(Last updated: May 21, 2018)
DATA COLLECTION AND USE
DATA COLLECTION VIA PRODUCTS AND SERVICES
GigaNetworks delivers security solutions to help protect organizations from advanced cyberattacks. We offer 3rd party solutions that provide application control, endpoint detection and response, and next generation antivirus products and services to a diverse customer base. Our goal is to empower our customers’ security teams, protect endpoints from attacks, detect attacks in progress and enable rapid response.
In order to protect our customers from attackers, GigaNetworks collects various information from our customers. Most of the information we collect through our Products and Services is metadata, for example, data about access to our website, login times, and what operating systems are being utilized. Depending on local laws, some of the data we collect may be considered personal information. For example, IP addresses and device ID names may be considered personal information in some jurisdictions. Also, we may collect personal information if it appears within usernames, filenames, file paths, and machine names. However, we only use the data that we collect through our Products and Services to help our customers and improve our capabilities in the way described in our more specific Product and Service documentation and agreements.
For example, to the extent permitted by applicable law and, for customer data, pursuant to our agreements with our customers, GigaNetworks may use the information, including personal data, collected in connection with our Products and Services:
- To provide, operate, secure, support, personalize, and improve our Products and Services;
- To adapt products and services to respond to new threats and develop new feature, products or services;
- To participate in threat intelligence networks and conduct research and analysis;
- To send customers and other users information regarding our Products and Services or those of our vendors;
- To provide customer support, manage customer accounts, respond to requests, questions, and comments, and to work with our vendors;
- To meet our contractual requirements, to comply with legal or regulatory requirements and our policies, to protect against criminal activity, claims and other liabilities;
- To take actions necessary to protect and/or to defend GigaNetworks’ rights and property (including intellectual property);
- To protect against misuse or unauthorized use of our Products and Services;
- For other legitimate purposes.
DATA COLLECTION VIA WEBSITES/WEB PORTALS
We offer all visitors an ability to register with GigaNetworks. Registration is not required, except for access to our premium content areas. The registration form may require users to give us the following information:
- The user’s first and last name
- The user’s company or organization
- A valid telephone number for the user
- A valid e-mail address for the user
- The state or province in which the user is located
- The country in which the user is located
If a customer contacts us for customer support through our websites, we may also request that customer provide additional user information relevant to the support requested by customer. Users are under no obligation to provide such information. However, we cannot guarantee that we can provide customer support in the event that relevant information related to the use of our Products and Services is withheld.
As you navigate through and interact with our websites, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns, including: Cookies, user data for sales tools, tracking codes in coordination with offers made on social media sites, and visitor IP addresses and domain names for reporting and website usage analysis. This information is reported internally and then purged periodically.
User Information may be compiled into user profiles that are maintained by GigaNetworks (or by third party services used by GigaNetworks to manage customer information), and may be used for the following purposes:
- To send you information about GigaNetworks, product updates, special offers, and newsletters
- To provide customer support for GigaNetworks Products and Services
- To initiate or to respond to a subpoena, investigative demand, or other discovery request that is properly served pursuant to state or federal law
- To take actions necessary to protect and/or to defend GigaNetworks’ rights and property (including intellectual property)
- To protect against misuse or unauthorized use of our websites
User information will only be shared with a third party with assurances from such third party that it (1) will not use or disclose User Information for purposes of solicitation or direct marketing, and (2) will keep the information secure using methods comparable to, or more secure than, the security methods used by GigaNetworks. To the extent that you provide user information to us concerning third parties, including information regarding your company, that information will be subject to the same conditions as set forth above.
California Civil Code Section 1798.83 permits California residents to request a notice from us describing which categories of personal information we have shared with third parties or corporate affiliates for those third parties or corporate affiliates’ direct marketing purposes within the last calendar year, and the name and address of such parties. If you are a California resident and would like a copy of this notice, please send an email to email@example.com with “California Privacy Rights Request” in the subject line.
