Privacy Policy

Perimeters Privacy Policy
‍

Intro

Perimeters, Inc., (“Perimeters”, “our”, “we” or “us”) respects the privacy of its users (“User(s)”, “your” or “you”), and is committed to protecting the information that you share with us in connection with your use of our website, available at: https://www.perimeters.io/ (“Website”), our SaaS security platform including all software therein (“Solution”), and through our marketing and advertising activities and any other services we may provide to you from time to time (together with Website and Solution, the “Services“). 

This privacy policy (“Privacy Policy”) governs and is intended to describe our practices regarding information (including Personal Data as defined below) that we may collect from you or about you when you use or access the Services, the ways in which we may use such information, and the choices and rights available to you. Users of our Services (referred to, unless otherwise specifically indicated, as “Users” or “You” collectively) may include (i) individuals who use our Solution in their capacity as employees or other personnel of our business customers (our business customers  hereafter “Customer(s)”) including individuals identifying as a Customer “admin” users or Customer’s end-users, using or accessing the Services under Customer’s account or on Customer’s behalf (each, a “Customer End-User”); (ii) individuals who access or use the Services in their individual personal capacity e.g. for personal uses (each, an “Individual End-User”); (iii) visitors of the website (each, a “Visitor”); and (iv) Candidate(s) (as defined below).This Privacy Policy supplements and shall be read in conjunction with our Terms of Use located at https://www.perimeters.io/tos (the “TOU”) and our Cookie Policy (the “Cookie Policy”), and may be supplemented by additional privacy statements, terms or notices provided to you. Capitalized terms which are not defined herein, shall have the meaning ascribed to them in our TOU.

IMPORTANT NOTE: where we process Personal Data of or about Customer End-Users, we do so on behalf of and under the instruction of the respective Customer (which Customer may be your employer, or other corporation on behalf of which you perform services, or otherwise are using our Service) Perimeters does so in our capacity as a “data processor” on behalf of such Customer. For more information about our practices as a data processor and the impact on your Personal Data in our possession, please see below. 

The provisions of this Privacy Policy as they relate to Perimeter’s independent privacy and data processing activities as a “data controller” – with respect to Users who are Visitors, Individual End-Users, or Candidates - do not apply to the processing of Personal Data of Customer End-Users. If you are using our Services (including the Solution) as a Customer End-User, of if otherwise, you have any questions or requests regarding Customer End-Users’ Personal Data, please contact the Customer on behalf of which you use the Solution (usually this will be your employer or corporation for which you provide a service). 

‍

Your Consent

PLEASE READ THIS PRIVACY POLICY BEFORE ACCESSING AND/OR USING OUR SERVICES OR ANY PART/COMPONENT THEREOF. BY ACCESSING OR USING THE SERVICES OR ANY PART/COMPONENT THEREOF, YOU AGREE TO THE TERMS AND CONDITIONS SET FORTH IN THIS PRIVACY POLICY, INCLUDING TO THE COLLECTION AND PROCESSING OF YOUR PERSONAL DATA (AS DEFINED BELOW). IF YOU DISAGREE WITH ANY TERM PROVIDED HEREIN, YOU MAY NOT ACCESS OR USE THE SERVICES.

PLEASE NOTE: YOU ARE NOT OBLIGATED BY LAW TO PROVIDE US WITH ANY PERSONAL DATA. YOU HEREBY ACKNOWLEDGE AND AGREE THAT YOU ARE PROVIDING US WITH PERSONAL DATA AS DESCRIBED IN THIS PRIVACY POLICY AT YOUR OWN FREE WILL. YOU HEREBY AGREE THAT WE MAY COLLECT AND USE SUCH PERSONAL DATA PURSUANT TO THIS PRIVACY POLICY AND ANY APPLICABLE LAWS AND REGULATIONS.

