Effective date: Nov 26, 2024
‍
At Nudge Security, we take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data. By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use and share your information as described in this Privacy Policy.Â
‍
Remember that your use of Nudge Security's Services is at all times subject to our Terms of Use, which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Use.
‍
You may print a copy of this Privacy Policy by clicking here.
‍
What this Privacy Policy Covers
‍
     Personal Data
     How We Share Your Personal Data
     Tracking Tools and Opt-Out
     Data Security and Retention
     Personal Data of Children
     California Resident Rights
     Other State Law Privacy Rights
     European Union Data Subject Rights
     Changes to this Privacy Policy
     Contact Information
‍
This Privacy Policy covers how we treat Personal Data that we gather when you access or use our Services. “Personal Data” means any information that identifies or relates to a particular individual and also includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules or regulations. This Privacy Policy does not cover the practices of companies we don’t own or control or people we don’t manage.
‍
This chart details the categories of Personal Data that we collect and have collected over the past 12 months:
‍
‍
In addition, for browser extensions that we use with our Services, we collect the following additional Personal Data: your authentication activity across websites; your use of API keys and web hooks; and your use of OAuth grants
‍
We collect Personal Data about you from the following categories of sources:
‍
You
     When you provide such information directly to us.
‍
When you use the Services and such information is collected automatically.
‍
Public Records
‍
Third Parties
‍
‍
Providing, Customizing and Improving the Services
‍
Marketing the Services
‍
Corresponding with You
‍
Meeting Legal Requirements and Enforcing Legal Terms
We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated or incompatible purposes without providing you notice.
‍
‍
We disclose your Personal Data to the categories of service providers and other parties listed in this section. Depending on state laws that may be applicable to you, some of these disclosures may constitute a “sale” of your Personal Data. For more information, please refer to the state-specific sections below.
‍
Service Providers
These parties help us provide the Services or perform business functions on our behalf. They include:
Analytics Partners.
These parties provide analytics on web traffic or usage of the Services. They include:
‍
Legal Obligations
We may share any Personal Data that we collect with third parties in conjunction with any of the activities set forth under “Meeting Legal Requirements and Enforcing Legal Terms” in the “Our Commercial or Business Purposes for Collecting Personal Data” section above.
‍
Business Transfers
All of your Personal Data that we collect may be transferred to a third party if we undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.
‍
Data that is Not Personal Data
We may create aggregated, de-identified or anonymized data from the Personal Data we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified or anonymized data and share it with third parties for our lawful business purposes, including to analyze, build and improve the Services and promote our business, provided that we will not share such data in a manner that could identify you. Â
‍
‍
‍
The Services use cookies and similar technologies such as pixel tags, web beacons, clear GIFs and JavaScript (collectively, “Cookies”) to enable our servers to recognize your web browser, tell us how and when you visit and use our Services, analyze trends, learn about our user base and operate and improve our Services. Cookies are small pieces of data– usually text files – placed on your computer, tablet, phone or similar device when you use that device to access our Services. We may also supplement the information we collect from you with information received from third parties, including third parties that have placed their own Cookies on your device(s). Please note that because of our use of Cookies, the Services do not support “Do Not Track” requests sent from a browser at this time.
‍
We use the following types of Cookies:
‍
You can decide whether or not to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit our website and some of the Services and functionalities may not work.
‍
To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about Cookies, including information about how to manage and delete Cookies, please visit http://www.allaboutcookies.org/ or https://ico.org.uk/for-the-public/online/cookies/ if you are located in the European Union.
‍
‍
We seek to protect your Personal Data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of Personal Data and how we are processing that data. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account. Although we work to protect the security of your account and other data that we hold in our records, please be aware that no method of transmitting data over the internet or storing data is completely secure.
‍
We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you with our Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.
‍
‍
As noted in the Terms of Use, we do not knowingly collect or solicit Personal Data about children under 16 Â years of age; if you are a child under the age of 16, please do not attempt to register for or otherwise use the Services or send us any Personal Data. If we learn we have collected Personal Data from a child under 16 years of age, we will delete that information as quickly as possible. If you believe that a child under 16 years of age may have provided Personal Data to us, please contact us at support@nudgesecurity.com.
