personal information that we’ve disclosed for a business purpose (including to our service providers) in the past 12 months fall into the following categories specifically established under the CCPA:

   • Identifiers such as a real name, postal address, unique personal identifier, online identifier, internet protocol address, and email address.
   • Information under Cal. Civ. Code §1798.80(e), such as your name, address, telephone number, or any financial information.
   • Commercial information, such as information related to products or services you’ve purchased.
   • Internet or other electronic network activity information, such information regarding your interaction with the Portnox Products.
   • Geolocation data.
   • Audio, electronic, visual, or similar information, such as audio recordings of calls with you.
   • Inferences drawn on the information above, such as aggregated metrics.
   • Account log-in or credit card number in combination with your credentials allowing access to your account.

   For more information about the categories of personal information we disclose to other parties, including to our services providers, please see the “How We Share Personal Information” section above.

   No Sale or Sharing of Personal Information

   We do not sell or share (for the purpose of cross-context behavioral advertising) your personal information, as those terms are defined under the CCPA.

10. Supplemental Notice for Virginia

    This section provides additional information for residents of Virginia and the rights afforded to them under the Virginia Consumer Data Protection Act (VCDPA).Your RightsSubject to applicable law, you have the following rights with respect to your personal information.

    • Right to access.You have the right to access your personal information and obtain a copy of it in a portable and readily usable format.
    • Right to correct.You have the right to correct errors in your personal information.
    • Right to delete.You have the right to have your personal information deleted.
    • Right to opt out.You have the right to opt out of behavioral advertising, automated profiling, and sales of personal information.

    To exercise your rights, please email [email protected] or contact us as outlined in the “Contact Us” section below. Please note that we may ask you to provide us with additional information to confirm your identity.

    If you submit a request to exercise one of the above rights and you disagree with our decision regarding your request, you may appeal our decision by replying to our response.

11. Changes to this Privacy Policy

    We may occasionally update this Privacy Policy. The date at the top of this Privacy Policy indicates when it was last revised. Any changes will become effective when we post the revised Privacy Policy on this page.

12. Contact Us

    If you have questions or concerns about this Privacy Policy, please contact us at: Portnox Security LLC, 5707 Southwest Parkway, Building Two, Suite 260, Austin, Texas 78735; or [email protected].