NOTICE REGARDING CHILDREN’S DATA
Our website and our Products and Services are not intended for children under 13 years of age. No one under age 13 may provide any information to or on our websites or our Products and Services. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on our websites, or our Products and Services, or on or through any of the features, including registration features, use any of the interactive or public comment features of the website or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org.
RESPONSIBILITIES AND MANAGEMENT
GigaNetworks will maintain, monitor, test, and upgrade information security policies, practices, and systems to assist in protecting the personal data that it collects. GigaNetworks personnel will receive training, as applicable, to effectively implement this Policy.
COLLECTION AND USE OF PERSONAL DATA
GigaNetworks provides Products and Services to Customers. GigaNetworks may collect personal data on behalf of and under the instructions of our Vendors in connection with the Product and Services. In that context, Vendors are the data controllers and the roles and responsibilities of the parties for the processing of personal data are defined in our agreements with our Customers and Vendors. When providing the Products and Services, GigaNetworks may process and retains personal information as necessary to provide the Products and Services as permitted in our agreement with Customers, or as required or permitted under applicable law.
To the extent permitted by applicable law, we may collect data in an automated manner and make automated decisions, including using machine learning algorithms, in order to provide or optimize the Products and Services, for security or analytics purposes, to prevent fraud, to ensure network and information security, to prevent unauthorized access to electronic communications networks and to stop damage to computer and electronic communication systems, or to report possible criminal acts or threats to public security to a competent authority (if requested by our customers), and to display advertisements and offers based on the preferences of our customers or potential customers.
DISCLOSURES / ONWARD TRANSFERS OF PERSONAL DATA
GigaNetworks’ Vendor’s Products and Services may be provided using resources and servers located in various countries around the world, including the United States and other countries. Therefore, personal data about individuals or customers may be transferred, processed and stored outside the country where the GigaNetworks Services are used, including to countries outside the European Union (“EU”), European Economic Area (“EEA”) or Switzerland, where the level of data protection may not be deemed adequate by the European Commission. The safeguards GigaNetworks provides are as set forth above.
In the context of an onward transfer, GigaNetworks is responsible for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. GigaNetworks shall remain liable under the Privacy Shield Principles if an agent of GigaNetworks processes such personal information in a manner inconsistent with the Privacy Shield Principles, unless GigaNetworks is not responsible for the event giving rise to the damage.
GigaNetworks may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.
DATA INTEGRITY AND SECURITY
GigaNetworks uses reasonable efforts to maintain the accuracy and integrity of personal data and to update it as appropriate. GigaNetworks has implemented physical and technical safeguards to protect personal data from loss, misuse, and unauthorized access, disclosure, alternation, or destruction. GigaNetworks also employs access restrictions, limiting the scope of employees who have access to personal data. Further, GigaNetworks uses secure encryption technology to protect certain categories of personal data. Despite these precautions, no data security safeguards guarantee 100% security all of the time.
LEGAL BASES OF PROCESSING
GigaNetworks generally does not have a direct relationship with employees, contractors and other data subjects of GigaNetworks customers companies and organizations. Therefore, customers must comply with all applicable legal requirements when providing personal data to GigaNetworks or in allowing the collection and processing of personal data through the customer’s use of the Products and Services, including, without limitation, if applicable, the obligation to obtain consent from their employees, contractors and other data subjects prior to using the GigaNetworks Products and Services to collect personal information from such individuals, or, if applicable, rely on another legitimate basis, such as ensuring network and information security, including preventing unauthorized access to electronic communications networks and stopping damage to computer and electronic communication systems.
ACCESSING PERSONAL DATA
GigaNetworks personnel may access and use personal data only if they are authorized to do so and only for the purpose for which they are authorized.
When providing the Products and Services, GigaNetworks retains personal data for at least 30 days as long as our customer’s account is active, or as necessary to provide the Products and Services as permitted in our agreement with customers, to resolve any billing disputes, as needed for compliance audits and assessments, or as required or permitted under applicable law. We may retain aggregated anonymized or de-identified data for longer periods of time, in accordance with applicable law and any applicable customer agreement if such data was extracted from customer data.
