Product Privacy Policy

Last Updated: September, 2024

Rezonate, Inc. (“Rezonate”) operates a proprietary identity protection platform for enterprise security.

This Product Privacy Policy (“Privacy Policy”) explains how Rezonate collects, uses, discloses, and otherwise processes personal information about our customers’ employees, contractors, and other users (“End Users”) in connection with the use of our product platform and services (“Services”) to our customers, according to our agreements with those customers. Rezonate processes End Users’ information in our capacity as a service provider and data processor.

Your Consent
BY ENTERING, CONNECTING TO, ACCESSING, OR USING THE SERVICE, YOU AND ANY ORGANIZATION YOU REPRESENT AGREE TO THE TERMS AND CONDITIONS SET FORTH IN THIS PRIVACY POLICY, INCLUDING THE COLLECTION AND PROCESSING OF YOUR PERSONAL INFORMATION AS DEFINED BELOW. IF YOU DISAGREE TO ANY TERM PROVIDED HEREIN, YOU MAY NOT ACCESS AND/OR USE THE SERVICES IN ANY MANNER WHATSOEVER.

Information We Collect

We may collect the following types of data and information from our End Users:

• Non-Personal Information: any information that is non-identifiable and anonymous information (“Non-personal Information”). Non-Personal Information is collected without particular reference to the identity of the applicable End User from or about whom such information was collected and is available to us while such End User is entering and/or using the Services. Non-personal information which is being collected consists of technical, behavioral and aggregated information, and may contain, amongst other, the activity of the End User on our Services, type of operating system, type of browser and keyboard features, browser history, traffic patterns, etc.
• Personal Information: any information that identifies an individual, or may with reasonable effort, identify an individual, either alone or in combination with other information (“Personal Information”). Personal Information may be of a private or sensitive nature regarding an End User or identify an individual. End Users may be asked to provide certain Personal Information including, without limitation, the types of Personal Information listed below, and to the extent that you provide us information when contacting us we may also receive any types of Personal Information provided under such communication which you provide to us of your own volition.
  We collect information about End Users from our customers’ systems, including:

● Account details, including first and last names, email addresses, and login credentials.
● Employment details, such as the name of the organization, department, job title, workplace location, business/user ID, and information about your manager including their name, email address, and ID.
● Information on system activity, including authentication logs for customer systems and applications, identifiers of the authentication tools employed, types of multi-factor authentication, and group memberships.
● Usage details, such as data on how you interact with the Services, including any content you upload or submit to us, and information provided while engaging with the Services’ interactive features.

Automatically collected data: We routinely capture data concerning End Users’ engagement with our Services and their communication details. This includes information about the operating system type and version on their devices, device manufacturer and model, browser type, screen resolution, type of device (such as a smartphone or tablet), IP address, language preferences, mobile network carrier, and connection type (such as WiFi, LTE, 3G). We also gather general location details like city, state, or geographic region.

How We Use Information

1. To manage our platform Services, we:
   ● Provide, operate, maintain, secure, and enhance our Services.
   ● Offer information regarding our Services.
   ● Communicate with you about our Services by sending announcements, updates, security alerts, and support and administrative messages.
   ● Address your inquiries, requests, and feedback.
2. For research and development purposes – we analyze and enhance our Services and develop new products and services by studying how our Services are used.
3. To comply with legal requirements, we take actions necessary or appropriate to adhere to applicable laws, respond to lawful requests, and participate in legal processes, such as answering subpoenas or requests from government authorities.
   Legal Basis for Use
   We collect, process, and use your Personal Information for the purposes described in this Privacy Policy, based at least on one of the following legal grounds:

• In Performing an Agreement with You: We collect and process your Personal Information in order to provide you with the Services, following your acceptance of this Privacy Policy and pursuant to the Services’ Subscription Terms; to maintain and improve our Services to you; to develop new services and features for our End Users; and to personalize the use of the Services in order for you to get a better user experience.
• With Your Consent: We ask for your consent to collect and process your information for specific purposes, and you have the right to withdraw your consent at any time.
• Legitimate Interest: We process your information for our legitimate interests while applying appropriate safeguards that protect your privacy. This means that we process your information for things like detecting, preventing, or otherwise addressing fraud, abuse, security, usability, functionality or technical issues with our services, protecting against harm to the rights, property or safety of our properties, or our users, or the public as required or permitted by law; Enforcing legal claims, including investigation of potential violations of this Privacy Policy; in order to comply and/or fulfil our obligation under applicable laws, regulation, guidelines, industry standards and contractual requirements, legal process, subpoena or governmental request, as well as our Subscription Terms.

