BIGID PRIVACY POLICY

Effective as of June 27, 2018

BigID, Inc. is concerned about privacy issues and wants you to be familiar with how we collect, use, and disclose information. This Privacy Policy describes our practices in connection with how we collect, use and share your personal information if you visit www.bigid.com (“the Website”) to view information about our company and software products, register for a demonstration or trial, and sign up for a newsletter (collectively, the “Services”); and explains your choices for how we handle your personal information as well as through HTML-formatted email messages that we send to you that link to this Privacy Policy. By providing Personal Information to us, you agree to the terms and conditions of this Privacy Policy.

If you have any questions or concerns about your personal information or this Privacy Policy, please contact us at privacy@bigid.com.

Users in the European Economic Area should be sure to read the important information provided in the Additional Information for European Union Users section of this Privacy Policy.

This Privacy Policy aims to give you information on how BigID collects and processes your personal information through your use of this Website, including any data you may provide through this Website.

The Privacy Policy is intended to meet our duties of Transparency under the “General Data Protection Regulation” or “GDPR.”

We will post any modifications or changes to this Privacy Policy on this page.

PERSONAL INFORMATION WE COLLECT

We collect personal information about you in the following ways:

Information you give us

Personal information that you may provide through the Services or otherwise communicate with us includes:

  • Identity information, such as your first name, last name, username or similar identifier, title or role, date of birth and gender;
  • Contact information, such as your postal address, email address and telephone number;
  • Trial and demo registration information, such as your company name;
  • Feedback and correspondence, such as information you provide when you send us a message, report a problem with Services, receive customer support or otherwise correspond with us;
  • Usage information, such as information about how you use the Services and interact with us;
  • Marketing information, such as your preferences for receiving marketing communications and details about how you engage with us; and
  • Employment application information, such as your resume, LinkedIn profile, cover letter and online portfolio when applying for a job with us.

Information automatically collected

Our servers may automatically record certain information about how you use the Services, such as your Internet Protocol (IP) address, device and browser type, operating system, the pages or features of the Services that you browsed and the time spent on those pages or features, the frequency with which you use the Services, search terms, the links that you click on or use, and other statistics.  We collect this information in server logs and by using cookies and similar tracking technologies to analyze trends, administer the website, track users’ movements around the website, gather demographic information about our user base as a whole, and deliver advertising. See our Cookies and Similar Technologies Notice in this Privacy Policy, for more information about how the Services and third-party analytics, advertising and social media companies use cookies and similar technologies to collect your information when you use the Services.

Sensitive personal information

Subject to the following paragraph, we ask that you not send or disclose to us any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or union membership) on or through the Services or otherwise.

If you send or disclose any sensitive personal information to us (such as when you submit user-generated content to the Services), you must consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not provide it.

Changes to your personal information

It is important that the personal information we hold about you is accurate and current.  Please let us know if your personal information changes during your relationship with us by updating your registration profile or emailing us at privacy@bigid.com

HOW WE MAY USE YOUR PERSONAL INFORMATION

We may use Personal Information for the following purposes or as otherwise described to you at the time of collection:

To provide the Services

We use your personal information:

  • to operate, maintain, administer and improve the Services;
  • for our business purposes, such as data analysis, audits; developing new products; and operating, maintaining, administering, enhancing, improving or modifying our Services; identifying usage trends; determining the effectiveness of our promotional campaigns and operating and expanding our business activities.
  • to manage and communicate with you regarding your Services, including by sending you Services announcements, technical notices, updates, security alerts, and support and administrative messages;
  • to send administrative information to you, such as information regarding the Services and changes to our terms, conditions, and policies.
  • to better understand your needs and interests, and personalize your experience with the Services; and
  • to respond to your Services-related or employment-related requests, questions, and feedback.

To send you marketing communications

If you request information from us, use the Services or participate in our surveys, promotions or events, we may send you BigID-related marketing communications, which we believe may be of interest to you, as permitted by law but will provide you with the ability to opt out.

To deliver you advertising and other BigID information

We and our partners may tailor ads based on your interests and browsing history or conduct retargeted advertising.  See the Tracking and Targeted Advertising section below for more details.

For security, compliance, fraud prevention and safety

We may use your personal information as we believe appropriate to (a) investigate or prevent violation of the law or our Terms of Services; (b) secure the Services; (c) protect our, your or others’ rights, privacy, safety or property; (d) conduct fraud monitoring and prevention activities; and (d) protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity.

