Privacy Policy

Effective date: Nov 26, 2024

‍

At Nudge Security, we take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data. By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use and share your information as described in this Privacy Policy. 

‍

Remember that your use of Nudge Security's Services is at all times subject to our Terms of Use, which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms of Use.

‍

You may print a copy of this Privacy Policy by clicking here.

‍

Privacy Policy Table of Contents

What this Privacy Policy Covers

‍

     Personal Data

  • Categories of Personal Data We Collect
  • Categories of Sources of Personal Data
  • Our Commercial or Business Purposes for Collecting Personal Data

     How We Share Your Personal Data

     Tracking Tools and Opt-Out

     Data Security and Retention

     Personal Data of Children

     California Resident Rights

     Other State Law Privacy Rights

     European Union Data Subject Rights

     Changes to this Privacy Policy

     Contact Information

‍

What this Privacy Policy Covers

This Privacy Policy covers how we treat Personal Data that we gather when you access or use our Services. “Personal Data” means any information that identifies or relates to a particular individual and also includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules or regulations. This Privacy Policy does not cover the practices of companies we don’t own or control or people we don’t manage.

‍

Personal Data

Categories of Personal Data We Collect

This chart details the categories of Personal Data that we collect and have collected over the past 12 months:

‍

Category of Personal Data Examples of Personal Data We Collect Categories of Third Parties With Whom We Share this Personal Data:
Profile or Contact Data • First and last name
• Email
• Analytics Partners
• Payment Data • Payment card type
• Last 4 digits of payment card
• Bank account information
• Billing address, phone number, and email
• Service Providers (specifically our payment processing partner, currently Stripe, Inc.)
Commercial Data • Purchase history
• Records of personal property
Web Analytics • Web page interactions
• Non-identifiable request IDs
• Analytics Partners
Consumer Demographic Data • Zip code • Service Providers (specifically, our payment processor, currently Stripe, Inc.)

‍

In addition, for browser extensions that we use with our Services, we collect the following additional Personal Data: your authentication activity across websites; your use of API keys and web hooks; and your use of OAuth grants

‍

Categories of Sources of Personal Data

We collect Personal Data about you from the following categories of sources:

‍

You

     When you provide such information directly to us.

  • When you create an account or use our interactive tools and Services.
  • When you voluntarily provide information in free-form text boxes through the Services or through responses to surveys or questionnaires.
  • When you send us an email or otherwise contact us.

‍

When you use the Services and such information is collected automatically.

  • Through Cookies (defined in the “Tracking Tools and Opt-Out” section below).
  • If you use a location-enabled browser, we may receive information about your location.
  • If you download and install certain applications and software we make available, we may receive and collect information transmitted from your computing device for the purpose of providing you the relevant Services, such as information regarding when you are logged on and available to receive updates or alert notices.

‍

Public Records

  • From the government or other sources.

‍

Third Parties

  • Vendors
    • We may use analytics providers to analyze how you interact and engage with the Services, or third parties may help us provide you with customer support.
    • We may use vendors to obtain information to generate leads and create user profiles.
  • Advertising Partners
    • We receive information about you from some of our vendors who assist us with marketing or promotional services related to how you interact with our websites, applications, products, Services, advertisements or communications.
  • Social Networks
    • If you provide your social network account credentials to us or otherwise sign in to the Services through a third-party site or service, some content and/or information in those accounts may be transmitted into your account with us.

‍

Our Commercial or Business Purposes for Collecting Personal Data

‍

Providing, Customizing and Improving the Services

  • Creating and managing your account or other user profiles.
  • Processing orders or other transactions; billing.
  • Providing you with the products, services or information you request.
  • Meeting or fulfilling the reason you provided the information to us.
  • Providing support and assistance for the Services.
  • Improving the Services, including testing, research, internal analytics and product development.
  • Personalizing the Services, website content and communications based on your preferences.
  • Doing fraud protection, security and debugging.
  • Carrying out other business purposes stated when collecting your Personal Data or as otherwise set forth in applicable data privacy laws, such as the California Consumer Privacy Act (the “CCPA”).

‍

Marketing the Services

  • Marketing and selling the Services.

‍

Corresponding with You

  • Responding to correspondence that we receive from you, contacting you when necessary or requested, and sending you information about Nudge Security or the Services.
  • Sending emails and other communications according to your preferences or that display content that we think will interest you.

