Welcome to the website (the “Site”) of Exabeam, Inc. (“Exabeam”, “we”, “us” and/or “our”). This Site is operated by Exabeam and has been created to provide information about our company, our products and the related Exabeam services (together with the Site, the “Services”) to our visitors (“you” and/or “your”).
For customers of Exabeam, further details may be described in your customer contract. Also, notices highlighting certain uses we wish to make of the information we collect together with the ability to opt in or out of selected uses may also be provided at the time we collect the information from you.
- Information We Collect
- How We Use Your Information
- How Long We Retain Your Information
- Your Rights
- Links to Other Websites
- Data Security
- Children & the COPPA (Children Online Privacy Protection Act)
- California Online Privacy Protection Act
- Privacy Shield
- CAN SPAM Act
- Terms of Services
- Contacting Exabeam
- Last Updated
INFORMATION WE COLLECT
The information we collect includes personally identifiable data that we receive from visitors to the Site and users of our Services, which includes information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context (“Personal Data”). For example, details such as your name, email address, mailing address, phone number, title and even IP address might be collected to the extent permitted by local laws.
You can visit the Site without providing any Personal Data. If you choose not to provide any Personal Data, you may not be able to use certain portions of the Site or Services.
Non-Identifiable Data: When you interact with Exabeam through the Site or Services, we receive and store certain personally non-identifiable data. Such data, which is collected passively using various technologies, cannot presently be used to specifically identify you. Exabeam may store such data itself or such data may be included in databases owned and maintained by Exabeam affiliates, agents or service providers. As part of the Services, we may pool this data and use it with other information to track, for example, the total number of visitors to our Site, the number of visitors to each page of our Site, and the domain names of our visitors’ Internet service providers. It is important to note that no Personal Data is available or used in this process.
Aggregated Personal Data: In an ongoing effort to better understand and serve the users of the Site and Services, Exabeam often conducts research on its customer demographics, interests and behavior based on Personal Data and other information provided to us. This research may be compiled and analyzed on an aggregate basis, and Exabeam may share this aggregate data with its affiliates, agents and business partners. This aggregate information does not identify you personally. Exabeam may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.
HOW WE USE YOUR INFORMATION
Exabeam is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. Any use of your information by Exabeam must be justified in accordance with the following legal grounds:
- Consent: You have consented to our use of your information. Requirements include that the consent must be clear, affirmative and freely given.
- Contract Performance: Use of the information is necessary to enter into or perform an Exabeam contract with you.
- Legal Obligation: Exabeam’s use of your information is for compliance with our legal obligations.
- Legitimate Interests: Your information is used to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.
- Legal Claims: Use of your information is necessary for us to defend, prosecute or make a claim against you, us or a third party.
We may use the information we collect from you in the following ways to:
- Personalize your experience and to allow us to deliver the type of Services and product offerings in which you are most interested;
- Improve our Site to better serve you;
- Allow us to better respond to customer service requests;
- Administer a contest, promotion, survey or other Site feature;
- Quickly process your transactions;
- Ask for ratings and reviews of the Site, Services or products; and
- Follow up with you after correspondence (live chat, email or phone inquiries).
There are, however, certain circumstances in which we may share your Personal Data with certain third parties or transfer your Personal Data without further notice to you, as set forth below:
Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, Personal Data may be part of the transferred assets.
Agents, Consultants and Related Third Parties: Exabeam, like many businesses, sometimes hires other companies to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments. When we employ another entity to perform a function of this nature, we only provide them with the information that they need to perform their specific function.
Legal Requirements: Exabeam may disclose your Personal Data if required to do so by law or in the good faith belief that such action is necessary to: (i) comply with a legal obligation, (ii) protect and defend the rights or property of Exabeam, (iii) act in urgent circumstances to protect the personal safety of users of the Services or the public, or (iv) protect against legal liability.
Marketing: In relation to Direct Marketing, where we are required to do so, we will obtain your consent before using your Personal Data for this purpose. If you prefer not to receive our Direct Marketing communications and/or not have your Personal Data shared the purpose of marketing, you can contact us to have your Personal Data erased from our Direct Marketing lists.
“Direct Marketing” means our communication with you such as mail, telemarketing or email, using your Personal Data, to inform you about products and Services that we think may be of interest and value to you. This does not include communications regarding products or Services that you currently have, including improved ways to use the products, or additional features of the products as well as transactional information.
Channel Partners: YIn some cases, a distributor or reseller who is part of Exabeam’s network of channel partners may assist us to deliver products and Services. Exabeam may share your Personal Data with its approved channel partners so that they may follow up with you after correspondence (live chat, email or phone inquiries).
Where we transfer Personal Data from inside the EEA to outside the EEA, we may be required to take specific additional measures to safeguard the relevant Personal Data. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export Personal Data to these jurisdictions. In countries which have not had these approvals, we will establish legal grounds justifying such transfer, such as EU Commission-approved model contractual clauses, or other legal grounds permitted by applicable legal requirements. For a listing of countries and rules applicable to each, please visit https://ec.europa.eu/info/law/law-topic/data-protection_en.
