Privacy Policy

Skybox Security Privacy Policy

Last Updated: January 2019
  • 1. Introduction & Overview
    • 1.1 Introduction
      • 1Skybox Security develops integrated security management solutions for enterprise–scale vulnerability and threat management, security policy and firewall management (the “Service”).
      • 2This Policy defines the ways in which Skybox collects, stores, shares, uses, retains and protects Personal Data (as defined below).
      • 3This policy describes the types of Personal Data collected by Skybox, the way Skybox uses and protects this information, and to whom it is disclosed.
      • 4In this Policy, “Skybox” or "we" refer to Skybox Security, Inc. and its “Affiliates”, which shall mean subsidiaries, parent companies, joint ventures and other corporate entities under common ownership.
    • 1.2 Definitions
      • 1“Data Subject” - a natural person whose Personal Data is processed by a controller or processor
      • 2“Identifiable natural person” - means one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
      • 3"Personal Data" - means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
    • 1.3 Purpose and Scope
      • 1This Policy defines the ways in which Skybox collects, stores, shares, uses, retains and protects Personal Data.
    • 1.4 Applicability
      • 1All Skybox personnel and suppliers are responsible and accountable for adhering to and implementing this policy.
  • 2. Method
    • 2.1 Collection of Data
      We may collect two types of data from our users:
      • 1Personal Data: The type of Personal Data collected in accordance with the Service may vary depending on the activity and may include:
        • First and last name (or the name you have associated with your device);
        • Telephone number;
        • Transaction identifiers for purchases;
        • Age and date of birth;
        • Gender;
        • Country;
        • If applicable, physical geolocation and that of the devices you use to access our Services;
        • Internet protocol (IP) addresses;
        • Zip code;
        • Area code;
      • 2Un-identified and non-identifiable information pertaining to a user(s), which may be made available or gathered via the user's use of the Services (“Non-Personal Information”). We are not aware of the identity of the user from which the Non-personal Information was collected. Such information includes the following:
        • Skybox may receive public information from third parties in connection with market and demographic studies and/or data that Skybox may use to supplement Personal Data provided directly by the customer.
        • Skybox gathers certain non-personal identification information and stores it in log files when you interact with Skybox websites. This information includes browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your devices, your mobile carrier, and system configuration information.
      • 3Occasionally, we connect Personal Data to Non-personal information gathered in our log files as necessary to improve Skybox services for individual customers. In such a case, we would treat the combined Information as Personal Data in accordance with this privacy policy.
    • 2.2 Use of Personal Data
      We may collect two types of data from our users:
      • 1Skybox uses the Personal Data to create accounts, to process transactions, to operate and optimize our Services, to provide you with a safe, smooth, efficient and customized experience, to fulfill specific requests and to send its customers other account-related information.
      • 2In addition, the Personal Data provided to Skybox will allow it to send the users messages regarding, among other things, updates, new products, features, enhancements, special and promotional offers, upgrade opportunities and events of interest.
      • 3Skybox may also use Personal Data to
        • Better understand the behavior and preferences of its customers;
        • Provide technical support and respond to inquiries;
        • Help create a safer and more trusted environment for our customers by preventing fraud or potentially illegal activities;
        • Deliver and enforce our Terms of Service,
        • Target and serve static and dynamic advertising;
        • Solicit input and feedback to improve Skybox products and Services and their content;
        • Ensure proper functioning of our products and Services;
        • Personalize our services and manage and deliver contextual and behavioral advertising;
        • Administer surveys or other promotional activities or events sponsored or managed by us or our business partners;
        • Comply with our legal obligations, resolve any disputes we may have with customers;
        • Enforce our agreements with third parties and conduct research.
      • 4Skybox may send periodic emails. The email address users provide for order processing will be used only to send them information and updates pertaining to their order or to respond to their inquiries, requests or questions. Users who decide to opt in to Skybox’ mailing list will receive emails that may include company news, updates, related product or service information, etc. Users who wish to unsubscribe from the list may do so at any time by following the detailed instructions found at the bottom of each email they receive from Skybox.
      • 5In addition to the direct Service, Skybox uses Personal Data that people voluntary provide to:
        • Reply to users' request of information regarding Skybox products and services;
        • Allow candidates to apply for a job through Skybox' site.
    • 2.3 Cross-Border Transfer, Processing and Storage of Personal Data
      • 1As part of its international operations, Skybox may transfer Personal Data to its Affiliates from time to time for our legitimate business purposes.
      • 2Skybox transfers Personal Data only if the recipient of the Personal Data has provided appropriate safeguards, and on condition that enforceable Data Subject rights and effective legal remedies for Data Subjects are available.
      • 3Personal Data collected may also be processed by Skybox' employees operating outside of the European Economic Area or one of its Affiliates or vendors. This staff may be engaged in processing transactions and payment details or provisioning support services. Skybox vendors are carefully vetted through a vendor assessment procedure and are legally committed to comply with relevant regulations.
    • 2.4 Sharing Information With Third Parties
      • 1In all cases of data access and collection, the information provided will not be disclosed, rented, loaned, leased, sold, or otherwise voluntarily distributed to unaffiliated third parties and will be used solely for the purpose stated herein. Specifically, Skybox does not share Personal Data with third parties for their direct marketing purposes unless upon specific consent to such disclosure.
      • 2Skybox may share Personal Data with third parties who help Skybox to maintain, administer or develop its website, such as sending out newsletters or surveys. Skybox may share users’ information with such third parties, for those limited purposes, for a limited time and only subject to Users’ permission.