TO THE EXTENT THAT YOU PROVIDE US WITH ANY PERSONAL DATA RELATED TO ANY THIRD PARTY OR ANY OTHER PERSON OR ENTITY WHICH IS NOT YOU, INCLUDING INFORMATION RELATED TO ANY OF YOUR PERSONNEL, COLLEAGUES OR CUSTOMERS, YOU ARE SOLELY RESPONSIBLE TO RECEIVE AND HEREBY REPRESENT THAT YOU HAVE AND UNDERTAKE THAT YOU SHALL HAVE AT ALL TIMES, MAINTAINED AND RECEIVED, THE CONSENT, AUTHORITY, PERMISSION AND APPROVAL OF SUCH PERSONS OR ENTITY AND PROVIDED THEM WITH SUFFICIENT DISCLOSURES, TO ALLOW PERIMETERS TO ACCESS, STORE, COLLECT, ANALYZE AND PROCESS SUCH PERSONAL DATA AS DETAILED HEREIN.

First – What is Personal Data? “Personal Data” is information that identifies an individual or may with reasonable efforts or together with additional information we have access to, enable the identification of an individual, or may be of a private or sensitive nature relating to an identified or identifiable natural person. Identification of an individual also includes the association of such individual with a persistent identifier such as a name, an identification number, persistent cookie identifier etc. Personal Data does not include information that has been anonymized or aggregated; provided, that, such information can no longer be used to identify a specific natural person.

1. INFORMATION WE COLLECT:

In the course of accessing or otherwise using our Services, we receive your Personal Data through the following sources:

• Data actively provided by You: Generally, this category refers to any information, data, or content you actively and/or voluntarily create, upload, or provide through our Services. For example, we collect the Personal Data that You actively input when you send requests through the “contact us” options on the Website, when you book a Demo with us, when you correspond with our customer support team, when you apply for a job with us on the “Careers” page, or when you use our Solution, over the course of such use you may be asked to input Personal Data such as first and last names, email address and username of admin and contributor employees and contractors and such use may include Personal Data which may be contained in the content you actively and/or voluntarily create. 
• Personal Data we collect automatically when you use our Services: When operating our Services, we may use various tools and methods to collect information regarding your use of the Services. In other words, we are aware of your usage of the Services and may gather, collect, and record the information relating to such usage, including by using our Service Providers (as defined below) or tracking technologies such as cookies, JavaScript, beacons, and Local Storage such as HTML5, and as further detailed below. 
• Personal Data collected from other sources: When using your social networks information to login to log-in to the Services, we may have access to your applicable social network public profile (if applicable). We collect your information from your social network account only if and to the extent you provided your permission for such collection. We may also collect Personal Data concerning you, from third parties who have assured us that they have obtained your consent for such provision of information, including from our Customer which you are affiliated with, when you are using our Service as such Customer End-User. You can learn more about our third-party Service Providers and other business partners by reading the “WITH WHOM DO WE SHARE YOUR PERSONAL DATA” section below.

2. WHAT CATEGORIES AND TYPES OF DATA DO WE COLLECT?

Most of the information that we collect when you use or access our Services is not Personal Data, however we collect and process the following types of Personal Data through the following respective methods of collection (as explained above):

Data actively provided by You:

• Information voluntarily provided by you: Contact information such as phone number and email, position, company, and any comments, feedback, reviews, recommendations, etc.
• Support and communication data: If you contact us, for instance through our contact box, or respond to messages and communications that we send to you or publish on our social network accounts (if applicable), we may keep a record of that correspondence and communication.
• Information mandated by applicable law: Information we are required or otherwise authorized to collect under applicable laws to authenticate or identify you or to verify the information we have collected from you via our Services.

Personal Data we collect automatically when you use our Solution, access our Website and/or receive related services.:

• Usage and Impression Data: details about how you use or interact with our Services, such as session time and duration, pages you visited, methods used to browse away from a page, as well as information about your impressions of, and reactions to, products and advertisements that appear on the Website, such as your clicks and views.
• Device and Technical Information: We collect information from and about the device(s) you access or use our Services, as follows:

• Identifiers: identifiers such as IP address, device identifiers and ad identifiers, etc., the country or region that you are browsing from can be derived from your IP address.
• Device signals: Wi-Fi access points, connection speed, etc.
• Cookie data: data from cookies stored on your device, including cookie IDs and settings.

