Anodot Ltd. (“Anodot “, “we“, “our” or “us“) develops and operates an innovative SaaS platform (the “Platform“), used by organizations and businesses across the world (each, a “Customer“) for real time analytics and automated business incidents in their systems, websites or assets.
We also operate the website www.anodot.com, its subdomains, pages and related features (the “Site“, and together with the Platform – the “Services“).
This Privacy Notice describes the Personal Data we typically receive or collect whenever someone visits our Site (a “Visitor“) or uses the Services on behalf of our Customer (a “User“), as well as the Personal Data we may receive from third parties, regarding our Users or potential customers (a “Prospect“).
It also describes how and for which purposes we may use such data, where we store and for how long we retain it, with whom we may share it, our use of tracking technologies and communications, our security practices, your choices and rights (whether you are a Visitor, a Prospect or a User, “you“) regarding such data, and how to contact us if you have any concerns regarding this Notice or your Privacy.
Please read this Notice and make sure that you fully understand and agree with it. If you do not agree to this Notice, please discontinue and avoid using our Services. You are not legally required to provide us with any data, or to have such data collected about you, but unless we receive certain data, we will not be able to provide you with our Services (or certain parts of our Services).
1. Collecting Personal Data
We collect the following main types of data (which, to the extent it relates to an identified or identifiable individual, is deemed as “Personal Data“):
- Data automatically collected or generated about a person: when someone visits, interacts with or uses our Services, including any e-mail or text messages sent to them by us or via our Services, we may collect or generate certain technical data about them. We collect or generate such data either independently or with the help of third party services (as detailed in Section 4 below), including through the use of “cookies” and other tracking technologies (as further detailed in Section 5 below).
Such data mainly consists of technical or aggregated usage data, such as IP address, non-identifying data regarding a device, operating system and browser, and user activity on our Services. We do not use such data to learn about a person’s true identity or contact details, and it mostly serves us to better understand how our users typically use and engage with our Services and to improve our marketing campaigns and engagements, as well as the overall performance of our Services.
- Data received from you: you may provide us with your Personal Data voluntarily, such as your name, company and position, contact details (such as business e-mail, phone and address), account login details (such as usernames and hashed passwords), and other data you choose to provide when you use our Services, create a User account or contact us. You may also provide us additional details concerning your organization (our Customer), such as billing details, business needs and preferences. To the extent that such data concerns a non-human entity, we do not regard it as “Personal Data” and this Notice shall not apply to it.
- Data received from third parties: we may receive your Personal Data from other sources. For example, if you participate in an event or webinar that we sponsor or participate in, we may receive your Personal Data from the event organizers. We may also receive your contact and professional details (e.g., your name, company, position, contact details and professional experience, preferences and interests) from our business partners, customers or services provides, and through the use of tools and channels commonly used for connecting between companies and individuals in order to explore potential business and employment opportunities, such as LinkedIn.
- Non-personal (anonymous) Data: such Non-personal Data does not and may not relate or refer to any specific individual, and we therefore do not regard it as “Personal Data” and may use it without restriction, for example to aggregate data for industry benchmarks or comparative performance metrics, that we might publish from time to time.
2. Using your Personal Data
We use your Personal Data as necessary for the performance of our Services, for complying with applicable law, and based on our legitimate interests in maintaining, improving and advertising our Services and offerings, understanding how our Services are used or how our Customers, Users and Prospects would like to use them, using more effective marketing and advertising strategies and methods, improving our customer service and support operations, and protecting and securing our Services, ourselves and our Customers and Users.
