Last updated: May 05, 2023
Information security and privacy are at the heart of what ZeroGate values and promotes as a company. As such, we think it’s important to be transparent about how we handle your information.
This policy uses the term “personal data” to refer to information that is related to an identified or identifiable natural person and is protected as personal data under applicable data protection law.
In this policy, “ZeroGate”, “we”, “us” and “our” refer to ZeroGate Inc. See the Contact Us section below for the contact details of ZeroGate.
This section describes the various types of information we collect from and about you. To understand the context in which collection occurs, see Section 2 (How do we use your information?). More information about some of the mechanisms we use to collect this information, such as cookies, is available in Section 4 (Tracking Technologies & Cookies).
- Account information. Our services generally require you to create an account before you can access them. As part of the process of registering for an account, we may collect information such as your name, username, email address, and password.
- Billing and payment information. In order to purchase a service, you may need to provide us with details such as billing name, billing contact details (street addresses, email addresses), and payment instrument details.
- Identity verification information. Some services require you to verify your identity as part of creating an account to access them. We may collect information such as email addresses or phone numbers for this purpose.
- Communications and submissions. You may choose to provide us with information when you communicate with us (e.g. via email, phone, or chat for support or to inquire about our services), including when you fill out an online form, respond to surveys, provide feedback, post comments to our website, participate in promotions, or submit information through our services.
- Usage information. We collect information about how you interact with our services, how much bandwidth you use, and when and for how long you use our services.
- Device information. We may collect information from and about the device you use to access our services, including about the browsers and ZeroGate apps you use to access our services. For example, we may collect device identifiers, browser types, device types and settings, operating system versions, mobile, wireless, and other network information (such as internet service provider name, carrier name and signal strength), and ZeroGate application version numbers.
- Diagnostic information. We may collect information about the nature of the requests that you make to our servers (such as what is being requested, information about the device and app used to make the request, timestamps, and referring URLs).
- Location information. We may collect your location information based on your IP address, your device’s GPS or other device sensor data to provide you with better service (e.g. to connect you to the nearest and fastest server).
- Referrals. If you are invited to use a ZeroGate service, the person who invited you may submit your personal data, such as your email address or other contact information.
- Third Party Accounts. Our services may allow you to register an account using a third party account (such as a Google or Microsoft account). If you do so, that third party may send us some information about you that they have. You may be able to control what information they send us via your privacy settings for that third party account.
- Threat Information. We may receive information from reputable members of the security industry who provide information to help us to provide, develop, test, and improve our services (for example, lists of malicious URLs, spam blacklists, and sample malware). Some of this information may contain personal data on an incidental basis.
- Business Customers. Organizations who are our customers may submit your personal data to facilitate account management and invite individuals to use our services.
- Business Contact Information. We may collect from third party sources additional details about you, such as name, job title, business email and phone number, public social profile information, and details about your company for sales and marketing purposes, including identifying potential new customers and analyzing business opportunities.
You generally do not have a duty to disclose personal data to us unless you have a contractual obligation to us to do so. However, we need to collect and process certain information that is necessary or legally required in order to provide the services to you or otherwise perform our contractual relationships with you.
We use the information we collect for various purposes described below:
- To provide, maintain, troubleshoot, and support our services. We use your information for this purpose on the basis that it is required to fulfill our contractual obligations to you. Examples: using threat and device information to determine whether certain items pose a potential security threat; and using usage information to troubleshoot a problem you report with our services and to ensure the proper functioning of our services.
- For billing and payment purposes. We use your information in order to perform billing administration activities and process payments, which are required to fulfill our contractual obligations.
- To communicate with users and prospective users. We use your information to communicate with you, including by responding to your requests, and sending you information and updates about our services. We may do this in order to fulfill our contract with you, because you consented to the communication, or because we have a legitimate interest in providing you with information about our services.
- To improve our services. We want to offer you the best services and user experiences we can, so we have a legitimate interest in continually improving and optimizing our services. To do so, we use your information to understand how users interact with our services. Examples: we analyze certain usage, device, and diagnostic information to understand aggregated usage trends and user engagement with our services (and, for example, invest in technical infrastructure to better serve regions with increasing user demand); we may use device and threat information to conduct spam, threat, and other scientific research to improve our threat detection capabilities; we review customer feedback to understand what we could be doing better.