‍

Meeting Legal Requirements and Enforcing Legal Terms

  • Fulfilling our legal obligations under applicable law, regulation, court order or other legal process, such as preventing, detecting and investigating security incidents and potentially illegal or prohibited activities.
  • Protecting the rights, property or safety of you, Nudge Security or another party.
  • Enforcing any agreements with you.
  • Responding to claims that any posting or other content violates third-party rights.
  • Resolving disputes.

We will not collect additional categories of Personal Data or use the Personal Data we collected for materially different, unrelated or incompatible purposes without providing you notice.

‍

‍

How We Share Your Personal Data

We disclose your Personal Data to the categories of service providers and other parties listed in this section. Depending on state laws that may be applicable to you, some of these disclosures may constitute a “sale” of your Personal Data. For more information, please refer to the state-specific sections below.

‍

Service Providers

These parties help us provide the Services or perform business functions on our behalf. They include:

  • Hosting, technology and communication providers.
  • Security and fraud prevention consultants.
  • Support and customer service vendors.
  • Product fulfillment and delivery providers.
  • Payment processors.
    • Our payment processing partner Stripe, Inc. (“Stripe”) collects your voluntarily-provided payment card information necessary to process your payment.
    • Please see Stripe’s terms of service and privacy policy for information on its use and storage of your Personal Data.

Analytics Partners.

These parties provide analytics on web traffic or usage of the Services. They include:

  • Companies that track how users found or were referred to the Services.
  • Companies that track how users interact with the Services.

‍

Legal Obligations

We may share any Personal Data that we collect with third parties in conjunction with any of the activities set forth under “Meeting Legal Requirements and Enforcing Legal Terms” in the “Our Commercial or Business Purposes for Collecting Personal Data” section above.

‍

Business Transfers

All of your Personal Data that we collect may be transferred to a third party if we undergo a merger, acquisition, bankruptcy or other transaction in which that third party assumes control of our business (in whole or in part). Should one of these events occur, we will make reasonable efforts to notify you before your information becomes subject to different privacy and security policies and practices.

‍

Data that is Not Personal Data

We may create aggregated, de-identified or anonymized data from the Personal Data we collect, including by removing information that makes the data personally identifiable to a particular user. We may use such aggregated, de-identified or anonymized data and share it with third parties for our lawful business purposes, including to analyze, build and improve the Services and promote our business, provided that we will not share such data in a manner that could identify you.  

‍

‍

‍

Tracking Tools and Opt-Out

The Services use cookies and similar technologies such as pixel tags, web beacons, clear GIFs and JavaScript (collectively, “Cookies”) to enable our servers to recognize your web browser, tell us how and when you visit and use our Services, analyze trends, learn about our user base and operate and improve our Services. Cookies are small pieces of data– usually text files – placed on your computer, tablet, phone or similar device when you use that device to access our Services. We may also supplement the information we collect from you with information received from third parties, including third parties that have placed their own Cookies on your device(s). Please note that because of our use of Cookies, the Services do not support “Do Not Track” requests sent from a browser at this time.

‍

We use the following types of Cookies:

  • Essential Cookies Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into secure areas of our Services. Disabling these Cookies may make certain features and services unavailable.
  • Performance/Analytical Cookies Performance/Analytical Cookies allow us to understand how visitors use our Services. They do this by collecting information about the number of visitors to the Services, what pages visitors view on our Services and how long visitors are viewing pages on the Services. Performance/Analytical Cookies also help us measure the performance of our advertising campaigns in order to help us improve our campaigns and the Services’ content for those who engage with our advertising. For example, Google LLC (“Google”) uses cookies in connection with its Google Analytics services. Google’s ability to use and share information collected by Google Analytics about your visits to the Services is subject to the Google Analytics Terms of Use and the Google Privacy Policy. You have the option to opt-out of Google’s use of Cookies by visiting the Google advertising opt-out page at www.google.com/privacy_ads.html or the Google Analytics Opt-out Browser Add-on at http://tools.google.com/dlpage/gaoptout

‍

You can decide whether or not to accept Cookies through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new Cookie in a variety of ways. You can also delete all Cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit our website and some of the Services and functionalities may not work.