Accordingly, we use Personal Data for the following purposes:
- To facilitate, operate, and provide our Services;
- To authenticate the identity of our Users and allow them access to the Platform and any additional features;
- To provide our Users and Customers with customer care, assistance and technical support services;
- To further develop, customize and improve the Services, and to improve your user experience, based on common or personal preferences, experiences and difficulties;
- To facilitate and improve our marketing and advertising strategies, and make them more effective;
- To contact our Visitors, Prospects, Users and Customers with general or personalized service-related notices, informational materials and promotional messages, in accordance with Section 6 below, and to facilitate, sponsor and offer certain events and promotions;
- To manage and assess risk, support and enhance our data security measures, including for the purposes of preventing and mitigating the risks of fraud, error or any illegal or prohibited activity;
- To monitor aggregate metrics and create aggregated statistical data, inferred non-personal data or anonymized or pseudonymized data, which we or our business partners and Customers may use to provide and improve our respective services and offerings;
- To act as permitted by, and to comply with, any legal or regulatory requirements; and
- To conduct any additional activities that may require the use of your Personal Data, for which we will request your specific approval in advance.
3. Storing and Retaining your Personal Data
Personal Data which is subject to this Privacy Notice may be maintained, processed, accessed and stored by Anodot and our authorized affiliates, Service Providers and business partners in and from various locations around the world, including the United States of America and the United Kingdom, as necessary for the proper facilitation, offering and delivery of our Services, or as may be required by law.
Anodot Ltd. is based in a jurisdiction which is considered by the European Commission to be offering an adequate level of protection for the Personal Data of EU Member State residents. Anodot Inc., our US subsidiary, is self-certified and adheres to the principles of the EU-U.S. Privacy Shield Framework. To learn more, please visit our Privacy Shield Notice.
While privacy laws may vary between jurisdictions, Anodot, its affiliates, Service Providers and business partners are each committed to protect Personal Data in accordance with this Notice and industry standards, regardless of any lesser legal requirements that may apply in their jurisdiction.
We retain Users Personal Data as instructed or authorized by our Customer, and thereafter in accordance with our data retention policy. We retain Visitors and Prospects Personal Data as reasonably necessary to establish, preserve and expand our mutual relationship, and thereafter in accordance with our data retention policy. If you wish us to delete your Personal Data, or have questions about our retention policy, please contact us at firstname.lastname@example.org.
4. Sharing your Personal Data
Compliance with Laws, Legal Orders and Authorities: We may allow government and law enforcement officials access to certain Personal Data, or otherwise share it with them, in response to a subpoena, search warrant or court order (or similar requirement), or in compliance with applicable laws and regulations. Such disclosure or access may occur if we have a good faith belief that we are legally compelled to do so, or that disclosure is appropriate in order to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other substantial wrongdoing.
Sharing User Personal Data with their organization: We may share with our Customer the Personal Data of their Users (including data concerning their user account on the Platform and communications). In such cases, sharing such data with our Customer means that other Users from your organization may receive it on its behalf, and will be able to monitor, process and analyze your Personal Data and associated content.
Please note that Anodot is not responsible or controls any further disclosure, use or monitoring by or on behalf of your organization.
Service Providers: We may engage selected third party companies and individuals to perform certain services complementary to our own (e.g. hosting and server co-location services, data analytics services (including Google Analytics, as further explained below), marketing agencies and advertising services, data and cyber security services, fraud detection and prevention services, customer engagement services, e-mail distribution and monitoring services, remote access services, and our business, legal and financial advisors) (collectively, “Service Providers“). These Service Providers may have access to your Personal Data, depending on each of their specific roles and purposes in facilitating and enhancing our Services, and may only use it for such purposes. Anodot remains responsible and liable for any Personal Data processing done by Service Providers on its behalf, other than for events outside of its reasonable control.
Protecting Rights and Safety: We may share your Personal Data with others, with or without notice to you, if we believe in good faith that this will help protect the rights, property or personal safety of Anodot, any of our Customers, Users or any members of the general public.
Anodot Subsidiaries and Affiliated Companies: We may share Personal Data internally within our family of companies, for the purposes described in this Notice, or with respect to any change in control, merger, acquisition or purchase of substantially all of Anodot’s assets. If we believe that such change in control might materially affect your Personal Data then stored with us, we will notify you of this event and the choices you may have via e-mail and/or prominent notice on our Services.
For the avoidance of doubt, Anodot may share your Personal Data in additional manners, pursuant to your explicit approval, or if we are legally obligated to do so, or we have successfully rendered such data non-personal. We may transfer, share or otherwise use non-Personal Data in our sole discretion and without the need for further approval.