- To develop new services. We have a legitimate interest in using your information to plan for and develop new services. For example, we may use customer feedback to understand what new services users may want.
- To market and advertise our services. We may use your information to provide, measure, personalize, and enhance our advertising and marketing based on our legitimate interest in offering you services that may be of interest. Examples: we may use information such as who or what referred you to our services to understand how effective our advertising is; we may use information to administer promotional activities such as sweepstakes and referral programs.
- To prevent harm or liability. We may use information for security purposes (such as to investigate security issues or to monitor and prevent fraud) and to prevent abuse. We may do this to comply with our legal obligations, to protect an individual’s vital interests, or because we have a legitimate interest in preventing harm or liability to ZeroGate and our users. For example, we may use account, usage, and device information to determine if an entity is engaging in abusive or unauthorized activity in connection with our services.
- For legal compliance. We internally use your information as required by applicable law, legal process, or regulation. To learn about our practices regarding disclosing your information to third parties for legal compliance purposes, see Section 3.1 below. We also use your information to enforce our legal rights and resolve disputes.
We may disclose your information in the following circumstances:
In accordance with your instructions or consent. For example, some services may allow you to register an account using a third party account (such as a Google or Microsoft account). If you choose to do so, we will disclose information to the third party account provider.
To your business organization. If a business customer is providing you with access to our services through a business account, others in that organization may be able to see and manage your account and the information associated with it (such as an administrator).
For collaborating with others. Some services may provide ways for different users to interact or collaborate with each other. Your information will be disclosed in connection with those activities if you choose to engage in them.
Affiliates and third party service providers. To help us provide some aspects of our services, we work with trusted third parties and partners (including affiliated companies in the ZeroGate group). To protect your data, we enter into appropriate confidentiality and data processing terms with these third parties, review their security practices, and limit information disclosure to the scope of what they are helping us with. Examples of activities that third parties help us with include:
- processing customer payments
- providing analytics about our services
- providing sales and customer support
- maintaining the infrastructure required to provide our services
- delivering our marketing and advertising content
For security research purposes. A sanitized subset of our threat intelligence data may be disclosed to selected reputable members of the cybersecurity industry for the purpose of security threat research and facilitating community efforts to improve online security.
To a new owner. If ownership or control of all or part of our services, assets, or business changes, we may transfer your information to the new owner.
Aggregated or de-identified data. We may use and disclose aggregated data and data that is de-identified such that it no longer reveals the identity of an individual user for regulatory compliance, research and analysis, our own marketing and advertising activities and other legitimate business purposes.
To comply with legal process and the law. We may disclose your information if we are required to do so by applicable law; to comply with our legal obligations; to comply with legal process; and to respond to valid law enforcement requests relating to a criminal investigation, or alleged or suspected illegal activity that may expose ZeroGate, you, or any of our other users to legal liability. If we disclose your information for these purposes, we limit the information disclosed to what is legally necessary, and challenge information requests that we believe are unlawful, overbroad, or otherwise invalid.
To enforce our rights and prevent fraud and abuse. We may disclose limited amounts of your information to enforce and administer our agreements with customers and users, and to respond to claims asserted against ZeroGate. We may also disclose your information in order to protect against fraud and abuse against ZeroGate, our affiliates, users and others.
ZeroGate uses various technologies in our services to help us collect information. For convenience, we refer to these as “tracking technologies,” although they are not always used to track individuals and the information collected is in a non-identifiable form that does not reference any personal data. Tracking technologies include:
Cookies are small portions of text that are stored on the device you use to access our services. Cookies enable us (or third parties that we allow to set cookies on your device) to recognize repeat users. Cookies may expire after a period of time, depending on what they are used for.
These are small, hidden images and blocks of code placed in web pages, ads, and our emails that allow us to determine if you perform a specific action. When you access a page, ad, or email, or click a link, these items let us know that you have accessed that page, opened an email, or clicked a link.
SDKs or software development kits are software code provided by our business partners that let our software interact with the services those partners provide. Sometimes these interactions will involve that business partner collecting some information from the device on which the software is run.
- To provide our services. Some cookies are essential for the proper operation of our services. For example, cookies allow us to authenticate who you are and whether you’re authorized to access a resource.