Personal Data collected from social media and other third parties:

• When contacting or accessing our Services via Google Single Sign On or other social networks or services (if applicable), we may have access to your public profile and login credentials. When you make the Services interact with your social network account, we may collect your information from your social network account only in accordance with the privacy settings you have set up under your social network accounts. Accordingly, we only collect such information which you have allowed the social network(s) to share with third parties (or other information you make publicly available).
• You understand that the Services may access, make available and store (if applicable and as permitted by the third-party social network and authorized by you) such information so that it is available on and through the Service. THEREFORE, IF YOU ARE A USER, YOU MAY ONLY PROVIDE US PERSONAL DATA OR ALLOW US ACCESS THERETO IN ACCORDANCE WITH THIS PRIVACY POLICY.
• We may also collect Personal Data concerning you, from other third parties who have assured us that they have obtained your consent for such provision of information. For example, we may collect and use your contact information which we may have received from our Customer, or otherwise from your employer or from another User who invited you to use our Services, as allowed by applicable national laws.

We may from time to time ask you for your consent for the collection of other information from you or your device. For instance, we may invite you to allow us to access your contacts to enable us to invite them to use our Services. If we do this or something similar, we will tell you what information we would like to collect, why we need it and what we’ll use it for.

If we combine Personal Data with non-Personal Data, the combined data will be treated as Personal Data. Further Personal Data will only be stored and processed if you voluntarily provide it to us, e.g., through a contact form.

3.    OUR LEGAL BASIS FOR USE OF YOUR DATA

a.     Legal Grounds for the collection and processing of Personal Data:

• Provision of the Services: We collect and process your Personal Data to provide our Services (in accordance with this Privacy Policy and using technical and organizational measures and in accordance with contractual obligations pursuant to applicable law), following your acceptance of this Privacy Policy; to maintain and improve our Services; to develop new services and features for our users; and to personalize the Services in order to provide better user experience. For example, we may send you offers concerning our Services which we think will be more relevant to you, based on your interaction with our Services;
• Legitimate interests: We process your Personal Data for our legitimate interests while applying appropriate safeguards that protect your privacy. Our legitimate interests may span things like detecting, preventing, or otherwise addressing fraud, abuse, security, usability, functionality, or technical issues with our Services, protecting against harm to the rights, property or safety of our properties, users, or the public as required or permitted by law; enforcing legal claims, including investigation of potential violations of this Privacy Policy or defending against legal claims made by you or on your behalf;
• With your consent: We ask for your agreement to process your Personal Data for specific purposes and you have the right to withdraw your consent at any time. For example, we ask for your consent to send you our marketing offers and communications;
• Compliance with legal obligations: We may use your Personal Data in order to: comply with any applicable law, rule, regulation, guidelines, industry standards or other governmental authority; respond to or defend against legal proceedings brought against us or our affiliates; prevent fraud; investigate violations, and enforce our policies, including but not limited to our TOU.

b.     We may use your Personal Data for the following Purposes:

• to provide, operate and improve the Services;
• to enable us to optimize and personalize our Services for you and for the device that you are using;
• to send you updates, notices, notifications, announcements, and additional information related to the Services;
• to create aggregated statistical data and other aggregated and/or inferred Non-personal Data, which we may use to provide and improve our respective services;
• to be able to contact you for the purpose of providing you with technical assistance, support and complaints and collect feedback, if you approach is with such requests and provide us with your contact details for such purpose;
• to verify your identity when we are approached with a request to exercise any of your rights hereunder or under our TOU;
• to prevent, detect, mitigate, and investigate fraud, security breaches or other potentially prohibited or illegal activities, including any breaches of this Privacy Policy or of our TOU;
• to perform functions or services as otherwise described to you at the time of collection;
• To market our Services to Users or potential Users, and to be able to track and evaluate our marketing activities and their results and attribute different marketing achievements to the respective marketing efforts; and
• to comply with any applicable rule or regulation, to protect our legal interests and/or respond to or defend against (actual or potential) legal proceedings against us or our affiliates.

