November 05, 2014
Common Web Application Vulnerabilities - Part 8
Session fixation is an attack against a web application’s session management functionality. The issue is not as common today given that many of the cu...
See Details
Optiv RSS Feed
Copy the Below Link To Your RSS Reader
Privacy Policy
Last Updated: May 8, 2019
Optiv Security Inc. and its affiliates (collectively, “we,” “us,” or “our”) developed this Privacy Policy to explain how we collect, use, share, and protect Personal Information (defined below), and your choices about the collection and use of Personal Information.
This Privacy Policy applies to Personal Information collected or processed through our websites that link to this Privacy Policy (collectively, the “Site”).
1. What is Personal Information?
“Personal Information” is information that, either alone or in combination with other information, identifies you. Examples of Personal Information include, among others, name, email address, phone number, and mailing address. When we combine Personal Information with other information, we treat the combined information as Personal Information.
2. How We Use Personal Information
We use Personal Information for limited purposes, depending on the context in which we collect it. We use Personal Information for purposes of:
- Enabling secure use of the Site;
- Providing, analyzing, administering, and improving the Site and our services;
- Sending information at your request;
- Responding to inquiries;
- Conducting surveys to gather feedback on our services or Site;
- Publishing comments on our blogs (including the name, but not the email address, associated with the author);
- Publishing testimonials on the Site;
- Protecting our rights or our property;
- Meeting legal obligations; and
- For other purposes related to the reasons for which you provide Personal Information.
3. Types of Personal Information We Collect and Use
a. Information that You Provide Us
In various places on the Site, we request information, including Personal Information, from you via forms. The exact information we need to collect will depend on the purpose of the form. For example, when you complete the contact form on the Site, we ask for your full name, company email address, work phone number, and country. We will indicate when you attempt to submit a form whether a particular field of information is mandatory or optional. If you choose not to provide certain information, we may not be able to provide requested services.
b. Information We Receive from Your Use of the Site
We collect the following types of information automatically through your use of the Site:
• Cookies, Device Identifiers, and Similar Technologies
When you use or access the Site, we, our service providers, and our advertisers use cookies, device identifiers, and similar technologies such as pixels, web beacons, and local storage to collect information about how you use the Site. For more information, please see our Cookie Policy.
We process the information collected through such technologies to help operate certain features of the Site, to enhance your experience through personalization, and to help us better understand the features of the Site that you and other users are most interested in. To assist us with analyzing our website traffic through cookies and similar technologies, we use analytics services such as Google Analytics. For more information on Google Analytics’s processing of your information, please see “How Google uses data when you use our partners' sites or apps.”
Some of our service providers may use cookies or other methods to gather information regarding your use of the Site, and may combine the information in these cookies with any Personal Information about you that they may have. The use of such tracking information by a third party depends on the privacy policy of that third party. We do not respond to Do Not Track (“DNT”) signals sent to us by your browser at this time. To learn more about how DNT works, please visit http://allaboutdnt.com/.
Most browsers provide you with the ability to block, delete, or disable cookies, and your mobile device may allow you to disable transmission of unique identifiers and location data. If you choose to reject cookies or block device identifiers, some features of the Site may not be available or some functionality may be limited or unavailable. Please review the help pages of your browser or mobile device for assistance with changing your settings.
• Log File Information
When you use our Site, our servers automatically record information, including your Internet Protocol address (“IP Address”), browser type, referring URLs (e.g., the site you visited before coming to our Site), number of clicks, and how you interact with links on the Site, domain names associated with your internet service provider, pages viewed, and other such information (collectively, “Log File Information”). We may also collect similar information from emails sent to you which then help us track which emails are opened and which links are clicked by recipients. We use Log File Information to help secure the Site by identifying potential threats and vulnerabilities, and to analyze the effectiveness of our Site to help improve the Site’s function and content.
c. Information We Receive from Others
We may receive Personal Information about you from your friends or colleagues who, through a “forward-to-a-friend” feature on the Site, invite you to visit the Site or to view certain content. We use this information to send you a one-time message inviting you to visit the Site and to track the success of our referral program.
4. Disclosure of Personal Information
We will not disclose Personal Information except as set forth in this Privacy Policy or with your consent. This section describes to whom we disclose Personal Information, and for what purposes:
- Our Service Providers. We engage service providers or business partners to perform tasks on our behalf and to assist us in providing the Site or our services. Some of these third parties may need to access to Personal Information to perform their services. For example, we engage third parties to assist us with hosting the Site, sponsoring events, analyzing our Site traffic, and marketing our services online.
- Companies Involved in Mergers and Acquisitions Transactions. If we sell or otherwise transfer part or the whole of our business or assets to another organization (e.g., in the course of a transaction like a merger, acquisition, bankruptcy, dissolution, or liquidation), any information collected through the Site, including Personal Information, may be among the items sold or transferred.
- Law Enforcement, Government Agencies, and Courts: We may disclose Personal Information at the request of law enforcement or government agencies or in response to subpoenas, court orders, or other legal process to establish, protect, or exercise our rights or to defend against a legal claim or as otherwise required or allowed by law, or to protect the rights, property, or safety of any other person. We may also disclose Personal Information to investigate or prevent a violation by you of any contractual or other relationship with us or your illegal or harmful activity.
