(August 3, 2016)
This Privacy Notice discloses the privacy practices for the web site veramine.com, the cloud service cloud.veramine.com, and the product portal portal.veramine.com (collectively, "websites"). This Privacy Notice applies solely to information collected by these sites. This policy is intended to notify you of the following important facts:
We are the sole owners of the information collected on our websites. We only have access to/collect information that you voluntarily give us via email, our websites or use of our products. We will not sell or rent this information to anyone.
We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g. to activate the Veramine product, or to put customers in touch with an appropriate local reseller.
In order to use Veramine products via our websites, a user must first complete the registration form. During registration a user is required to give certain information (such as name and email address). This information is used to contact you about the products/services on our site in which you have expressed interest.
We sometimes partner with third parties to provide specific services, e.g. two-factor authentication. When the user signs up for these services, we will share names, or other contact information that is necessary for the third party to provide these services. These parties are not allowed to use personally identifiable information except for the purpose of providing these services.
In some cases, third parties may partner with Veramine to provide our products as components of their own offering, e.g. incident response or managed security services. We may share information about potential customers when we judge they may be best served by a partner, e.g. due to language requirements, or to comply with local data protection legislation.
You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address given at the end of this policy:
Our websites collect system and event information for the purposes of Veramine and its customer’s detecting malicious activity, and enabling customers or their designated agents to conduct remote security analysis of suspicious events. The data collected includes IP addresses, operating system events, meta events, unknown executable files, file names and other file attributes. The types of data collected will change from time to time, but this notice will still apply.
Detection data derived from analysis of malicious activity may be shared with partners and other third parties in a position to aid in the protection of Veramine customers and the wider on-line community. With the exception of executable files, or to comply with a lawful order, Veramine will never share information with any party identifying the source of this data without their express permission and in line with their handling instructions.
Executable files may be collected to determine whether they contain malicious functionality. If a file does not match any previously detected sample, Veramine may employ a third party malware analysis repository, at which point the binary may become available to other customers of the service. Unless to comply with a lawful order, Veramine will never share the identity of the customer from which the file sample was collected.
This data can be interrogated by the customer through the websites, and will be securely erased on termination of the customer’s account.
We take precautions to protect your information. When you submit sensitive information via the websites, your information is protected both online and offline. Wherever we collect sensitive information (such as credit card data, or system event data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for "https" at the beginning of the address of the web page.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, customer service, or security operations) are granted access to system and personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment, and are subject to strict object reuse controls.
Our Privacy Notice may change from time to time and all updates will be posted on this page.
If you feel that we are not abiding by this Privacy Notice, you should contact us immediately via email at firstname.lastname@example.org