Purpose of Use
We may use the Personal Information that we collect about you for the following purposes:

• To provide, operate, and improve the Services for our End Users and to manage our business including by creating marketing campaigns.
• To send you updates, notices, notifications, and announcements related to the Services as well as newsletters, coupons, commercial offers and additional communications regarding the Services.
• To enable us to provide you with customer support services and to further develop, customize and improve the service based on End Users’ common preferences, uses, attributes and anonymized or de-identified data.
• To create cumulative statistical data and other cumulative information and/or other conclusive information that is non-personal, to enable us to improve our Services and provide End Users with a better user experience with more relevant and accurate information, services, third-party services, features and functionalities, statistical and research purposes, etc.
• To prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities.
• To comply with any applicable rule or regulation, to protect our legal interests and/or respond to or defend against (actual or potential) legal proceedings against us or our affiliates.
  Sharing Information with Third Parties

Rezonate will not share or otherwise allow access to any Personal Information it collects, or that you provide through the Services to any third party, except in the following cases:

• Law enforcement, legal proceedings, and as authorized by law: We may disclose Personal Information to satisfy any applicable law, regulation, legal process, subpoena or governmental request.
• Protecting Rights and Safety: We may share Personal Information to enforce this Privacy Policy and/or the Subscription Terms, including investigation of potential violations thereof; to detect, prevent, or otherwise address fraud, security or technical issues; to respond to claims that any content available on the Services violates the rights of third-parties; to respond to claims that contact information (e.g. name, e-mail address, etc.) of a third-party has been posted or transmitted without their consent or as a form of harassment; and to protect the rights, property, or personal safety of Rezonate, any of its End Users, or the general public.
• Our Affiliated Companies: We may share Personal Information internally with our family of companies for the purposes described in this Privacy Policy. In addition, when Rezonate or any of our affiliated companies is undergoing any change in control, including by means of merger, acquisition, or purchase of all or substantially all of its assets, we may share Personal Information with the parties involved in such event. If we believe that such change in control might materially affect your Personal Information then stored with us, we will notify you of this event and the choices you may have via e-mail and/or prominent notice on our Services.
• Third-Party Services: We partner with certain third parties to provide selected services that are used to facilitate and enhance the Services and your use thereof (“Service Providers”). Such third-party Service Providers may have access to, or process on our behalf Personal Information which we collect, hold, use, analyze, process and/or manage. These Service Providers include hosting, database and server co-location services, data analytics services (e.g., Google Analytics), remote access services, data and cyber security services, fraud detection and prevention services (e.g., Amazon Web Services), e-mail and text message distribution and monitoring services, and our business, legal and financial advisors (collectively, “Third Party Service Providers”). We remain responsible for any Personal Information processing done by Third Party Service Provider on our behalf, except for events outside of our and/or their reasonable control, and except with respect to Third Party Service Providers with which you are contractually engaged, either through a prior separate contractual engagement and/or through acceptance of their privacy policy and terms of use if such are referenced herein.

For the avoidance of doubt, Rezonate may transfer and disclose to third parties or otherwise use Non-personal Information at its own discretion.

Access to your information
To ensure your information remains accurate, current, and complete, please contact us using the contact details provided below. We will take reasonable steps to update or correct any information in our possession that you have submitted through the Services.

Data Subject Rights

Rezonate customers act as the data controllers for End Users’ personal information. As such, they are responsible for receiving and addressing requests from End Users aiming to exercise their rights under applicable data protection laws. Rezonate supports customers in fulfilling these requests as outlined in the customer agreements.

Depending on where you are located and your interactions with the Services, you may have the right to make the following requests regarding your Personal Information to our customers:

1. Access: Request information about the processing of your Personal Information and gain access to it.
2. Deletion: Ask for the deletion of your Personal Information held by them.
3. Correction: Request corrections to any inaccuracies in your Personal Information.
4. Transfer: Ask to have a machine-readable copy of your Personal Information transferred to you or a third party of your choice.
5. Restriction: Request a limitation on the processing (including sharing) of your Personal Information.
6. Objection: Object to the processing of your Personal Information based on the legitimate interests of our customers that affect your rights.

Data Retention

Rezonate retains information as long as necessary to provide the Services, comply with legal obligations, resolve disputes, and enforce the terms of our customer agreements.

External Sites and Services

Our Services may include links to third-party websites and integrations with services not under our control. These links and integrations should not be seen as an endorsement or as an indication of our affiliation with any third parties. We do not have authority over third-party websites or online services, nor are we responsible for their conduct.

Security Practices

We implement reasonable organizational, technical, and administrative measures to guard against unauthorized access, misuse, loss, exposure, alteration, and destruction of the Personal Information we hold. However, it’s important to note that no internet data transmission can be guaranteed to be fully secure. Thus, despite our efforts to safeguard your Personal Information, its absolute security cannot be assured.

Changes to this Privacy Statement

We reserve the right to alter this Privacy Policy at any time. Should there be any significant changes, we will inform you by updating the statement’s date and posting the new version on our Services or in an email notice to you.

How to Contact Us

For any inquiries or feedback regarding this Privacy Policy or our privacy practices, please email us at privacy@rezonate.io

The content of this page is also available in PDF format below