We also analyze and use the Personal Data that we collect on an anonymized or aggregated basis for product development, to analyze the performance of our Services, to troubleshoot and to improve and optimize the Services and to ensure the best User experience for our users as a whole.

4.    WITH WHOM DO WE SHARE YOUR PERSONAL DATA?

We may share your Personal Data with third parties (or otherwise allow them access to it) only in the following manners and instances:

• Internal Concerned Parties: We share your Personal Data with our family companies, as well as our employees, for the purposes described in this Privacy Policy and in accordance with Section 3 above. In addition, should Perimeters or any of its affiliates undergo any change in control, including by means of merger, acquisition, or purchase of substantially all of its assets, your Personal Data may be shared with the parties involved in such event under strict security condition, for the purpose of evaluating such event and in accordance with the terms of this Privacy Policy. If we believe that such change in control might materially affect your Personal Data then stored with us, we will notify you of this event and the choices you may have you via e-mail and/or prominent notice on our Services.
• Protecting Rights and Safety: We may share Personal Data to enforce this Privacy Policy and/or the TOU, including investigation of potential violations thereof; to detect, prevent, or otherwise address fraud, security or technical issues; to respond to claims that a content available on the Service violates the rights of third-parties; or otherwise if we believe in good faith that this will help protect the rights, property or personal safety of Perimeters, any of our users, or any member of the general public.
• Third Parties & Business Partners: When using our Services as a Customer End-User we will share your Personal Data with the applicable Customer with which you are affiliated (on behalf whom we process your information), in accordance with this Privacy Policy.  We partner with certain third parties to provide selected services that are used to facilitate and enhance the Services and your use thereof (“Service Providers“). Such Service Providers may have access to, or process on our behalf Personal Data which we collect, hold, use, analyze, process and/or manage. These Service Providers may include among others, hosting, database, and server co-location services (e.g., Google Drive), data analytics services (e.g., Google Analytics), meeting schedule and e-mail distribution and monitoring services (e.g., Hubspot, Calendly), marketing and customer management services (e.g., Salesforce), recruiting services (e.g., Greenhouse) and our business, legal and financial advisors. We remain responsible for any Personal Data processing done by Service Provider on our behalf, except for events outside of our and/or their reasonable control, and except with respect to Service Providers with whom you are contractually engaged, either through a prior separate contractual engagement and/or through acceptance of their privacy policy and terms of use.
• Law Enforcement Entities – We cooperate with government and law enforcement officials to enforce and comply with the law. We will disclose any data about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (including but not limited to subpoenas), to protect our or a third party’s property and rights, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable.

5.    JOB CANDIDATES

Perimeters welcomes all qualified candidates (“Candidates”) to apply to any of the open positions posted on our Website, Facebook, LinkedIn, by sending us their contact details and CV (“Candidates Information”). We are committed to keep Candidates Information private and use it solely for our internal recruitment purposes (including for identifying Candidates, evaluating their applications, making hiring and employment decisions, and contacting Candidates by phone or in writing).

Please note that Perimeters may retain Candidates Information submitted to it even after the applied position has been filled or closed for a reasonable time period. This is done so we could re-consider Candidates for other positions and opportunities at Perimeters; so, we could use their Candidates Information as reference for future applications submitted by them; and in case the Candidate is hired, for additional employment and business purposes related to their work. If you previously submitted your Candidates Information to Perimeters, and now wish to access it, update it or have it deleted from our systems, please contact us at support@perimeters.io.

