This Policy does not apply to information collected by any third party, including through any application or content that may link to or be accessible from the Fidelis Services. If you do not agree to the terms of this Policy, please do not use, access, download, install, or utilize (collectively, “use”) any Fidelis Services or otherwise provide us with any personal information.
Information We Collect and How We Use Your Information
While Using the Software
As an integral part of its functionality, the Software may automatically collect and transmit certain files and processes, including portable executable files or other executable code, that exist on, or are being introduced into a computer system or network ("Files"), to identify potential or actual malicious code, malware, or other intrusive artifacts or processes (collectively “Potentially Malicious Code”). Such Files are transmitted to our servers so that we can analyze them for malicious code, malware, or other intrusive programs. We may also collect certain systems telemetry information, including, without limitation, the path and file name of the Potentially Malicious Code, user names; MAC Addresses; network information; hardware type; model number; hard disk size; CPU type; disk type; RAM size; systems architecture; operating system; versions; locale; BIOS version; BIOS model; system telemetry; device ID; IP address; location; information about third-party products; and other configurations, settings, and artifacts.
When You Use Fidelis Services
We may automatically collect certain aggregate information and analytical data related to the use of the Fidelis Services, including visiting the Site (see “Tracking Technologies” below). Aggregate information is non-personally identifiable or anonymous information, including the date and time of the visit; the Internet Protocol (“IP”) address of the computer; information about the browser and operating system used; the state or country from which the Site was accessed; the Internet address visited before reaching the Site; error logs; the name of the domain and host used to access the Internet; the features of the Site that were accessed; and other hardware and software information. However, none of the automatically collected aggregate information and analytical data described above is associated with personally identifiable information unless such personal information was voluntarily shared with us.
We use log files to manage traffic loads and information technology requirements for providing reliable service, as well as to enhance the Site by tailoring our content to your interests and needs.
On our Site, you can sign up to receive additional information, attend a webinar, or sign up to attend a live event. To receive additional information from us, you must provide your name, company name, email address, and phone number. This information is retained by us and our third-party business partners to provide you with information, marketing materials, or updates for Fidelis Services similar or related to the information that you have requested. Our third-party business partners provide Fidelis with services that may require us to provide them with your personal information. These third-party business partners are not permitted to use the information collected on our behalf except to help us conduct business, improve, or provide the Fidelis Services.
We may also send you notifications via email regarding Fidelis Services in order to keep you informed of any updates or changes to the Fidelis Services, e.g., product updates and support communications. These email communications are essential for the continued functionality of the Fidelis Services, and you will continue to receive these types of email communications even if you choose to opt-out of any other email communication from us.
If you would like to review your communication preferences, or if you do not want to receive further information or materials from us, you can update your information or opt-out by following the instructions contained within each communication from us. You can also contact us at email@example.com or write to us at the address listed at the end of this Policy.
Your Account Information
Information you provide when you create an account on our Site, register your Software, or in relation to the receipt of any other Service may include your name, company name, personal and/or business email address, phone number, and other personally identifiable information (“Account Information”). Your Account Information is stored securely with controlled access and used to inform you of upcoming events, send you information and updates, respond to inquiries for service requests, authenticate your use of the Software, manage the Site and the Software, and assess the usage of the Services.
In connection with providing Fidelis Services to its clients, Fidelis may collect personally identifiable information from employees and customers of our clients, users of our clients' networks and systems, and individuals that connect to our clients' networks and systems. The use of information collected as a result of providing Fidelis Services to our clients will be limited to the purposes for providing the Software or Services to the client. We may transfer personal information to other companies that help us provide our Software and Services to our clients. Transfers to subsequent third parties are covered by the service agreements with our clients.
Upon request, Fidelis will provide you with information about whether we hold any of your personal information. You may review, access, correct, suppress, or request deletion of your personal information by contacting us at firstname.lastname@example.org. We will respond to your request within a reasonable timeframe. In certain circumstances, we may be required by law to retain your personal information or may need to retain your personal information in order to continue providing the Fidelis Services.
Fidelis acknowledges that you have the right to access your personal information. However, Fidelis has no direct relationship with the individuals whose personal information it may process on behalf of Fidelis’ clients. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to Fidelis’ client (the data controller). If requested to remove data, we will respond within a reasonable timeframe.
Outside Parties; Disclosure of Information
Except as provided in this Policy, we do not sell, trade, lease, rent, or otherwise transfer your personal information to third parties. We reserve the right to share your information with third-party business partners and service providers who assist us in operating our Site, conducting our business, and providing you with the Fidelis Services. Fidelis requires these third parties to take commercially reasonable steps to safeguard your personal information and not use your personal information for other purposes unless you consent.
