Effective September 27, 2021
Infobyte, LLC. (“Faraday,” “we” or “us”) is committed to the privacy of our customers (including those users utilizing our Services for free) and those who use our websites, including but not limited to www.faradaysec.com (the “Sites”), and our products and services, including our cloud-based products or services (the “Services”). This Privacy Policy describes Faraday’s policies and practices regarding our collection and use of your personal data or information and sets forth your privacy rights. We recognize that data privacy is an ongoing responsibility. We will from time to time update this Privacy Policy as we adopt new privacy practices and policies in response to updates in the law, to align with changing industry best-practices, and to reflect our product enhancements.
The practices described in this policy are subject to the legislation in force, both in the territory of the United States, as well as in the territory of the European Union and in accordance with the General Data Protection Regulation (“GDPR” for its acronym in English) of the European Union on 05/25/2018. Questions, comments and complaints about data practices may be sent to the following email: privacyteam@faradaysec.com
Faraday collects personal Data directly and personally from Users with access to our platform given autonomously, voluntarily, and supervised by them. The collection of precise Data enables the proper performance of the application and contents.
The User is not obliged to provide personal and precise Data, nevertheless, once done consent of the present terms shall be presumed. Information will be obtained from Users’ registration and the filling of previous forms. Furthermore, in the future, some data may be provided through links to other platforms with prior acceptance by the User. The requested data will be: full name and email. Also, in the future, other data may be requested, such as: place of residence, age, National ID, etc. and other similar Data.
Notwithstanding, if the User does not want personal information to be gathered, it should refrain from bestowing it.
The following provides examples of the type of information that we collect from you and how we use that information.
Context |
Types of Data |
Primary Purpose for Collection and Use of Data |
Customer User Information |
We collect the name, username, and contact information, of our customers and their employees with whom we may interact. |
We have a legitimate interest in contacting our customers and communicating with them concerning normal business administration such as projects, services, and billing. |
Account Information (Customer User) |
We collect personal data from our customers when they create an account to access and use the Services or request certain free Services from our Sites. This information could include business contact information such as name, email address, title, company information, and password for our services. |
We have a legitimate interest in providing account related functionalities to our users, monitoring account logins, and detecting potential fraudulent logins or account misuse. Additionally, we use this information to fulfill our contract to provide you with Services. |
Contact Information (Vendors) |
Users of our service may ask their vendors or service providers to submit company and security related information on our platform (e.g., to complete a security questionnaire). When a user invites a vendor we collect the name and email address of the vendor. |
We have a legitimate interest in contacting vendors on behalf of our customers in order to invite them to communicate with companies through our platform. Among other things, the communication allows our customers to efficiently solicit, and receive, security questionnaires, and allows vendors to efficiently solicit, and transmit, security questionnaires. Additionally, we use this information to fulfill our contract to provide Services which may include soliciting, receiving, transmitting, and hosting responses to security questions. |
Account Information (Vendors) |
We collect personal data from vendors when they create an account to access and use the Services or request certain free Services from our Sites. This information could include business contact information such as name, email address, title, company information, and password for our services. |
We have a legitimate interest in providing account related functionalities to our vendor-users, monitoring account log-ins, and detecting potential fraudulent logins or account misuse. Additionally, in some cases, we use this information to fulfill our contract to provide vendor-users with Services. |
Cookies and First Party tracking |
We use cookies and clear GIFs. “Cookies'' are small pieces of information that a website sends to a computer’s hard drive while a website is viewed. |
We have a legitimate interest in making our website operate efficiently. |
Cookies and Third Party Tracking |
We participate in behavior-based advertising, this means that a third party uses technology (e.g., a cookie) to collect information about your use of our website so that they can provide advertising about products and services tailored to your interests on our website, or on other websites. |
Where required by law, we base the use of third party cookies upon consent. |
Demographic Information |
We collect personal information, such as your location and IP address. |
We have a legitimate interest in understanding our users and providing tailored services. |
Email Interconnectivity |
If you receive email from us, we use certain tools to capture data related to when you open our message, click on any links or banners it contains and make purchases. |