RIGHTS REGARDING PERSONAL DATA
DATA COLLECTION VIA PRODUCTS AND SERVICES
GigaNetworks only processes and discloses the personal data related to our Products and Services as specified in the agreements with our Customers. GigaNetworks’ customers control how personal data is disclosed to us and processed, and how it can be modified. Accordingly, if you want to request access, or to limit use or disclosure of your personal data, please contact the company to which you submitted your personal data and that uses the GigaNetworks Products and Services. If you contact GigaNetworks and provide the name of the customer to which you provided your personal data, we will refer your request to that customer and support them in responding to your request.
DATA COLLECTION VIA WEBSITE/WEB PORTALS
GigaNetworks customers may review its own personal data stored in the databases and correct, erase, or block any data that is incorrect, to the extent required by applicable law and permitted by GigaNetworks’ customers (if such data was collected by or on behalf of a GigaNetworks customer) GigaNetworks policies. Upon reasonable request and as required by the Privacy Shield principles, GigaNetworks allows customers access to their personal data, in order to correct or amend such data where inaccurate.
GigaNetworks will track each of the following and will provide notice to the appropriate parties under law and contract, to the extent permitted under applicable law, when either of the following circumstances arise: (a) legally binding request for disclosure of the personal data by a law enforcement authority, unless prohibited by law or regulation; or (b) requests received from the data subject. If GigaNetworks receives a request for access to his/her personal data from an individual whose data was collected by or on behalf of a GigaNetworks customer, then, unless otherwise required under law or by contract with such Customer, GigaNetworks will refer such individual to the customer.
DATA SUBJECT RIGHTS
Individuals may have one or more of the following additional rights regarding their personal data, depending on their country of residence and, if their data is collected by or on behalf of a GigaNetworks customer, depending on such customer’s policies and agreements with GigaNetworks:
- Access. To request a copy of the personal data we have collected about such individual.
- Rectification & Erasure. To request that we rectify or delete any of the personal data about such individual that is incomplete, incorrect, unnecessary or outdated.
- Objection. To object, at any time, to personal data being processed for direct marketing purposes.
- Restriction of processing. To request restriction of processing of personal data about such individual for certain reasons, such as, for example, if such individual considers personal data collected by us to be inaccurate or has objected to the processing and the existence of legitimate grounds for processing is still under consideration.
- Data Portability. To request and receive the personal data we have collected about such individual in a commonly used and machine-readable form.
- Right to Withdraw Consent. If personal data about such individual is processed solely based on consent and not for any other legitimate interest, to withdraw consent at any time, without affecting the lawfulness of our processing based on such consent before it was withdrawn, including processing related to existing contracts for our Products and Services.
- Right to Lodge a Complaint with a DPA. If an individual believes our processing of personal data about such individual is inconsistent with the applicable data protection laws, to lodge a complaint with such individual’s local supervisory data protection authority (“DPA”).
GigaNetworks will endeavor to respond in a timely manner to all reasonable written requests to exercise any of the rights listed above. Such requests must be made by contacting us as set forth below, and including sufficient details so that we are able to understand the request and respond. If the request relates to data collected by or on behalf of a GigaNetworks customer, we will first refer the individual to such customer and our ability to take any action requested is subject to our underlying agreement with such customer and applicable laws.
CHANGES TO THIS POLICY
This Policy may be amended from time to time, consistent with the Privacy Shield Principles and applicable data protection and privacy laws and principles. If we make material changes in how we use personal information, we will provide notification by email if feasible or by means of a notice on this website. We encourage customers and users to periodically review this page for the latest information on our privacy practices.
ENFORCEMENT AND DISPUTE RESOLUTION
In compliance with the Privacy Shield Principles, GigaNetworks commits to endeavor to promptly resolve complaints about privacy and our collection or use of personal information. Individuals with questions or concerns about the use of their personal data should contact us at: email@example.com and identify the company or other organization with whom they are affiliated or for whom their data was collected, if collection was for a GigaNetworks customer.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
835 NE 79th St, Miami, FL 33138