‍

To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu. To find out more information about Cookies, including information about how to manage and delete Cookies, please visit http://www.allaboutcookies.org/ or https://ico.org.uk/for-the-public/online/cookies/ if you are located in the European Union.

‍

‍

Data Security and Retention

We seek to protect your Personal Data from unauthorized access, use and disclosure using appropriate physical, technical, organizational and administrative security measures based on the type of Personal Data and how we are processing that data. You should also help protect your data by appropriately selecting and protecting your password and/or other sign-on mechanism; limiting access to your computer or device and browser; and signing off after you have finished accessing your account. Although we work to protect the security of your account and other data that we hold in our records, please be aware that no method of transmitting data over the internet or storing data is completely secure.

‍

We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you with our Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. We may further retain information in an anonymous or aggregated form where that information would not identify you personally.

‍

‍

Personal Data of Children

As noted in the Terms of Use, we do not knowingly collect or solicit Personal Data about children under 16  years of age; if you are a child under the age of 16, please do not attempt to register for or otherwise use the Services or send us any Personal Data. If we learn we have collected Personal Data from a child under 16 years of age, we will delete that information as quickly as possible. If you believe that a child under 16 years of age may have provided Personal Data to us, please contact us at support@nudgesecurity.com.

‍

‍

Your Choices

If you no longer want to receive marketing related emails from us on a going-forward basis, you may opt out by using the unsubscribe link provided at the bottom of each such email.  If you opt out, we may still send you important administrative messages, from which you cannot opt out.

‍

If you prefer that we discontinue sharing your Personal Information on a going-forward basis with third parties for their direct marketing purposes, you may opt out of the sharing by contacting us at support@nudgesecurity.com.

‍

You can update your Personal Information by contacting customer service at support@nudgesecurity.com.

‍

‍For residents of the following states: Please see “Additional Information for Residents of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, New Hampshire, Nebraska, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia,” below, for additional information about your rights.

‍

‍

‍

ADDITIONAL DISCLOSURES FOR INDIVIDUALS RESIDING IN EUROPE

If you reside in the European Economic Area, this section applies to you. 

‍

Legal Basis for Processing. When we process your personal information, we will do so in reliance on the following lawful bases:

  • To perform our responsibilities under our contract with you (e.g., processing payments for and providing the services you have ordered).
  • When we have a legitimate interest in processing your personal data to operate our business correctly and efficiently or protect our interests (e.g., to provide, maintain and improve our services, conduct data analytics, and communicate with you).
  • When we find such processing is necessary to comply with a legal obligation to which we are subject (e.g., to maintain a record of those who have opted-out of marketing communications).
  • When we have your consent to do so (e.g., when you agree to receive marketing communications from us). You may withdraw such consent at any time by emailing us at support@nudgesecurity.com. Please note that withdrawing consent will not affect processing prior to such withdrawal, nor will it affect processing based on other lawful bases.

‍

Your Privacy Rights. You have the right to (1) request to know more about and access your personal information, including in a portable format, (2) request deletion of your personal information, (3) request correction of inaccurate personal information, (4) request restriction of processing of your personal information, and (5) object to the processing of your personal information for certain purposes. To exercise any of these rights, please us at support@nudgesecurity.com. If you have a concern about our processing of personal information that we are not able to resolve, you have the right to lodge a complaint with the Data Protection Authority where you reside. Contact details for your Data Protection Authority can be found using the links below:

  • For individuals in the EEA, click here.
  • For individuals in the UK, click here.
  • For individuals in Switzerland, click here.

‍

SENSITIVE INFORMATION

Unless we request it, we ask that you not send us, and you not disclose, any sensitive Personal Information (e.g., Social Security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, or criminal background) on or through the Services or otherwise to us.

‍

THIRD-PARTY PAYMENT SERVICE

The Services may provide functionality allowing you to make payments using a third-party payment service with which you have created your own account.  When you use such a service to make a payment to us, your Personal Information will be collected by such third party and not by us and will be subject to the third party’s privacy policy, rather than this Privacy Policy.  We have no control over, and are not responsible for, any such third party’s collection, use, or disclosure of your Personal Information.

‍

UPDATES TO THIS PRIVACY POLICY

The “UPDATED” or “LAST UPDATED” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised.  Any changes will become effective when we post the revised Privacy Policy on the Services.  