We have a legitimate interest in understanding how you interact with our communications to you. |
Employment |
If you apply for a job posting, or become an employee, we collect information necessary to process your application or to retain you as an employee. This may include, among other things, your Social Security Number. Providing this information is required for employment. |
We use information about current employees to perform our contract of employment, or the anticipation of a contract of employment with you. In some contexts, we are also required by law to collect information about our employees. We also have a legitimate interest in using your information to have efficient staffing and workforce operations. |
Feedback/Support |
We collect personal data from you contained in any inquiry you submit to us regarding our Sites or Services, such as completing our online forms, calling, or emailing for the purposes of general inquiries, support requests, or to report an issue. When you communicate with us over the phone, your calls may be recorded and analyzed for training, quality control and for sales and marketing purposes. During such calls we will notify you of the recording via either voice prompt or script. |
We have a legitimate interest in receiving, and acting upon, your feedback, issues, or inquiries. |
Mailing List |
When you sign up for one of our mailing lists we collect your email address or postal address. |
We share information about our products and services with individuals that consent to receive such information. We also have a legitimate interest in sharing information about our products or services. |
Order Placement |
We collect your name, billing address, shipping address, e-mail address, and phone number. To the extent that you have elected to pay using a credit card we also take (directly or through our payment processor) your payment card information. |
We use and share your information to perform our contract to provide you with products or services. |
Surveys |
When you participate in a survey we collect information that you provide through the survey. If the survey is provided by a third party service provider, the third party’s privacy policy applies to the collection, use, and disclosure of your information. |
We have a legitimate interest in understanding your opinions, and collecting information relevant to our organization. |
Website interactions |
We use technology to monitor how you interact with our website. This may include which links you click on, or information that you type into our online forms. This may also include information about your device or browser. |
We have a legitimate interest in understanding how you interact with our website to better improve it, and to understand your preferences and interests in order to select offerings that you might find most useful. We also have a legitimate interest in detecting and preventing fraud. |
Web logs |
We collect information, including your browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to a computer when the Internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors. |
We have a legitimate interest in monitoring our networks and the visitors to our websites. Among other things, it helps us understand which of our services is the most popular. |
In addition to the information that we collect from you directly, we may also receive information about you from other sources, including third parties, business partners, our affiliates, or publicly available sources. For example, if you submit a job application, or become an employee, we may conduct a background check.
In addition to the purposes and uses described above, we use information in the following ways:
To respond to inquiries related to support, employment opportunities, or other requests.
To send marketing and promotional materials including information relating to our products, services, sales, or promotions, or those of our business partners.
For internal administrative purposes, as well as to manage our relationships.
Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose. For example, if you sign up for Services, we may collect your information to complete that transaction, but we also collect your information as we have a legitimate interest in maintaining your information after your transaction is complete so that we can quickly and easily respond to any questions about your Services. As a result, our collection and processing of your information is based in different contexts upon your consent, our need to perform a contract, our obligations under law, and/or our legitimate interest in conducting our business.
In addition to the specific situations discussed elsewhere in this policy, we disclose information in the following situations:
Affiliates and Acquisitions. We may share information with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If another company acquires, or plans to acquire, our company, business, or our assets, we will also share information with that company, including at the negotiation stage.
Other Disclosures with Your Consent. We may ask if you would like us to share your information with other unaffiliated third parties who are not described elsewhere in this policy.
Other Disclosures without Your Consent. We may disclose information in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws. We may also share your information in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies, or to comply with your request for the shipment of products to or the provision of services by a third party intermediary.
Service Providers. We share your information with service providers. Among other things service providers help us to administer our website, conduct surveys, provide technical support, process payments, and assist in the fulfillment of orders.
