1. POLICY APPLICATION:
This Policy applies to Wallarm’s collection, use, and disclosure of the information of the following categories of individuals:
This Policy does not apply to our Customers’ websites, which may have their own terms and privacy policies. Our Customers are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, including those relating to the collection of personal information in connection with the use of our Services by End Users with whom our Customers interact.
2. INFORMATION WE COLLECT
Wallarm provides web optimization and security services that our Customers use to improve and protect their websites, including a reverse proxy, pass-through security service, and a content distribution network. Because Wallarm is a reverse proxy, our IP addresses may appear in WHOIS and DNS records for websites using our Services. We are a conduit for information controlled by others. It is our Customers and their users who are responsible for the content transmitted across our network (e.g., images, written content, graphics, etc.).
We collect End Users’ information when they use our Customers’ websites, web applications, and APIs. This information may include but is not limited to IP addresses, system configuration information, and other information about traffic to and from Customers’ websites (collectively, “Log Data”). We collect and use Log Data to operate, maintain, and improve our Services in performance of our obligations under our Customer agreements. For example, Log Data can help us to detect new threats, identify malicious third parties, and provide more robust security protection for our Customers.
Legal Basis for Processing (EEA only):
If you are an individual from the European Economic Area (EEA), please note that our legal basis for collecting and using your personal information will depend on the personal information collected and the specific context in which we collect it. We normally will collect personal information from you only where: (a) we have your consent to do so, (b) where we need your personal information to perform a contract with you (e.g. to deliver the Wallarm Services you have requested), or (c) where the processing is in our legitimate interests. Please note that in most cases, if you do not provide the requested information, Wallarm will not be able to provide the requested service to you.
In some cases, we may also have a legal obligation to collect personal information from you, or may otherwise need the personal information to protect your vital interests or those of another person.
Where we rely on your consent to process your personal data, you have the right to withdraw or decline consent at any time. Where we rely on our legitimate interests to process your personal data, you have the right to object.
If you have any questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us at email@example.com
3. HOW WE USE INFORMATION WE COLLECT
Wallarm only processes personal information in a way that is compatible with and relevant for the purpose for which it was collected or authorized. As a general matter, for all categories of data we collect except Resolver User data, we may use the information we collect (including personal information, to the extent applicable) to:
Information from Third Party Services. We may combine information we collect as described above with personal information we obtain from third parties. For example, we may combine information entered on a Wallarm sales submission form with information we receive from a third-party sales intelligence platform vendor to enhance our ability to market our Services to Customers or potential Customers.
4. INFORMATION SHARING
Specifically, we do not permit our Service Providers to use any personal information we share with them for their own marketing purposes or for any other purpose than in connection with the services they provide to us.
In addition to sharing with Service Providers as described above, we may also share your information with others in the following circumstances:
We do not sell, rent, or share personal information with third parties for their direct marketing purposes, including as defined under California Civil Code Sec. 1798.83.
5. DATA AGGREGATION
Wallarm may aggregate data we acquire about our Customers and their End Users, including the Log Data described above. For example, we may assemble data to determine how Web crawlers index the Internet and whether they are engaged in malicious activity or to compile web traffic reports and statistics. Non-personally identifiable, aggregated data may be shared with third parties.
6. INTERNATIONAL INFORMATION TRANSFERS
All Personal Information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Information, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
7. DATA SUBJECT RIGHTS
Attendees, Website Visitors, and Customers: You have the right to access, correct, update, export, or delete your personal information. You may email us at firstname.lastname@example.org with any such subject access requests (“SAR”), and we will respond within thirty (30) days. Customers also can access, correct, export, or update their Account Information by editing their profile or organization record at Wallarm.com.
End Users: Wallarm has no direct relationship with End Users. Even where “Wallarm” may be indicated as the authoritative name server for a domain, unless Wallarm is the owner of that domain, we have no control over a domain’s content. Accordingly, we rely upon our Customers to comply with the underlying legal requirements for subject access requests. If an End User requests that we access, correct, update, or delete their information, or no longer wishes to be contacted by one of our Customers that use our Services, we will direct that End User to contact the Customer website(s) with which they interacted directly. Our Customers are solely responsible for ensuring compliance with all applicable laws and regulations with respect to their website users.
For any SAR, we will need to verify a requestor is inquiring about their own information before we can assist. Where a SAR may implicate the personal data of another individual, we must balance the request against the risk of violating another person’s privacy rights.
8. COMMUNICATION PREFERENCES
You may manage your receipt of commercial communications by clicking on the “unsubscribe” link located on the bottom of such emails, through your account settings if you have a Wallarm account, or you may send a request to unsubscribe@Wallarm.com
9. DATA SECURITY, DATA INTEGRITY, AND ACCESS:
We take all reasonable steps to protect information we receive from you from loss, misuse or unauthorized access, disclosure, alteration, and/or destruction. We have put in place appropriate physical, technical, and administrative measures to safeguard and secure your information, and we make use of privacy-enhancing technologies such as encryption. If you have any questions about the security of your personal information, you can contact us at privacyquestions@Wallarm.com.
10. NOTIFICATION OF CHANGES
If we make changes to this Policy that we believe materially impact the privacy of your personal data, we will promptly provide notice of any such changes (and, where necessary, obtain consent), as well as post the updated Policy on this website noting the effective date of any changes.
11. BUSINESS TRANSACTIONS
We may assign or transfer this Policy, as well as information covered by this Policy, in the event of a merger, sale, change in control, or reorganization of all our part of our business.
12. ENGLISH LANGUAGE CONTROLS
Non-English translations of this Policy are provided for convenience only. In the event of any ambiguity or conflict between translations, the English version is authoritative and controls.
This Policy was last updated on May 20, 2018.