6.    STORAGE AND INTERNATIONAL DATA TRANSFER

Information regarding the Users may be maintained, processed, and stored by us and our authorized affiliates and Service Providers in the United States. Where Perimeters processes Personal Data on behalf of a Customer (including without limitation, Personal Data of Customer End-Users), such Personal Data will be processed in the locations as permitted and required by the Customer (as further described below).

While the data protection laws in the above jurisdictions may be different than the laws of your residence or location, please know that we, our affiliates, and our Service Providers that store or process your Personal Data on our behalf are each committed to keep it protected and secured, pursuant to this Privacy Policy and industry standards, regardless of any lesser legal requirements that may apply in their jurisdiction.

Specifically, each of our third party Service Providers which store or process your Personal Data either: (i) assured us that they provide adequate safeguards to protect your rights to privacy including where applicable, by undertaking to comply with the EU Standard Contractual Clauses; (ii)  where applicable, hold and process such Personal Data on our behalf in jurisdictions which have been determined to ensure an adequate level protection by the EU Commission; (iii) perform such processing pursuant to your consent and acceptance of their privacy policy as further detailed in this Privacy Policy.

By providing your Personal Data, you expressly consent to the place of storage and transfer described above, including transfers outside of the jurisdiction in which the information was provided.

7.    DATA RETENTION

We retain the Personal Data we collect or receive from you as needed in order to provide the Services and as otherwise necessary to comply with applicable laws and regulations.  If you withdraw your consent to us processing your Personal Data, including by deleting your account, we will delete your Personal Data from our systems (except to the extent such data in whole or in part is required to comply with any applicable rule or regulation and/or to respond to or defend against legal proceeding bought against us or our affiliates), except where we process your information as a Processor on behalf of our Customer (such as your employer of other entity you are affiliated with in connection with the use of our Services  in which case data retention is subject to such Customer’s instructions, as further described in Section 12 below.  

8.    USING COOKIES AND OTHER TRACKING TECHNOLOGIES

We may use certain monitoring and tracking technologies to understand how you use our Services, including ones offered by third party Service Providers. These technologies are used in order to maintain, provide, and improve our Services on an ongoing basis, and in order to provide a better experience to our Users. For example, these technologies enable us to: (i) keep track of and “remember” our Users’ preferences and authenticated sessions, (ii) secure our Services by detecting abnormal behaviors, (iii) identify technical issues and improve the overall performance of our Services, and (iv) create and monitor analytics.

9.    DATA SECURITY

We take great care in implementing and maintaining the security of the Services and of your Personal Data. We have implemented administrative, technical, and physical safeguards to help prevent unauthorized access, use or disclosure of your Personal Data. Your Personal Data is stored on secure servers and isn’t publicly available. We limit access of your Personal Data only to those employees, third party Service Providers or other partners on a “need to know” basis, and strictly in order to enable us to perform the agreement between you and us.

Despite these measures, Perimeters cannot provide absolute information security or eliminate all risks associated with Personal Data, and security breaches may happen. If there are any questions about security, please contact us at support@perimeters.io .

10.    YOUR RIGHTS

If applicable to you under your country’s jurisdiction, you may have certain rights in connection with your Personal Data and how we handle it. You can exercise your rights at any time by contacting us via any of the methods set out in Section 13 below, and in the event of Users who are Customer End-Users, subject to and as set out in Section 12. Those rights may include, but are not limited to, the following:

1. Right of access. You may have a right to know what Personal Data we hold about you and, in some cases, to have the information communicated to you. We reserve the right to ask for reasonable evidence to verify your identity before we provide you with any information.
2. Right to correct Personal Data. We endeavor to keep the information that we hold about you accurate and up to date. Should you realize that any of the Personal Data that we hold about you is incorrect, please let us know and we will use our best efforts to correct it as soon as we can.
3. Data deletion. In some circumstances and under certain laws and regulations, you may have a right to request that some portions of the Personal Data that we hold about you be deleted or otherwise anonymized/de-identified.
4. Data portability. In some circumstances and under certain laws and regulations, you may have the right to request that Personal Data which you have provided to us is provided to you, so you can transfer or port it elsewhere.