You can make the following choices regarding your personal information:
Access To Your Personal Information. You may request access to your personal information by contacting us at the address described below. If required by law, upon request, we will grant you reasonable access to the personal information that we have about you. We will provide this information in a portable format, if required. Note that California residents may be entitled to ask us for a notice describing what categories of personal information (if any) we share with third parties or affiliates for direct marketing.
Changes To Your Personal Information. We rely on you to update and correct your personal information. Most of our websites allow you to modify or delete your account profile. If our website does not permit you to update or correct certain information, you contact us at the address described below in order to request that your information be modified. Note that we may keep historical information in our backup files as permitted by law.
Deletion Of Your Personal Information. Typically we retain your personal information for the period necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. You may, however, request information about how long we keep a specific type of information, or request that we delete your personal information by contacting us at the address described below. If required by law we will grant a request to delete information, but you should note that in many situations we must keep your personal information to comply with our legal obligations, resolve disputes, enforce our agreements, or for another one of our business purposes.
Objection to Certain Processing. You may object to our use or disclosure of your personal information by contacting us at the address described below.
Online Tracking. We do not currently recognize automated browser signals regarding tracking mechanisms, which may include “Do Not Track” instructions.
Promotional Emails. You may choose to provide us with your email address for the purpose of allowing us to send free newsletters, surveys, offers, and other promotional materials to you, as well as targeted offers from third parties. You can stop receiving promotional emails by following the unsubscribe instructions in e-mails that you receive. If you decide not to receive promotional emails, we may still send you service related communications.
Revocation Of Consent. If you revoke your consent for the processing of personal information then we may no longer be able to provide you services. In some cases, we may limit or deny your request to revoke consent if the law permits or requires us to do so, or if we are unable to adequately verify your identity. You may revoke consent to processing (where such processing is based upon consent) by contacting us at the address described below.
On the occasion that Users want to exercise any of their rights, they can address the matter to the following email: privacyteam@faradaysec.com .Communications must be clearly stated and written in an understandable language, they must also contain information on the action the User wants to take providing a link between said action and the Rights mentioned beforehand. Moreover, the requesting party will have to present a signed copy of the National Identification Number (both sides). Faraday shall forward an answer in a 30 days period frame.
The User shall be entitled to exercise the right to data portability under the terms established in Article 20 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC.
To exercise the same, the User must send an email with your request and proving his personality to our email: privacyteam@faradaysec.com
Please address written requests and questions about your rights to privacyteam@faradaysec.com
Note that, as required by law, we will require you to prove your identity. We may verify your identity by phone call or email. Depending on your request, we will ask for information such as your name or other account information. We may also ask you to provide a signed declaration confirming your identity. Following a request, we will use reasonable efforts to supply, correct or delete personal information about you in our files.
In some circumstances, you may designate an authorized agent to submit requests to exercise certain privacy rights on your behalf. We will require verification that you provided the authorized agent permission to make a request on your behalf. You must provide us with a copy of the signed permission you have given to the authorized agent to submit the request on your behalf and verify your own identity directly with us. If you are an authorized agent submitting a request on behalf of an individual you must attach a copy of the following information to the request:
Data of the Users forwarded by them shall be conserved as long as the account on our database is active or as long as it is necessary to provide our services, legal obligations, or until the User requires suppression.
The data collected from Users will be processed mainly by internal staff of our company. Occasionally they may be processed by Faraday´s suppliers to assist in the provision of services such as hosting services, systems infrastructure, software development, notification services, marketing, support, marketing, among others. Faraday undertakes to sign the corresponding processing assignment contracts with each of the suppliers that provide services to ensure that personal data are treated with due confidentiality, security and only for the purpose for which they were communicated, having limited access to the information and acting according to the instructions of Faraday.
Data provided by Users may also be transferred in cases where there is a legal obligation to do so.
No method of transmission over the Internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal information from unauthorized access, use, or disclosure, we cannot guarantee the security of your personal information. In the event that we are required by law to inform you of a breach to your personal information we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
Some of our websites permit you to create an account. When you do you will be prompted to create a password. You are responsible for maintaining the confidentiality of your password, and you are responsible for any access to or use of your account by someone else that has obtained your password, whether or not such access or use has been authorized by you. You should notify us of any unauthorized use of your password or account.