- To store your preferences. Cookies can store your preferences, such as language preferences or whether to pre-fill your username on sign in forms. We may also use them to optimize the content that we show to you.
- For analytics. Cookies are used to inform us how users interact with our services so we can, as a legitimate interest, improve how they work (such as what screens or webpages you access, and whether our advertising is effective).
- For security. Cookies can enable us and our payment processors to detect certain kinds of fraud.
- For advertising-related purposes. We may advertise our services online with the help of third parties who show ads and marketing about us on sites around the internet.
We may allow our business partners to place certain tracking technologies in our services. These partners use these technologies for the following purposes:
- To provide our services. Some business partners who help us to provide our services may use these technologies to support those efforts.
- For Analytics. To help us understand how you use our services.
- For Marketing. To help us market and advertise our services to you, including on third party websites. Tracking technologies are used in connection with this to measure the performance of our advertising, attribute actions you take with our ads with actions you take on our services, deliver ad retargeting (serving ads based on your past interactions with our services), and target ads at similar audiences.
ZeroGate has implemented reasonable and appropriate physical, administrative and technical safeguards designed to protect your personal information from loss, misuse, unauthorized access, disclosure, alteration and destruction. For example, we encrypt certain sensitive personal information when we transmit such information over the Internet. We also limit access to personal data and confidential information on our systems to only those employees with a specific need to access this information. If you have any questions about the security of your personal information, you can contact us by email.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to the Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.
ZeroGate may transfer your personal data to countries other than the one in which you reside. We do this to facilitate our operations, and transferees include other ZeroGate group companies, service providers, and partners. Laws in other countries may be different to those that apply where you reside. For example, personal data collected within Switzerland, the United Kingdom, or the European Economic Area (EEA) may be transferred and processed outside Switzerland, the United Kingdom, or the EEA for purposes described in this policy. However, we put in place appropriate safeguards that help to ensure that such data receives an adequate level of protection. You may contact us by email if you would like more information about such safeguards.
ZeroGate generally retains your personal data for as long as is needed to provide the services to you, or for as long as you have an account with us. We may also retain personal data if required by law, or for our legitimate interests, such as abuse detection and prevention, and defending ourselves from legal claims. Residual copies of personal data may be stored in backup systems for a limited period as a security measure to protect against data loss.
The Website may contain links to other websites. We are not responsible for the privacy practices of any websites other than our own. This Policy applies only to information collected by us on the Website and not to any third party websites. We encourage you to review the privacy statements of any such websites to understand their information practices.
Our Website and the Products are not intended for children under 16 years of age. No one under age 16 may provide any information to or on our Website. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on this Website or provide any information about yourself to us. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us by email.
Depending on your country of residence, you may have certain legal rights in relation to your personal data that we maintain. Subject to exceptions and limitations provided by applicable law, these may include the right to:
- confirm that we are processing your information;
- access and receive a copy of your personal data;
- correct your personal data;
- restrict the processing of your personal data;
- object at any time to the processing of your personal data;
- have your personal data erased;
- data portability;
- withdraw any consent you previously gave to the processing of your data (such as opting out to marketing communications);
- lodge a complaint with a data protection authority;
Please note your rights and choices vary depending upon your location, and some information may be exempt from certain requests under applicable law.
You may be able to exercise some of these rights by using the settings and tools provided in our services. For example, you may be able to update your user account details via the relevant account settings screen of our apps. You may also be able to opt out from receiving marketing communications from us by clicking an “opt out” or “unsubscribe” link in such communications.
Otherwise, if you wish to exercise any of these rights, you may contact us using the details in the “Contact Us” section below. As permitted by law, we may ask you to verify your identity before taking further action on your request. If we deny your request in whole or in part, you may have the right to appeal the decision. In such circumstances, we will provide you with information regarding the appeals process
Please be aware that personal identifiable information that you voluntarily disclose and that is accessible to other users (for example, on social media, forums, bulletin boards, or in chat areas) may be collected and disclosed by others. We will not be responsible for such collection and disclosure.
If you have questions or concerns regarding this Policy, please feel free to contact us by email or write to us at:
Attn: Privacy Department
1993, 1007 N Orange St. 4th Floor , Wilmington, DE, New Castle, US, 19801