aidarrow-end-inversearrow-endarrow-left-angulararrow-left-angularWhy choose AvectoAchieve complianceOperational efficiencycompliancedefendpoint-coloureddefendpoint-thin-2DesktopScaleResources.iconsAsset 21insider-threatsavecto-logo-smallquotation-marksransomwareArticleUse caseWebinarResources.iconssafePrevent attacksAsset 19social-engineeringTrustedtriangleStop insider attacksAsset 20Resources.iconsResources.iconszero-days

WHAT IS THE PURPOSE OF THIS DOCUMENT?

Avecto is committed to protecting the privacy and security of your personal information.

This privacy notice describes how we collect and use personal information about you during and after your working relationship with us, in accordance with the General Data Protection Regulation (GDPR).

It applies to all industry contacts who may be interested in our products.

Avecto is comprised of the legal entities Avecto Ltd and Avecto Inc.

Avecto is a "data controller". This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.

This notice applies to all industry contacts who may be interested in our products (also referred to as ‘prospects’). This notice does not form part of any contract to provide services. We may update this notice at any time.

It is important that you read this notice, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.

DATA PROTECTION PRINCIPLES

We will comply with data protection law. This says that the personal information we hold about you must be:

  1. Used lawfully, fairly and in a transparent way.
  2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  3. Relevant to the purposes we have told you about and limited only to those purposes.
  4. Accurate and kept up to date.
  5. Kept only as long as necessary for the purposes we have told you about.
  6. Kept securely.

THE KIND OF INFORMATION WE HOLD ABOUT YOU

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

There are "special categories" of more sensitive personal data which require a higher level of protection.

We will collect, store, and use the following categories of personal information about you:

  • Personal contact details such as name, job title, business email address, business telephone number, business address, geographical information, contact history, and a list of which of our content you have accessed.

HOW IS YOUR PERSONAL INFORMATION COLLECTED?

We collect personal information about industry contacts who may be interested in our products through a variety of mechanisms, listed below.

  • We request your details when you download content from us
  • We may be given your details as part of your attendance at a marketing event or trade show, or as a result of a face to face introduction.
  • We may be given your details by a third party with whom we have a contract, including our channel partners and marketing demand generation companies (like LinkedIn and DiscoverOrg)

HOW WE WILL USE INFORMATION ABOUT YOU

Situations in which we will use your personal information

We use your personal information to pursue legitimate interests of our own (marketing our products to contacts who may be interested in them), provided your interests and fundamental rights do not override those interests.

The situations in which we will process your personal information are listed below.

  • We will use the information to send you marketing communications (in compliance with local laws governing the practice)
  • We will use the information to make direct contact with you to tell you more about our products, and to ascertain your level of interest
  • We will use the information to determine the most appropriate type of information to send to you (in compliance with local laws governing the practice)

Change of purpose

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

AUTOMATED DECISION-MAKING

We do not make any decisions about you using automated means, however we will notify you in writing if this position changes.

DATA SHARING

We may have to share your data with third parties, including third-party service providers and other entities in the group.

We require third parties to respect the security of your data and to treat it in accordance with the law.

We may transfer your personal information outside the EU.

If we do, you can expect a similar degree of protection in respect of your personal information.

In order to ensure your information does receive an adequate level of protection we have put in place the following appropriate measure[s] to ensure that your personal information is treated by those third parties in a way that is consistent with and which respects the EU and UK laws on data protection: EU/US Privacy Shield and Contractual Obligations to handle data in accordance with the GDPR. If you require further information about these protective measures, you can request it via [email protected]

DATA SECURITY

We have put in place measures to protect the security of your information. Details of these measures are available on the intranet.

Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from [email protected]

We have put in place procedures to deal with any suspected data security breach and will notify you and anyapplic able regulator of a suspected breach where we are legally required to do so.

DATA RETENTION

How long will you use my information for?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

RIGHTS OF ACCESS, CORRECTION, ERASURE, AND RESTRICTION

Your right to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.

Your rights in connection with personal information Under certain circumstances, by law you have the right to:

  • Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information we hold about you if you believe we are holding incorrect data.
  • Request erasure of some or all the personal information we hold about you.
  • Request restriction of processing of your personal data
  • Request transfer to a third party of your personal data should you so require
  • Object to us processing the data

No fee usually required

You will not have to pay a fee to access your personal information (or to exercise any of the other rights).

However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive.

Alternatively, we may refuse to comply with the request in such circumstances.

What we may need from you

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

You can contact us regarding the exercise of these rights via [email protected]

CHANGES TO THIS PRIVACY NOTICE

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.