5. How We Protect the Security of Personal Information
We use commercially reasonable safeguards, such as industry-standard encryption technology (e.g., Secure Socket Layer (SSL) protocol), to help keep the information collected through the Site secure. Despite these efforts to store Personal Information in a secure operating environment that is not available to the public, we cannot guarantee the security of Personal Information during its transmission or its storage on our systems. Further, while we attempt to ensure the integrity and security of Personal Information, we cannot guarantee that our security measures will prevent third parties such as hackers from illegally obtaining access to Personal Information. We do not represent or warrant that Personal Information about you will be protected against, loss, misuse, or alteration by third parties.
6. Children’s Privacy
We do not knowingly collect or solicit any Personal Information from children or minors (under the age of 18). In the event that we learn that we have collected Personal Information from a child without parental consent, we will promptly take steps to delete that information.
7. Correcting, Updating, Accessing, or Removing Personal Information
In addition to other rights you may have depending on where you reside (as described below), you can request that we correct, update, or delete your Personal Information by emailing a request to us at info@optiv.com. We will promptly process such requests in accordance with applicable law.
8. Opting Out of Receiving Communications
With your permission, we may send notifications, promotions, or other information via email, text message, phone call, or postal mail (“Communications”). You may choose to stop receiving Communications by indicating your preference in your account profile or settings. You may also follow the unsubscribe instructions in any Communication you receive. You may also send a global unsubscribe request to info@optiv.com. Please note that certain Site-related Communications are necessary for the proper functioning and use of the Site and you may not have the ability to opt out of those Communications.
9. Retention of Personal Information
We will retain your Personal Information for the period necessary to fulfill the purposes for which your Personal Information has been collected as outlined in this Privacy Policy unless a longer retention period is required by law.
10. Individuals in the EU
In this section, we provide additional information relating to how we process Personal Information of individuals in the EU, in accordance with the GDPR. If you need more information or would like to exercise your rights under the GDPR, you may contact us at legal@optiv.com.
a. Basis for Processing
Our legal basis for collecting and using the Personal Information described in this Privacy Policy will depend on the Personal Information concerned and the context in which we collect it. We collect Personal Information from you:
- where we need it to perform a contract with you;
- where the processing is in our legitimate interests (including the purposes described, above, in Section 2, How We Use Personal Information); or
- if we otherwise have your consent.
b. Your Privacy Rights
Depending on applicable law, you may have the right to:
- Request access to Personal Information about you.
- Request correction of the Personal Information that we hold about you.
- Request erasure of Personal Information about you. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of Personal Information about you where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing.
- Request restriction of processing of Personal Information about you. You can ask us to suspend the processing of Personal Information in the following scenarios: (a) if you want us to establish the Personal Information’s accuracy; (b) where our use of Personal Information is unlawful but you do not want us to erase it; (c) where you need us to hold the Personal Information even if we no longer require it as you need it to establish, exercise, or defend legal claims; or (d) you have objected to our use of Personal Information but we need to verify whether we have overriding legitimate grounds to use it.
- Request the transfer of Personal Information to you or to a third party.
- Withdraw consent at any time where we are relying on consent to process Personal Information about you.
If you wish to exercise any of these applicable rights, please contact us at legal@optiv.com.
You have a right to lodge a complaint with a supervisory authority if you believe that we have violated any of your rights concerning Personal Information. We encourage you to first reach out to us at legal@optiv.com, so we have an opportunity to address your concerns directly before you do so.
For purposes of Article 27 GDPR, our EU Representative can be reached at our United Kingdom office, LABS House, 15-19 Bloomsbury Way, London, WC1A 2TH UK.
c. Transfers to the U.S.
If you are using the Sites from outside the United States, please be aware that Personal Information will be transferred to, stored, and processed in the United States. Although we take steps to provide adequate safeguards, the data protection laws of the United States might not be as comprehensive as those in your country.
We endeavor to apply suitable safeguards to protect the privacy and security of Personal Information transferred to us in the United States, and to use it in accordance with the practices described in this Privacy Policy.
11. Your California Privacy Rights
California Civil Code Section § 1798.83 permits users of our Sites who are California residents to request certain information regarding our disclosure of “personal information” (as defined by California law) to third parties for their direct marketing purposes. To make such a request, please send an email to legal@optiv.com
12. Other Websites, Including Social Media
We are not responsible for the practices employed by any websites or services linked to or from our Site, including the information or content contained within them. A link to a third party’s website should not be construed as an endorsement. We encourage you to investigate and ask questions before disclosing Personal Information to third parties.
13. Changes to Our Privacy Policy
This Privacy Policy is subject to change without notice. Any changes to this Policy will be posted on our Site at least one week prior to their taking effect. If at any point, we decide to use Personal Information in a manner materially different from that stated at the time it was collected, we will notify you via email of the changes to our Policy. In such cases, you will have a choice as to whether or not we use your Personal Information in this different manner.
14. How to Contact Us
For further information, please contact us.
Optiv Security Inc.
1144 15th Street, Suite 2900
Denver, CO 80202
USA
Phone: (800) 574.0896
Fax: (303) 298.0868
Email: info@optiv.com