HOW LONG WE RETAIN YOUR INFORMATION
Our retention periods for Personal Data are based on business needs and legal requirements. We retain your Personal Data for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. For example, we may retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired, or to comply with regulatory requirements regarding the retention of such data. When Personal Data is no longer needed, we either irreversibly anonymize the Personal Data (and we may further retain and use the anonymized information) or securely destroy the Personal Data.
If you have any questions in relation to our use of your Personal Data, you should first contact us as per the “Contacting Exabeam” section below. Under certain conditions, you may have the right to require us to:
- Provide you with further details on the use we make of your Personal Data;
- Provide you with a copy of information that you have provided to us;
- Update any inaccuracies in the Personal Data we hold;
- Delete any Personal Data the we no longer have a lawful ground to use;
- Where processing is based on consent, to withdraw your consent so that we stop that processing;
- Object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
- Restrict how we use your information while a complaint is being investigated.
Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege). If you exercise any of these rights, then we will check your entitlement and respond in most cases within a month.
LINKS TO OTHER WEBSITES
Please understand that links from the Site or Services do not imply that Exabeam endorses or has reviewed the Third-Party Sites, and we do not accept any responsibility or liability for your use of the Third-Party Sites.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since each browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If you do disable cookies, it will turn off some of the features of the Site.
Exabeam maintains electronic, physical and procedural safeguards so that we meet or exceed the applicable privacy regulations for the protection of Personal Data provided via the Services from loss, misuse, unauthorized access, disclosure, alteration or destruction.
The Site is scanned on a regular basis for security holes and known vulnerabilities, which includes scanning for malware, to make your visit safe. Personal Data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep the information confidential. In addition, Exabeam utilizes Transport Layer Security (TSL, which used to be known as SSL) technology across the Site.
Exabeam will NEVER ask anyone for a password to be sent separately or in clear text. Anyone making such a request is probably trying to gain access to something that does not belong to them. If you ever receive such a request, please contact Exabeam ([email protected]).
However, no Internet or email transmission is ever fully secure or error free. Therefore, you should take special care in deciding what information you send to us via email. Please keep this in mind when disclosing any Personal Data to Exabeam via the Internet.
CCPA; GLB; MASS PRIVACY ACT
Exabeam will not retain, use, or disclose any Personal Data in its possession for any purpose other than: (i) as authorized for the provision of products and/or services; and (ii) as may be required by applicable law, including, but not limited to, the Gramm-Leach-Bliley Act of 1999 (“GLB Act”), the Massachusetts Standards for the Protection of Personal Information (“Mass Privacy Act”), and the California Consumer Privacy Act (“CCPA”). Exabeam has implemented and will continue to maintain appropriate information security safeguards reasonably designed to prevent the destruction, loss, unauthorized acquisition, unauthorized use, or alteration of Personal Data in its possession.
CHILDREN & THE COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
If you have reason to believe that a child under the age of 13 has provided Personal Data to Exabeam through the Site or Services, please contact us, and we will work with you to erase that information from our databases.
CALIFORNIA ONLINE PRIVACY PROTECTION ACT
- Users can visit our site anonymously.
- You can change your Personal Data by emailing us.
For more information, please visit http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf
Exabeam is responsible for the processing of Personal Information it received, under the Privacy Shield Framework, or subsequently transfers to a third party acting as an agent on its behalf. Exabeam complies with the Privacy Shield Principles for all onward transfers of Personal information from the EU and Switzerland. Exabeam may also be subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).
In compliance with the Privacy Shield Principles, Exabeam commits to resolve complaints about our collection or use of your personal information. EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Exabeam at: [email protected]
Exabeam has further committed to refer unresolved Privacy Shield complaints to the Data Protection Commission, the EU-data protection authority located in Ireland. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit: https://www.dataprotection.ie/ for more information or to file a complaint. Under limited circumstances, EU and Swiss individuals with privacy complaints may invoke a binding arbitration option.
Exabeam is aware of the Court of Justice of the European Union (CJEU) invalidating Privacy Shield as a certification of EU privacy law compliance. Exabeam has always maintained its obligations independently through privacy policies with partners, customers, and users of our website. Exabeam commits to continue to meet the applicable requirements for protection of Personal Information as required under applicable law, regulation, and other governing authority. Exabeam has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland.
CAN SPAM ACT
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address to:
- Send information, respond to inquiries, and/or other requests or questions;
- Process orders and to send information and updates pertaining to orders;
- Send you additional information related to our products and/or Service; and
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
- Not use false or misleading subjects or email addresses
- Identify the message as an advertisement in some reasonable way;
- Include the physical address of our business or site headquarters;
- Monitor third-party email marketing services for compliance, if one is used;
- Honor opt-out/unsubscribe requests quickly; and
- Allow users to unsubscribe by using the link at the bottom of each email.
TERMS OF SERVICES
Your access to and use of the Site and Services is subject to the Terms of Service at www.exabeam.com/terms-and-conditions.
You may contact us as follows:
Attn: Data Protection Officer
1051 E Hillsdale Boulevard, 4th Floor
Foster City, CA 94404