For compliance with law; legal claims

We may use your personal information as we believe appropriate (a) under applicable law, including laws outside your country of residence; (b) to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (c) where permitted by law in connection with a legal investigation; (d) to enforce our terms and conditions; (e) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; (f) to prosecute or defend legal claims; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

With your consent

In some cases we may ask for your consent to collect, use or share your personal information, such as when you let us post your testimonials or endorsements in the Services. 

HOW YOUR PERSONAL INFORMATION MAY BE DISCLOSED

We will never sell or rent your Personal Information, or share your Personal Information without your express consent, except as described in this Privacy Policy.  We may disclose personal information to third parties as disclosed below:

  • Service Providers.  We may share your personal information with our third party service provides so that they may administer and provide the Services on our behalf, or  provide other services such as marketing, billing, data analysis, customer service, email delivery, auditing, and other services. 
  • Affiliates; Corporate Restructuring. We may disclose your personal information to our subsidiaries and corporate affiliates for use consistent with this Privacy Policy.  We may also disclose your personal information to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar disclose your personal information as we believe necessary or appropriate: (a) under applicable law, including laws outside your country of residence; (b) to comply with applicable laws, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities; (c) where permitted by law in connection with a legal investigation; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; (g) to prosecute or defend legal claims; and (h) to allow us to pursue available remedies or limit the damages that we may sustain.
  • Compliance with Laws and Law Enforcement; Protection and Safety. We may disclose your personal information as we believe appropriate to government or law enforcement officials or private parties (a) for the security, compliance, fraud prevention and safety purposes described above; (b) as required by law, lawful requests or legal process, such as to respond to subpoenas or requests from government authorities; (c) where permitted by law in connection with any legal investigation; and (d) to prosecute or defend legal claims.

OTHER INFORMATION


Other Information We May Collect

“Other Information” is any information that does not reveal your specific identity or does not directly relate to an individual, such as:

  • Browser and device information
  • Information collected through cookies, pixel tags and other technologies
  • Demographic information
  • Aggregated information

If we are required to treat Other Information as Personal Information under applicable law, then we may use it for the purposes for which we use and disclose Personal Information as detailed in this Policy.

How We May Collect Other Information

We and our third-party service providers may collect Other Information in a variety of ways, which we describe in our Cookies and Similar Technologies Notice in this Privacy Policy.

HOW WE MAY USE AND DISCLOSE OTHER INFORMATION

We may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. In some instances, we may combine Other Information with Personal Information. If we do, we will treat the combined information as Personal Information as long as it is combined.

THIRD PARTY SITES AND SERVICES

This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by us or by our affiliates.

SECURITY

We seek to use reasonable organizational, technical, and administrative measures to protect Personal Information within our organization. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure and we cannot guarantee the security of your information.

INTERNATIONAL DATA USE 

BigID is headquartered in the United States and has affiliates and service providers in other countries, and your personal information may be collected, used and stored in the United States or other locations outside of your home country.  Privacy laws in the locations where we handle your personal information may not be as protective as the privacy laws in your home country. 

European Union users should read the important information provided here about transfer of personal information outside of the European Economic Area.

YOUR CHOICES AND ACCESS

Access, Update, Correct or Delete Your Information

All Website users who provide their personal information to request a trial or schedule a demo may review, update, correct or delete the personal information they provided during registration by contacting us at privacy@bigid.com.

Marketing communications

You may opt out of marketing-related emails by logging in and changing your account settings or by following the opt-out prompt in the email.  You may continue to receive Services-related and other non-marketing emails.

Testimonials

If you gave us consent to post a testimonial to our site, but wish to update or delete it, please contact us at privacy@bigid.com

Choosing not to share your personal information

If you do not provide information indicated as required or mandatory within the Services, or that is otherwise necessary to provide a requested service or feature within the Services, that portion or all of the Services may be unavailable to you.

Tracking and Targeted Advertising

We may allow service providers and other third parties to use cookies and other tracking technologies to track your browsing activity over time and across the Services and third party websites.  For example, we may partner with third party advertisers to manage our advertising on other sites. These advertisers may also provide you targeted ads based upon your interests on third-party sites. We also use third party website analytics services that help us analyze users’ interactions with the Website. For more details, see the Cookies and Similar Technologies Notice. Some advertising networks allow you to opt out of targeted advertising.  For more information, visit http://www.aboutads.info/choices/ or http://www.youronlinechoices.com.

Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to do not track or similar signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

In some of our communications, we track clicks on links in the communications to content in the Services to help us measure the effectiveness of our communications.

Social Media Widgets

Our Services may include social media features, such as the Facebook “like” button and widgets, such as the “share this” button. These features may collect your personal information and track your use of the Services. These social media features are either hosted by a third party or hosted directly in the Services. Your interactions with these features are governed by the privacy policy of the company providing such functionality.

Third Party Sites and Services

The Services may contain links to other websites and services operated by third parties, such as social media platforms, advertising services and other websites and applications.  These links are not an endorsement of, or representation that we are affiliated with, any third party. We do not control third-party websites, applications or services, and are not responsible for their actions. Other websites and services follow different rules regarding their collection, use and disclosure of your personal information. We encourage you to read their privacy policies to learn more.

User-Generated Content

We may make available in the Services, or link to, features that allow you to share information online (e.g., on message boards, in chat areas, in file uploads, through events, etc.). Please be aware that whenever you voluntarily disclose personal information online, that information becomes public and can be collected and used by others. We have no control over, and take no responsibility for, the use, storage or dissemination of such publicly-disclosed personal information. By posting personal information online in public forums, you may receive unsolicited messages from other parties.

USE OF SERVICES BY MINORS

The Website and Services are not directed to individuals under the age of thirteen (13), and we request that they not provide Personal Information through the Services.  If we learn that any user of the Services is under the age of 13, we will take appropriate steps to delete that individual’s personal information and restrict that individual from future access to the Services.

UPDATES TO THIS PRIVACY POLICY

We may change this Privacy Policy from time to time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make material changes to this Privacy Policy we will notify you by email (if you have an account linked to a valid email address) or another manner through the Services that we believe is reasonably likely to reach you.

The “LAST UPDATED” legend at the top of the page indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services. Your use of the Services following these changes means that you accept the revised Privacy Policy.

CONTACT US

If you have any questions or concerns about this Privacy Policy, please contact us.

BigID, Inc.
524 Broadway
New York, NY 10012

Attention: Privacy Officer
Email: privacy@bigid.com

Additional Information for European Union Users

Personal information

References to “personal information” in this Privacy Policy are equivalent to “personal data” governed by European data protection legislation.

Controller and EU Representative

BigID is the controller of your personal information covered by this Privacy Policy for purposes of European data protection legislation and you can contact us and our Privacy Officer using the contact details listed in the Contact Ussection above. Our EU representative is:

Data Protection Representatives

Office 29, Clifton House,
Fitzwilliam Street Lower,
Dublin, Ireland
Email: datainquiry@dpr.eu.com

Legal bases for processing

We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below.  If you have questions about the legal basis of how we process your personal information, contact us at privacy@bigid.com.

 

Processing purpose
(reference applicable section in this Privacy Policy for details)
Legal basis
To provide the Services You have entered a contract with us and we need to use your personal information to provide services you have requested or take steps that you request prior to providing services.
To send you marketing communications
To deliver you advertising
For security, compliance, fraud prevention and safety
To prosecute or defend legal claims These processing activities constitute our legitimate interests. We consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. We do not use your personal information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
For compliance with law Processing is necessary to comply with our legal obligations.
With your consent Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated in the Services or by contacting us at privacy@bigid.com.

Use for new purposes

We may use your personal information for reasons not described in this Privacy Policy where permitted by law and the reason is compatible with the purpose for which we collected it.  If we need to use your personal information for an unrelated purpose, we will notify you and explain the applicable legal basis.

Retention

We will only retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your rights

European data protection laws give you certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:

  • Opt-out. Stop sending you direct marketing communications.  You may continue to receive Services-related and other non-marketing communications.
  • Access.  Provide you with information about our processing of your personal information and give you access to your personal information.
  • Correct.  Update or correct inaccuracies in your personal information.
  • Delete.  Delete your personal information.
  • Transfer.  Transfer a machine-readable copy of your personal information to you or a third party of your choice.
  • Restrict.  Restrict the processing of your personal information.
  • Object. Object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights. 

You can submit these requests by email to privacy@bigid.com or our postal address provided above.  We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request.  If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us or submit a complaint to the data protection regulator in your jurisdiction.  You can find your data protection regulator at http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

CROSS-BORDER TRANSFER

The Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the United States. Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you consent to the transfer of information to countries outside of your country of residence, including the United States. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.