5. Cookies and Tracking Technologies
Anodot and some of our Service Providers utilize “cookies”, anonymous identifiers and other tracking technologies which help us provide and improve our Services, personalize your experience, monitor the performance of our activities and campaigns, and enhance the stability, security and functionality of our Services.
In order for some of these technologies to work properly, a small data file (“cookie”) must be downloaded and stored on your device. Some cookies and other technologies serve to recall Personal Data, such as an IP address, and are used for purposes of session and user authentication, security, keeping the user’s preferences, connection stability, monitoring performance and generally providing and improving our Services.
While we do not change our practices in response to a “Do Not Track” signal in the HTTP header from a browser or mobile application, most browsers allow you to control cookies, including whether or not to accept them and to remove them. You may set most browsers to notify you if you receive a cookie, or you may choose to block cookies with your browser.
6. Communications from Anodot
Service Communications: we may contact you with important information regarding our Services. For example, we may notify you (through any of the means available to us) of changes or updates to our Services, billing issues, alerts and notifications concerning anomalies detected by our Services, etc.
Promotional Communications: we and our authorized partners (e.g., event or webinar co-sponsors) may also notify you about new services, events and special opportunities or any other information we think you will find valuable. Such notices may be provided through any of the contact means available to us (e.g. phone, mobile or e-mail), through the Services, or through our marketing campaigns on any other sites or platforms.
If you wish not to receive such promotional communications, you may notify Anodot at any time by e-mailing us at email@example.com or by following the “unsubscribe”, “stop” or “change e-mail preferences” instructions contained in the promotional communications you receive.
7. Personal Data Security
We are committed to securing your Personal Data, and use various security measures to better protect it. These include industry-standard physical, procedural and electronic security measures, as well as encryption tools and methods where deemed appropriate. However, please be aware that regardless of the security measures used, we cannot and do not guarantee the absolute protection and security of any Personal Data stored with us or with any third parties as described in Section 4 above.
8. Your Personal Data Subject Rights
If you wish to exercise your rights under applicable law (e.g. the EU GDPR) to request access to and rectification or erasure of your Personal Data held with Anodot, or to restrict or object to such Personal Data’s processing, or to port such Personal Data – please contact our Privacy team at firstname.lastname@example.org.
Please also note that we may require additional information and documents, including certain Personal Data, in order to authenticate and validate your identity and to process your request. Such additional data will then be retained by us for legal purposes (e.g. so we have proof of the identity of the person submitting the request), in accordance with our data retention policy.
9. Additional Notices
Updates and amendments: We may update and amend this Notice from time to time by posting an amended version on our Services. The amended version will be effective as of the published effective date. We will give you prior notice if any substantial changes are involved, via any of the communication means available to us, or on the Services. After such period, all amendments shall be deemed accepted by you.
External links: While our Services may contain links to other websites or services, we are not responsible for such websites or services privacy practices, and encourage you to pay attention when you leave our Services and read the privacy policies of each and every website and service you visit. This Notice applies only to our Services.
Children’s Privacy: Our Services are not designated to attract children under the age of 18. We do not knowingly collect Personal Data from children and do not wish to do so. If we learn that a child is using the Services, we will prohibit and block such use and will make all efforts to promptly delete any Personal Data stored with us with regard to such child. If you believe that we might have any such data, please contact us at email@example.com
Questions, Concerns or Complaints: If you have any comments or questions about this Privacy Notice or if you have any concerns regarding your Privacy, please contact us at firstname.lastname@example.org.
Representative in the EU: Anodot Limited (our UK subsidiary) has been appointed as Anodot’s representative in the European Union for data protection matters, pursuant to Article 27 of the GDPR, and may be contacted on matters related to the processing of Personal Data. To make such an inquiry, please e-mail email@example.com. If you are a GDPR-protected individual, you also have the right to lodge a complaint with an EU supervisory authority.
Effective Date: October 31, 2018