The following additional information relates to our privacy practices:
Transmission Of Information To Other Countries. Faraday is located in the United States. Our service providers and other third parties you may interact with in connection with our Services may be located in the United States and other countries around the world. As a result, your information may be processed in a foreign country where privacy laws may be less stringent than the laws in your country. Nonetheless, where possible we take steps to treat personal information using the same privacy principles that apply pursuant to the law of the country in which we first received your information. By submitting your personal information to us you agree to the transfer, storage and processing of your information in a country other than your country of residence including, but not necessarily limited to, the United States. To the extent personal information is collected and subsequently transferred out of the European Economic Area, the transfer will take place consistent with the Standard Contractual Clauses. If you would like more information concerning our attempts to apply the privacy principles applicable in one jurisdiction to data when it goes to another jurisdiction you can contact us using the contact information below.
Third Party Applications/Websites. We have no control over the privacy practices of websites or applications that we do not own.
Changes To This Privacy Policy. We may change our privacy policy and practices over time. To the extent that our policy changes in a material way, the policy that was in place at the time that you submitted personal information to us will generally govern that information unless we receive your consent to the new privacy policy. Our privacy policy includes an “effective” and “last updated” date. The effective date refers to the date that the current version took effect. The last updated date refers to the date that the current version was last substantively modified.
Accessibility. If you are visually impaired, you may access this notice through your browser’s audio reader.
Information for California Residents. California law indicates that organizations should disclose whether certain categories of information are collected, “sold” or transferred for an organization’s “business purpose”(as those terms are defined under California law). You can find a list of the categories of information that we collect and share below. Please note that because this list is comprehensive it may refer to types of information that we share about people other than yourself. If you would like more information concerning the categories of personal information (if any) we share with third parties or affiliates for those parties to use for direct marketing please submit a written request to us using the information in the “Contact Information” section below. We do not discriminate against California residents who exercise any of their rights described in this Privacy Policy.
Contact Information. If you have any questions, comments, or complaints concerning our privacy practices please contact us at the appropriate address below. We will attempt to respond to your requests and to provide you with additional privacy-related information.
privacyteam@faradaysec.com
Attn: Privacy Team
3310 Mary St Suite 501
Miami, FL 33133
1-904-715-4284
If you are not satisfied with our response, and are in the European Union, you may have a right to lodge a complaint with your local supervisory authority.
California Civil Code Sections 1798.115©, 1798.130(a)(5)©, 1798.130©, and 1798.140 indicate that organizations should disclose whether the following categories of personal information are collected, transferred for “valuable consideration,” or transferred for an organization’s “business purpose” (as those terms are defined under California law). We do not “sell” your personal information. The table below indicates the categories of personal information we collect and transfer in a variety of contexts. Please note that because this list is comprehensive, it may refer to types of information that we collect and share about people other than yourself. For example, while we transfer credit card or debit card numbers for our business purpose in order to process payments for orders placed with us, we do not collect or transfer credit card or debit card numbers of individuals that submit questions through our website’s “contact us” page.
Categories of Personal Information That We Collect |
To Whom We Disclose Personal Information for Business Purpose |
Identifiers – this may include name, postal address, phone number, unique personal identifier, online identifier, internet protocol (IP) address, device ID, email address, account name, signature, or other similar identifiers. |
|
Financial information – this may include bank account number, credit or debit card number, or other financial information. |
|
Commercial information – this may include information about products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. |
|
Network activity data– this may include internet or other electronic network activity information, such as browsing history, search history, and information regarding an individual’s interaction with an internet website, application, or advertisement. |
|
Geolocation data – this may include precise physical location. |
|
Electronic data – this may include audio, electronic, or similar information (e.g., a recording of a customer service call). |
|
Professional/employment information – this may include occupation and professional references. |
|