‍

CONTACT US:

If you have any questions about this Privacy Policy, please contact us at support@nudgesecurity.com.

‍

Because email communications are not always secure, please do not include credit card or other sensitive information in your emails to us. 

     

ADDITIONAL DISCLOSURES 

This section supplements the above Privacy Policy and provides additional details regarding our collection, use, and disclosure of Personal Information relating to residents of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, New Hampshire, Nebraska, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia.

‍

Collection, Disclosure, Sale, Sharing, and Processing of Personal Information

The following chart details which categories of Personal Information we collect, process, and disclose, including for purposes of targeted advertising.  

‍

‍

Categories of Personal Information Disclosed to Which Categories of Third Parties for Operational Business Purposes Sold to Which Categories of Third Parties Shared with Which Categories of Third Parties for Cross-Context Behavioral or Targeted Advertising Processing Purposes (see “Use of Personal Information” above for a detailed description of each Processing Purpose)

Identifiers, including:

Names, email addresses, and online usernames

Our service providers None None • Providing the functionality of our Services and fulfilling your requests

• Accomplishing our business purposes
Personal information as defined in the California customer records law, such as name, contact information, and payment information Our service providers  None None

• Providing the functionality of our Services and fulfilling your requests

     

 

• Analyzing Personal Information for business reporting and providing personalized services

 

Internet or network activity information, such as browsing history and interactions with our website Our service providers None Ad networks and social media platforms when using our corporate site (www.nudgesecurity.com)

• Providing the functionality of our Services and fulfilling your requests

• Providing you with our marketing materials and facilitating social sharing

 

• Analyzing Personal Information for business reporting and providing personalized services

 

• Aggregating and/or anonymizing Personal Information

 

• Accomplishing our business purposes

Inferences drawn from any of the Personal Information listed above to create a profile or summary about, for example, an individual’s preferences and characteristics Our service providers None None N/A

‍

‍

Individual Rights and Requests

Subject to applicable law, you may make the following requests: 

‍

  1. You may request to know whether we process your Personal Information and to access such Personal Information.some text
    1. If you are a California resident, you may request the following information: some text
      1. The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
      2. The business or commercial purpose for collecting, selling, or sharing Personal Information about you; 
      3. The categories of Personal Information about you that we sold or shared and the categories of third parties to whom we sold or shared such Personal Information; and 
      4. The categories of Personal Information about you that we otherwise disclosed and the categories of third parties to whom we disclosed such Personal Information.
  2. You may request to correct inaccuracies in your Personal Information.
  3. You may request to have your Personal Information deleted.
  4. You may request to receive a copy of your Personal Information, including, where applicable, in a portable format.
  5. You may request to opt out of the “sale” of your Personal Information.
  6. You may request to opt out of targeted advertising, including the “sharing” of your Personal Information for purposes of cross-context behavioral advertising.

     

We will not unlawfully discriminate against you for exercising your rights under applicable privacy law.  To make a privacy request, please contact us at support@nudgesecurity.com  stating your specific request. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request.  We may need to request additional Personal Information from you, such as name, email address, or phone number, in order to verify your identity and protect against fraudulent requests.  If you make a request to delete, we may ask you to confirm your request before we delete your Personal Information. 

     

To request to opt out of any future “sales” of your Personal Information and/or “sharing” of your Personal Information for purposes of cross-context behavioral advertising or any future processing for purposes of targeted advertising, please contact us at support@nudgesecurity.com

‍

Appeal Process 

If you are a resident of  California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, New Hampshire, Nebraska, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, and Virginia and we refuse to take action on your request, you may appeal our refusal within a reasonable period after you have received notice of the refusal.  You may file an appeal by contacting us at support@nudgesecurity.com.

‍

Authorized Agents     

If an agent would like to make a request on your behalf as permitted under applicable law, they may use the submission methods outlined above.  As part of our verification process, we may request that the agent provide proof concerning their status as an authorized agent.  In addition, we may require that you verify your identity as described above or confirm that you provided the agent permission to submit the request.

‍

De-Identified Information 

If we maintain or use de-identified information, we will continue to maintain and use it only in a de-identified fashion and will not attempt to re-identify the information.

See what you've been missing.