      • 3Skybox discloses Personal Data to third parties only if they have satisfactory measures to protect Personal Data.
      • 4Skybox cooperates with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any Personal Data about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect our or a third party's property and rights, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or poses a risk of being, illegal, unethical, inappropriate or legally actionable. We also may be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including meeting national security or law enforcement requirements.
      • 5Skybox may share your Personal Data if we enter into a business transaction such as a merger, acquisition, reorganization, bankruptcy, or sale of some or all of our assets. Any party that acquires our assets as part of such a transaction may continue to use your data in accordance with the terms of this Privacy Policy.
    • 2.5 Links to Third Parties’ Sites
      • 1Skybox may include or offer links to third party products or services. Skybox does not control the content or links that appear on such other sites and is not responsible for the practices they employ. These parties should have separate and independent privacy policies, and Skybox has no responsibility or liability for the content and activities of these linked sites.
    • 2.6 Children’s Privacy
      • 1Skybox is committed to protecting the privacy needs of children and encourages parents and guardians to take an active role in their children’s online activities and interests. Skybox does not knowingly collect information from children under the age of 18 without their parents' or guardians’ consent. Skybox relies upon the accuracy of information provided by the controller to determine age.
    • 2.7 Legal Basis for Collection
      • 1If you are an individual from the European Economic Area, please note that our legal basis for collecting and using your Personal Data will depend on the Personal Data collected and the specific context in which we collect it.
      • 2We normally collect Personal Data only where: (a) we have your consent to do so, (b) where we need your Personal Data to perform a contract with you (e.g. to deliver the Services you have requested), (c) where the processing is in our legitimate interests; or (d) where we are required to collect, retain or share such information under applicable laws. In some cases, we may need the Personal Data to protect your vital interests or those of another person.
      • 3Where we rely on your consent to process your personal data, you have the right to withdraw or decline consent at any time. Where we rely on our legitimate interests to process your Personal Data, you have the right to object.
      • 4If you have any questions about or need further information concerning the legal basis on which we collect and use your Personal Data, please contact us through the contact details available below
    • 2.8 EU User Rights
      • 1As an EU resident, you may request to:
        • Receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data, together with supplementary information.
        • Receive a copy of Personal Data you directly volunteer to us in a structured, commonly used and machine-readable format.
        • Request rectification of your Personal Data that is in our control.
        • Request erasure of your Personal Data.
        • Object to the processing of Personal Data by us.
        • Request to restrict processing of your Personal Data by us.
        • Lodge a complaint with a supervisory authority.
        • Please note that these rights pertain to EU residents only, are not absolute, and may be subject to our own legitimate interests and regulatory requirements.
      • 2Users Outside the EU - Some of the aforementioned rights are applicable in certain jurisdictions outside the EU as well. Users residing outside the EU are welcome to contact us for any questions or requests at the details below.
      • 3Data Subjects may send the request to the details bellow of through our support portal.
    • 2.9 Protecting your Information
      • 1Skybox follows appropriate data collection, storage and processing practices and suitable security measures in order to protect against unauthorized access, alteration, disclosure or destruction of your Personal Data, username, password, transaction information, and all other data stored on our Site.
      • 2Sensitive and private data exchange between Skybox's site and its users happens over a secured SSL communication channel and is encrypted and protected with digital signatures.
      • 3While Skybox strives to protect your Personal Data, we cannot ensure or warrant the security and privacy of your Personal Data or other content you transmit using the Service, and you do so at your own risk.
    • 2.10 Retention
      • 1We will retain your Personal Data for as long as necessary to provide our Service, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Under applicable regulations, we will keep records containing client Personal Data, account opening documents, communications and anything else as required by applicable laws and regulations.
    • 2.11 Tracking Technologies
      • 1When you visit or access our Services we use (and authorize third parties to use) pixels, cookies, events and other technologies. Those allow us to automatically collect information about you, your device and your online behavior, in order to enhance your navigation in our Services, improve our Services’ performance, perform analytics and customize your experience. In addition, we may merge data we have with data collected through these tracking technologies and data we may obtain from other sources and, as a result, such data may become Personal Data. "Cookies" - are small pieces of information that are stored by the user’s browser on the user’s computer hard drive which enables the organization to recognize the user’s computer when the user returns to the site. A cookie file can contain information such as a user ID that may be used to track the pages you have visited on our site.
      • 2To learn more about our Tracking Technologies please visit:
      • 3Turning off cookies via your web browser - most web browsers will provide you with some general information about cookies, enable you to see what cookies are stored on your device, allow you to delete them all or on an individual basis, and enable you to block or allow cookies for all websites or individually selected websites. You can also normally turn off third party cookies separately. Please note that the settings offered by a browser or device often only apply to that particular browser or device. Information about cookies is usually found in the "Help" section of the web browser. Below are some links to some commonly used web browsers:
    • 2.12 Changes to this privacy policy
      • 1Skybox has the discretion to update this privacy policy at any time.
      • 2The most current version will always be posted on our website (as reflected in the "Last Updated" heading).
      • 3You are advised to check for updates regularly. By continuing to access or use our Service after any revisions become effective, you agree to be bound by the updated Privacy Policy.
    • 2.13 Contact Information
      • 1For any questions, comments or concerns about our Privacy Policy or any other issue please contact Skybox via:
      • 2All notices given by you or required from you under this Privacy Policy shall be in writing and addressed to: Skybox Security, Inc., 2077 Gateway Place, Suite 200, San Jose, California 95110 USA