Privacy Policy
Venafi Privacy Policy
Last Updated: May 2024
For the Venafi Athena use policy and privacy FAQs, click here.
For more information on how CyberArk processes your personal information, please refer to CyberArk's privacy policy which can be accessed at https://www.cyberark.com/privacy-notice/.
Venafi’s Commitment to User Privacy
Venafi, Inc. (“Venafi”) is committed to protecting your privacy. You can visit most Venafi Websites without providing personal information about yourself. But sometimes Venafi needs information from you to provide products or services that you request, or to improve your experience with Venafi. This document is designed to give a clear explanation of Venafi’s data processing practices and give you the opportunity to make choices based on this explanation or contact us with questions or objections. If you have questions or concerns, or would like to find out more about how Venafi collects, stores or uses your personal data, please contact privacy@venafi.com.
Information Venafi Collects from You
Venafi collects information from you and your computer when you visit Venafi Websites, including venafi.com and other Venafi domains and sub-domains, as well as when you make inquiries about Venafi product or service offerings or register to participate in a forum. The information Venafi collects includes both personally identifiable and non-personally identifiable information. Information requested and collected from Venafi websites, products and services includes: your name, e-mail address, username, other login or account information, IP address and other technical identifiers, phone number, company name and address, job title, and interest areas and preferences. Venafi and its Websites do not collect sensitive personal information (such as health or financial information).
Apart from data collected from Venafi Website visitors, Venafi may collect information from product users who access or use Venafi products or services or request technical support. Venafi’s Cloud Services Data Privacy Policy explains the collection of data from users of Venafi services.
Purpose of Collection and Use of Information
Venafi’s requests to process your personally identifiable information are limited to that information needed to allow communication between you and Venafi; to understand your preferences and customize content of Venafi Websites; to provide information tailored to your interests; and (for product and service users) to deliver, operate and improve Venafi product and service offerings in ways you have agreed to.
Accordingly, Venafi may use the personally identifiable information you provide about yourself for the following purposes: to fulfill your requests for products and services, to contact you about your account and support requests, to deliver notifications, to respond to your inquiries about Venafi offerings, and to customize the Venafi content that is delivered to you, such as marketing or product information. When Venafi collects technical information and identifiers from Website visitors, Venafi may use this information for the above purposes and to improve and tailor the content of its Websites, to fulfill contractual agreements with users, and to improve the performance and delivery of Venafi products and services.
Venafi may also use your e-mail address and other contact information for the following purposes: to send you service notifications about your account and about the products or services you currently use, if any, and concerning changes to our Privacy Policy or other legal or policy matters. When you have not opted out, Venafi may use your e-mail address and other personally identifiable information to provide you with information about products and services potentially of interest to you, and other reasonable and expected business and marketing communications (with the option to unsubscribe).
Information Sharing
When you visit Venafi Websites, Venafi may share anonymous, statistical information about you with third parties, including vendors, customers, potential customers, and corporate partners. Venafi does not link this statistical information to your personally identifiable information, or to any identifiable individual.
As described below, in some instances, Venafi uses third-party service providers to process personally identifiable information collected from you. If you do not authorize this or consent to have them process your personal information as described below, please email privacy@venafi.com. Venafi uses third-party providers in the following circumstances:
- Venafi contracts with other companies in order to provide certain products and services offered to visitors to Venafi Websites, to provide marketing and advertising content that is tailored to the interests of Website visitors, and to manage Venafi’s corporate contacts as well as customer and Website data, e.g., by managing the names, contact information, and preferences collected from Website visitors and users of Venafi products and services. These other companies are required to treat your information in a manner consistent with this Privacy Policy and applicable regional privacy and data security laws.
- In addition, Venafi may partner with other companies to provide you with third-party products and services. When you sign up for these services, either you or Venafi will share your name and any other personally identifiable information you provide to such third party so they can provide their products or services to you. As this Privacy Policy does not cover Venafi partners’ use of your information, you should read partners’ privacy policies before signing up for any partner products or services.
Correcting, Updating or Removing Your Personal Information
If your personal information is incorrect, changes, or if you no longer wish to receive information from Venafi, please email privacy@venafi.com. Venafi includes unsubscribe links in electronic correspondence. If you have unsubscribed and continue to receive any email that appears to have been sent from Venafi, please send details to privacy@venafi.com.
Use of Log Files and Cookies
Log Files
Venafi uses the information in server log files to analyze trends in the usage of Venafi Websites, to administer and maintain Venafi Websites, to track, anonymously, your path through Venafi Websites, and to gather broad demographic statistics about Venafi Websites and the ways in which pages are used. The information in these files includes your IP address, browser type, operating system, access time, and referring website address. Venafi does not link any of this information, including IP addresses, to personally identifiable information.
Cookies
A cookie is a small text file stored on a computer and that contains information associated with that computer. Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Venafi Websites use cookies for several purposes, such as maintaining your login state, gathering data to improve the content of Venafi Websites, providing you with information tailored to your interests, customizing the content of Venafi Websites, and improving the security of your use of Venafi Websites. Login cookies are linked to your e-mail address, and other cookies collect information in the aggregate or are linked to a digital identifier.