11. CHILDREN PRIVACY

To use our Services, Users must be over the age of eighteen (18). Therefore, we do not knowingly collect Personal Data from individuals under the age of eighteen (18) and we do not wish to do so. We reserve the right to request proof of age at any stage so that we can verify that individuals under the age of eighteen are not using the Services. If you believe that we might have any information from or about an individual under the age of eighteen (18), please contact us at support@perimeters.io. In the event that it comes to our attention that a person under the age of eighteen (18) is using the Services, we may prohibit and block such User from using the Services and will make all efforts to promptly delete any Personal Data with respect to such User.

If you are submitting to the Services any Personal Data pertaining to any minor child, you hereby represent and warrant that you have received all the necessary legal consents or approvals or that you are the parent or legal guardian and have the actual authority and legal right to upload, submit, disclose or otherwise share such Personal Data and/or any other form of sensitive information, on the minor’s behalf.

12.    DATA CONTROLLER/PROCESSOR

Under various privacy, data protection or similar laws, regulations, or additional legal frameworks, such as the GDPR or the CCPA, two distinguished main roles for parties processing Personal Data typically apply: the “data controller” (or under the CCPA, “business”), who determines the purposes and means of processing; and the “data processor” (or under the CCPA, “Services provider”), who processes such data on behalf of the data controller (or business). Below we provide additional information into how these roles apply to our Services, where such laws and regulations apply.

Perimeters. is the “data controller” of its Individual End-Users, Visitors and Candidates’ Personal Data, as detailed above. Accordingly, we assume the responsibilities of a data controller (solely to the extent applicable under law), as set forth in this Privacy Policy. 

Perimeters is the “data processor” of personal data contained in Customer End-Users’ Personal Data, as submitted or otherwise provided to us by our Customers and/or Customer End-Users. We process such data on behalf of our Customer (who, in turn, is the “data controller” of such data) and in accordance with its reasonable instructions, and our commercial agreements with such Customer.

Our Customers are solely responsible for determining whether and how they wish to use our Services, and for ensuring that all individuals using the Services on the Customer’s behalf or at their request, as well as all individuals whose personal data may be included in any Personal data processed through the Services, have been provided with adequate notice and given informed consent to the processing of their personal data, where such consent is necessary or advised, and that all legal requirements applicable to the collection, use or other processing of data through our Services are fully met by the Customer. Our Customers are also responsible for handling data subject rights requests under applicable law, by their Customer End-Users and other individuals whose data they process through the Services (and accordingly, if you are a Customer End-User or other individual whose Personal Data was provided to us in connection with Customer’s use of the Services, Perimeters does not provide to you the rights set forth in Section 10 above).

If you would like to make any requests or queries regarding personal data we process as a data processor on our Customer’s behalf, including accessing, correcting, or deleting your data, please contact the Customer and/or an applicable Customer End-User directly.

13.    GENERAL INFORMATION

a.     CHANGES TO THE PRIVACY POLICY

This Privacy Policy is subject to changes from time to time, in our sole discretion. The most current version will always be posted on our Services (as reflected in the “Last Revised” heading). You are advised to check for updates regularly. We will provide notice of substantial changes of this Privacy Policy on the homepage of the Website and/or we will send you an e-mail regarding such changes to the e-mail address that you may have provided to us. Such substantial changes will take effect seven (7) days after such notice was provided on our Services or sent by e-mail. Otherwise, all other changes to this Privacy Policy are effective as of the stated “Last Revised” date and your continued use of the Services after the Last Revised date will constitute acceptance of, and agreement to be bound by, those changes.

b.     CONTACT US

If you wish to exercise your rights or receive more information regarding our privacy protection practices, please contact us using the details provided below:

Email: support@perimeters.io‍