‍
‍
If you no longer want to receive marketing related emails from us on a going-forward basis, you may opt out by using the unsubscribe link provided at the bottom of each such email. If you opt out, we may still send you important administrative messages, from which you cannot opt out.
‍
If you prefer that we discontinue sharing your Personal Information on a going-forward basis with third parties for their direct marketing purposes, you may opt out of the sharing by contacting us at support@nudgesecurity.com.
‍
You can update your Personal Information by contacting customer service at support@nudgesecurity.com.
‍
‍For residents of the following states: Please see “Additional Information for Residents of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, New Hampshire, Nebraska, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia,” below, for additional information about your rights.
‍
‍
‍
If you reside in the European Economic Area, this section applies to you.Â
‍
Legal Basis for Processing. When we process your personal information, we will do so in reliance on the following lawful bases:
‍
Your Privacy Rights. You have the right to (1) request to know more about and access your personal information, including in a portable format, (2) request deletion of your personal information, (3) request correction of inaccurate personal information, (4) request restriction of processing of your personal information, and (5) object to the processing of your personal information for certain purposes. To exercise any of these rights, please us at support@nudgesecurity.com. If you have a concern about our processing of personal information that we are not able to resolve, you have the right to lodge a complaint with the Data Protection Authority where you reside. Contact details for your Data Protection Authority can be found using the links below:
‍
SENSITIVE INFORMATION
Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., Social Security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, or criminal background) on or through the Services or otherwise to us.
‍
THIRD-PARTY PAYMENT SERVICE
The Services may provide functionality allowing you to make payments using a third-party payment service with which you have created your own account. When you use such a service to make a payment to us, your Personal Information will be collected by such third party and not by us and will be subject to the third party’s privacy policy, rather than this Privacy Policy. We have no control over, and are not responsible for, any such third party’s collection, use, or disclosure of your Personal Information.
‍
UPDATES TO THIS PRIVACY POLICY
The “UPDATED” or “LAST UPDATED” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes will become effective when we post the revised Privacy Policy on the Services. Â
‍
CONTACT US:
If you have any questions about this Privacy Policy, please contact us at support@nudgesecurity.com.
‍
Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us.Â
    Â
ADDITIONAL DISCLOSURESÂ
This section supplements the above Privacy Policy and provides additional details regarding our collection, use, and disclosure of Personal Information relating to residents of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, New Hampshire, Nebraska, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia.
‍
Collection, Disclosure, Sale, Sharing, and Processing of Personal Information
The following chart details which categories of Personal Information we collect, process, and disclose, including for purposes of targeted advertising. Â
‍
‍
‍
‍
Subject to applicable law, you may make the following requests:Â
‍
    Â
We will not unlawfully discriminate against you for exercising your rights under applicable privacy law. To make a privacy request, please contact us at support@nudgesecurity.com  stating your specific request. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you, such as name, email address, or phone number, in order to verify your identity and protect against fraudulent requests. If you make a request to delete, we may ask you to confirm your request before we delete your Personal Information.Â
    Â
To request to opt out of any future “sales” of your Personal Information and/or “sharing” of your Personal Information for purposes of cross-context behavioral advertising or any future processing for purposes of targeted advertising, please contact us at support@nudgesecurity.com
‍
If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, New Hampshire, Nebraska, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia and we refuse to take action on your request, you may appeal our refusal within a reasonable period after you have received notice of the refusal. You may file an appeal by contacting us at support@nudgesecurity.com.
‍
Authorized Agents    Â
If an agent would like to make a request on your behalf as permitted under applicable law, they may use the submission methods outlined above. As part of our verification process, we may request that the agent provide proof concerning their status as an authorized agent. In addition, we may require that you verify your identity as described above or confirm that you provided the agent permission to submit the request.
‍
De-Identified InformationÂ
If we maintain or use de-identified information, we will continue to maintain and use it only in a de-identified fashion and will not attempt to re-identify the information.