Cookie information that does not directly identify you may be shared with Venafi analytics partners working to improve your Venafi experience, including analytics partners located outside the European Union (EU), European Economic Area (EEA), United Kingdom (UK), or other country with legal protections for data transfers. Users from regions that require this are given the opportunity to decline cookies that will be transferred to analytics partners or outside of countries with legal protections for data transfers. All website visitors can instruct your browser to stop accepting cookies from Websites you visit. If you do so, you may be unable to use your browser to change or remove information about yourself from Venafi Websites; you may be unable to post messages in forums; you may be unable to download the Venafi software; and you may be unable to view some information on the Website. Likewise, some of the features designed to enhance your experience of the Website will not work, including the ability to display content customized to the preferences you have specified. You should, however, be able to access most parts of the Websites that are available to the general public.
User Forums
You can participate in forums on the Venafi Websites, including venafi.com and other Venafi domains and sub-domains. Forum membership is open to the public, and information you make available in forums could be used by others not associated with Venafi to send you unsolicited communications. Please contact privacy@venafi.com for assistance with any privacy issue that arises with any user of a forum.
GDPR and CCPA Information
Legal Basis for Data Processing
As described in this Privacy Policy, Venafi collects personally identifiable information that you directly provide to us by visiting Venafi Websites and signing up for Venafi communications, products or services. In accordance with regional privacy laws, Venafi processes such personal information where:
- You directly provide the information to Venafi
- You provide your consent for Venafi to process the information (informed by our privacy policies);
- The information is needed to carry out legitimate contractual or business obligations, such as the use of a product or service in accordance with applicable terms of use; and/or
- Processing such information fulfills Venafi’s legitimate interests and is not outweighed by your fundamental privacy rights.
GDPR and International Data Transfers
Venafi Inc. is a U.S. company that may collect, transfer, access, or store users’ personal data outside the European Union (EU), European Economic Area (EEA), United Kingdom (UK), or other country with legal protections for data transfers. If making transfers of the personal data of EU, EEA, or UK data subjects from a region with a higher level of protection of personal data to a region with a lower level of protection, Venafi will ensure that the data is treated securely and in accordance with this Privacy Policy and the General Data Protection Regulation (GDPR). Venafi will use GDPR-approved data transfer mechanisms—such as agreements ensuring data protection safeguards approved by EU regulators—unless an exception applies. For any user who does not consent to such a transfer, please email privacy@venafi.com. The address of Venafi Inc.—the data controller under this privacy policy—is 175 E. 400 South, Suite 300, Salt Lake City, Utah 84111 USA.
CCPA Information
Venafi does not sell personally identifiable information or share it with third parties unless they are service providers of Venafi acting for purposes directed by Venafi and described in this Privacy Policy.
Exercising Privacy Rights (EU, UK, California)
For users in some regions, the law gives you rights over your personal information, such as the right in some circumstances to request deletion of information. For information about EU GDPR rights visit: https://gdpr-info.eu/ and review Chapter 3. For information about UK rights visit: https://ico.org.uk/global/privacy-notice/your-data-protection-rights/. For information about California rights, visit: https://oag.ca.gov/privacy/ccpa. Anyone who wishes to exercise any of these rights should email privacy@venafi.com.
How Long Your Information Is Retained
Your personally identifiable information will be retained as long as it is necessary for business processes or business continuity, and consistent with Venafi’s legal obligations and legitimate business interests. Personally identifiable information is subject to a data retention schedule and will be deleted once there is no continuing business need or legal requirement for Venafi to access it.
Security of Your Personal Information
Venafi uses technical, operational, and organizational measures to protect your information and detect security threats. Personally identifiable information is shared only where necessary and in secure and controlled environments where team members or trusted third-party service providers can manage and restrict access on an ongoing basis. Third-party providers who process personal data are required to observe privacy and security protections including those required by law in your geographic region. For information processed by Venafi, Venafi employs at least the following technical and organizational measures to protect the security of your personal information:
- Minimizing the collection of and access to personally identifiable information,
- Ensuring the legitimate collection and narrowest appropriate use of personally identifiable information,
- Use of firewalls, access controls, and privilege management to limit physical and network access to secure systems,
- IT security and governance policies and security awareness and education programs,
- Testing, assessments, and evaluation of the effectiveness of technical, operational, and organizational security measures, and
- Product-specific security commitments, including those described in the Cloud Services Data Privacy Policy.
Security is critical to Venafi’s mission. But Venafi cannot guarantee that unauthorized or malicious access, data loss, or a data breach affecting your personal information will never occur. Venafi has implemented incident prevention and response policies intended to prevent, detect, contain, or mitigate any such breach or loss as well as comply with applicable laws.
Notification of Changes in Policy
Venafi does not intend to change the core principles which guide these privacy practices. However, specific details in this Privacy Policy are subject to change as Venafi’s business and products evolve. If Venafi makes material changes to this policy, advance notice will be provided by posting changes on this Website 30 days prior to implementation.
Contact Us
If you have questions about this Privacy Policy and its implementation, please contact privacy@venafi.com. If you have a security question or wish to disclose a potential security vulnerability, please follow the process described here: https://www.venafi.com/security.