We may also disclose your personal information as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that such disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, respond to a government request, or to conduct investigations of violations of our End User License Agreement. For example, if we conduct a fraud investigation and conclude that one side has engaged in deceptive practices, we may provide that person or entity’s contact information to victims who request it.
We may also provide access to, assign, or disclose information maintained by us, including your Account Information, in connection with a corporate transaction, such as a merger, acquisition, or purchase of all or substantially all of our assets.
The Site includes links to third-party sites, products, or services, and your access to these third-party sites, products, or services may result in the collection or sharing of your information. These third parties have separate and independent privacy policies. We are not responsible or liable for the content and activities of these linked sites, products, or services. The inclusion of these third-party sites, products, or services on our Site shall not be construed to be an endorsement or representation regarding any third-party sites, products, or services. We encourage you to review the privacy policies of such third parties.
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, you can contact us at email@example.com.
The information we collect may be stored in the United States because our operations are primarily in the United States. As such, your information may be transferred to, used, processed, or maintained on computers located outside of your province, country, or other governmental jurisdiction, and privacy laws may not be as protective as those in your jurisdiction. In situations where you are located outside the United States and choose to provide information to us, we will transfer your information to the United States and process it there. Furthermore, this Policy is governed by the laws of the United States and the State of Delaware.
EU-U.S. Privacy Shield
Fidelis complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. Fidelis has certified to the Department of Commerce that it adheres to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability for all personal data that it receives from the EU. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov. The Federal Trade Commission has jurisdiction over Fidelis’ compliance with the Privacy Shield.
Under certain circumstances, Fidelis may remain liable under the Privacy Shield Principles if our agents process your European Union personal information that we transfer to them in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.
With respect to personal information received or transferred pursuant to the Privacy Shield Framework, Fidelis is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Fidelis may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, Fidelis commits to resolve complaints about our collection or use of your personal information. European Union individuals with inquiries or complaints regarding our Privacy Shield policy should first contact us by using our “Contacting Us” information provided below.
Fidelis has further committed to refer unresolved Privacy Shield complaints to JAMS, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please contact or visit https://www.jamsadr.com/eu-us-privacy-shield for more information or to file a complaint. The services of JAMS are provided at no cost to you.
Under certain conditions, it may be possible for you to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information, see the U.S. Department of Commerce’s Privacy Shield Framework: Annex I (Binding Arbitration).
Children's Online Privacy Protection Act
We do not knowingly collect any information from anyone under 13 years of age, and the Fidelis Services are directed to people who are at least 13 years old. If you become aware that your child has provided us with personal information without your consent, please contact us at firstname.lastname@example.org. A parent or guardian of a child under the age of 13 may review and request deletion of such child’s personally identifiable information as well as prohibit the use thereof. If we become aware that a child under 13 has provided us with personal information, we will take steps to remove such information from our active systems and will terminate the child’s account.
Terms of Service for Site Usage
Please also visit our Terms of Service section establishing the use, disclaimers, and limitations of liability governing the use of the Site at Terms of Service.
Additional Terms and Conditions for Software
This Policy applies only to information collected through our Site or by the use of our Software or the utilization of our Services and not to information collected offline. Your download and use of our Software is subject to additional terms and conditions that define your rights, as well as our rights, with respect to the Software and its use. Those additional terms and conditions are contained in the Evaluation Agreement or End User License Agreement that you are required to accept prior to downloading the Software.
By using our Site, downloading or using the Software, or utilizing the Services, you consent to the terms and conditions of this Policy.
Each time you use the Fidelis Services, the current version of this Policy will apply. We reserve the right to change this Policy at any time to reflect changes in the law, the Fidelis Services we provide, our business and technology, and our data collection and use practices. Accordingly, each time you use the Fidelis Services, you should check the date of this Policy (which appears at the top of the Policy) and review any changes since the last version. If we make any material changes, we will notify you by the email address specified in your Account Information or by means of a notice on the Site prior to the change becoming effective.
Your continued use of the Fidelis Services following the posting of changes to this Policy will mean you accept those changes.
Notice To California Residents
If you are a California resident, California Civil Code Section 1798.83 permits you to request and obtain from us once a year, free of charge, information regarding the disclosure of your personal information by the Company to third parties for the third parties’ direct marketing purposes. With respect to these entities, this Policy applies only to their activities within the State of California. If you are a California resident and would like to request this information, please send an email to email@example.com or write to us at the address below.
If there are any questions regarding this Policy, you may contact us using the information below:
Fidelis Cybersecurity, Inc.
Vice President & Corporate Counsel
4500 East West Highway, 4th Floor
Bethesda, MD 20814