Last Updated: January 2023
Venafi’s Commitment to User Privacy
Venafi, Inc. (“Venafi”) is committed to protecting your privacy. You can visit most Venafi Websites without providing personal information about yourself. But sometimes Venafi needs information from you to provide products or services that you request, or to improve your experience with Venafi. This document is designed to give a clear explanation of Venafi’s data processing practices and give you the opportunity to make choices based on this explanation or contact us with questions or objections. If you have questions or concerns, or would like to find out more about how Venafi collects, stores or uses your personal data, please contact email@example.com.
Information Venafi Collects from You
Venafi collects information from you and your computer when you visit Venafi Websites, including venafi.com and other Venafi domains and sub-domains, as well as when you make inquiries about Venafi product or service offerings or register to participate in a forum. The information Venafi collects includes both personally identifiable and non-personally identifiable information. Information requested and collected from Venafi websites, products and services includes: your name, e-mail address, username, other login or account information, IP address and other technical identifiers, phone number, company name and address, job title, and interest areas and preferences. Venafi and its Websites do not collect sensitive personal information (such as health or financial information).
Purpose of Collection and Use of Information
Venafi’s requests to process your personally identifiable information are limited to that information needed to allow communication between you and Venafi; to understand your preferences and customize content of Venafi Websites; to provide information tailored to your interests; and (for product and service users) to deliver, operate and improve Venafi product and service offerings in ways you have agreed to.
Accordingly, Venafi may use the personally identifiable information you provide about yourself for the following purposes: to fulfill your requests for products and services, to contact you about your account and support requests, to deliver notifications, to respond to your inquiries about Venafi offerings, and to customize the Venafi content that is delivered to you, such as marketing or product information. When Venafi collects technical information and identifiers from Website visitors, Venafi may use this information for the above purposes and to improve and tailor the content of its Websites, to fulfill contractual agreements with users, and to improve the performance and delivery of Venafi products and services.
When you visit Venafi Websites, Venafi may share anonymous, statistical information about you with third parties, including vendors, customers, potential customers, and corporate partners. Venafi does not link this statistical information to your personally identifiable information, or to any identifiable individual.
As described below, in some instances, Venafi uses third-party service providers to process personally identifiable information collected from you. If you do not authorize this or consent to have them process your personal information as described below, please email firstname.lastname@example.org. Venafi uses third-party providers in the following circumstances:
Correcting, Updating or Removing Your Personal Information
If your personal information is incorrect, changes, or if you no longer wish to receive information from Venafi, please email email@example.com. Venafi includes unsubscribe links in electronic correspondence. If you have unsubscribed and continue to receive any email that appears to have been sent from Venafi, please send details to firstname.lastname@example.org.
Use of Log Files and Cookies
Venafi uses the information in server log files to analyze trends in the usage of Venafi Websites, to administer and maintain Venafi Websites, to track, anonymously, your path through Venafi Websites, and to gather broad demographic statistics about Venafi Websites and the ways in which pages are used. The information in these files includes your IP address, browser type, operating system, access time, and referring website address. Venafi does not link any of this information, including IP addresses, to personally identifiable information.
Cookie information that does not directly identify you may be shared with Venafi analytics partners working to improve your Venafi experience, including analytics partners located outside the European Union (EU), European Economic Area (EEA), United Kingdom (UK), or other country with legal protections for data transfers. Users from regions that require this are given the opportunity to decline cookies that will be transferred to analytics partners or outside of countries with legal protections for data transfers. All website visitors can instruct your browser to stop accepting cookies from Websites you visit. If you do so, you may be unable to use your browser to change or remove information about yourself from Venafi Websites; you may be unable to post messages in forums; you may be unable to download the Venafi software; and you may be unable to view some information on the Website. Likewise, some of the features designed to enhance your experience of the Website will not work, including the ability to display content customized to the preferences you have specified. You should, however, be able to access most parts of the Websites that are available to the general public.
You can participate in forums on the Venafi Websites, including venafi.com and other Venafi domains and sub-domains. Forum membership is open to the public, and information you make available in forums could be used by others not associated with Venafi to send you unsolicited communications. Please contact email@example.com for assistance with any privacy issue that arises with any user of a forum.
GDPR and CCPA Information
Legal Basis for Data Processing
- You directly provide the information to Venafi
- You provide your consent for Venafi to process the information (informed by our privacy policies);
- Processing such information fulfills Venafi’s legitimate interests and is not outweighed by your fundamental privacy rights.
GDPR and International Data Transfers
Exercising Privacy Rights (EU, UK, California)
For users in some regions, the law gives you rights over your personal information, such as the right in some circumstances to request deletion of information. For information about EU GDPR rights visit: https://gdpr-info.eu/ and review Chapter 3. For information about UK rights visit: https://ico.org.uk/global/privacy-notice/your-data-protection-rights/. For information about California rights, visit: https://oag.ca.gov/privacy/ccpa. Anyone who wishes to exercise any of these rights should email firstname.lastname@example.org.
How Long Your Information Is Retained
Your personally identifiable information will be retained as long as it is necessary for business processes or business continuity, and consistent with Venafi’s legal obligations and legitimate business interests. Personally identifiable information is subject to a data retention schedule and will be deleted once there is no continuing business need or legal requirement for Venafi to access it.
Security of Your Personal Information
Venafi uses technical, operational, and organizational measures to protect your information and detect security threats. Personally identifiable information is shared only where necessary and in secure and controlled environments where team members or trusted third-party service providers can manage and restrict access on an ongoing basis. Third-party providers who process personal data are required to observe privacy and security protections including those required by law in your geographic region. For information processed by Venafi, Venafi employs at least the following technical and organizational measures to protect the security of your personal information:
- Minimizing the collection of and access to personally identifiable information,
- Ensuring the legitimate collection and narrowest appropriate use of personally identifiable information,
- Use of firewalls, access controls, and privilege management to limit physical and network access to secure systems,
- IT security and governance policies and security awareness and education programs,
- Testing, assessments, and evaluation of the effectiveness of technical, operational, and organizational security measures, and
Security is critical to Venafi’s mission. But Venafi cannot guarantee that unauthorized or malicious access, data loss, or a data breach affecting your personal information will never occur. Venafi has implemented incident prevention and response policies intended to prevent, detect, contain, or mitigate any such breach or loss as well as comply with applicable laws.
Notification of Changes in Policy