Corelight Privacy Policy

This Privacy Policy describes how Corelight and its affiliates (collectively, “Corelight,” “we,” “us,” or the “Company”) collects, uses, shares, or otherwise processes information relating to individuals (“Personal Data”) and the rights associated with that processing. By using our websites, products, and services, or by providing information to us, you are consenting to be bound by the terms and conditions of this Privacy Policy.

Covered Activities

This Privacy Policy applies to the processing of Personal Data collected by us through your interactions with us, such as, but not limited to, when you:

  • Visit our offices, websites, social media pages, 
  • Use our products and services,
  • Attend events, trainings, webinars, contests, or programs,
  • Participate in a Corelight community such as that focused on open-source development,
  • Participate in data collection efforts facilitated by us, or
  • Receive communications from us. 

In some circumstances, we may also collect, or our partners provide us with, publicly available information which may contain Personal Data that you have published or that has been made available online. The way in which our partners collect this information is detailed in their own privacy policies, available on their respective websites.

Data Collected

DIRECT

The types Personal Data we collect directly from you may include information such as:

  • Commercial information,
  • Financial account information,
  • Professional or employment-related information,
  • Identifiers,
  • Visual information,
  • Usage data information, 
  • Computer or device information, 
  • Behavioral information, 
  • Login information, and 
  • Internet activity information (cookies, web beacons, pixels, tags, etc.). 

If you provide to us, our service providers, or our affiliates any Personal Data relating to other individuals, you represent that you have the authority to do so, and where required, have obtained the necessary consent, and acknowledge that it may be used in accordance with this Privacy Policy. If you believe that your Personal Data has been provided to us improperly or want to exercise your rights relating to your Personal Data, please contact us.

You agree not to provide or disclose any information that is sensitive in nature, such as, but not limited to, information relating to political opinions, ethnic origin, race, religious beliefs, genetic data, criminal history.

OTHER RESOURCES

We also collect Personal Data from other sources for advertising purposes, which information includes commercial information, professional or employment-related information, education information, and internet activity information. We collect this information from third party providers, along with information such as mailing addresses, email addresses, phone numbers, job titles, behavior data, social media profiles, and LinkedIn URLs for purposes of targeted advertising, determining eligibility, event promotion, and verifying contact information. If you are not interested in receiving tailored advertising, you can visit this website to opt out of most companies that engage in such advertising.

Reasons for Collection

We collect and process your Personal Data for the purposes of providing you with the services you have requested from us. The legal basis we rely on when processing your personal data will be one of the following:

  • Performance of the contract between you and us (and/or in preparation of entering into such contract),
  • Corelight’s legitimate interests in running its business, and
  • Compliance with a legal obligation to which we are subject.

If you fail to provide certain Personal Data when requested, we may not be able to provide the services that you have requested.

Data We Share

Corelight does not sell, rent, or lease your information. We may share your Personal Data with:

  • Our vendors, contractors, subprocessors, or other service providers to support our legitimate business interests,
  • Corelight affiliates, 
  • Event and promotion sponsors, 
  • Specific partners and resellers that offer supplementary services to those provided by Corelight and/or help sell our products and services,
  • Third-party social media networks, advertising networks and websites, so that Corelight can market and advertise on third party platforms and websites,
  • Third parties interested in your information in an anonymous or de-identified form,
  • Government authorities, as required by law, or in the pursuit of available remedies or mitigation of damages,
  • A buyer or other successor if we are involved in a reorganization, divestiture, merger, dissolution, or other corporate change.

Data Security

We take appropriate precautions to protect your Personal Data including physical, administrative, and technical measures to help safeguard against unauthorized access or disclosure, loss, misuse, alteration, and destruction. Despite our efforts, no method of storage or transmission is 100% secure. The security and safety of your information also depends on you. You are solely responsible for protecting your password, limiting access to your devices, and signing out of websites after your sessions. If you have any questions about the security of our websites or feel that the security of any Corelight account you may have has been compromised, please contact us at privacy@corelight.com.

Cross-Border Transfers

Corelight is an international company with offices around the world. Your Personal Data may be collected, transferred to, and stored by us in the United States and by our affiliates and third parties based in other countries. Consequently, your information may be processed outside of your country or jurisdiction, including places that are not subject to an adequacy decision by the European Commission or your local legislature or regulator, and that may not provide for the same level of data protection. We ensure that the recipient of your Personal Data offers an adequate level of protection and security, for instance by entering into the appropriate back-to-back agreements and, if required, standard contractual clauses or an alternative mechanism for the transfer of data as approved by the European Commission (Art. 46 GDPR) or other applicable regulators or legislators. Where required by applicable law, we will only share, transfer, or store your Personal Data outside of your jurisdiction with your prior consent.

Retention Period

We may retain your Personal Data for as long as is required to fulfill our legal obligations or the original purpose for which the information was collected. After such time, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete, we will implement measures to prevent any further use of the information.

Children

Corelight does not direct its websites and services at children. We do not knowingly collect Personal Data from children without first having obtained consent from a parent or guardian. If you are a parent or guardian and believe your child has provided us with Personal Data without your consent, please contact us and we will take steps to delete their Personal Data from our systems. 

Third-Party Analytics

We may use third-party analytics to evaluate use of our site and services. We or our service providers use these tools to help us understand and improve our services. These entities may use cookies and other tracking technologies, such as web beacons or local storage objects to perform their services.

Third-Party Links

Our website, products, and services may contain links to third-party websites and applications. Any access to and use of such linked websites and applications is not governed by this Privacy Policy, but instead is governed by the privacy policy of those third parties. We are not responsible for the information practices of such third-party websites or applications.

Cookies

We and our service providers may use cookies and other tracking mechanisms to track information about your use of our website, products, and services. We may combine this information with other information, including personal information we collect about you. Should you want to disable cookies on the Corelight website, you may adjust your browser settings accordingly. If you choose to do so, please note that parts of our website may not function properly.

Your Rights

Subject to local data protection laws, you may have certain rights relating to your Personal Data. Depending on the applicable laws these rights may include the right to:

  • Access a copy of your Personal Data in Corelight’s possession,
  • Opt-out of certain disclosures of your Personal Data to third parties,
  • Learn more about how Corelight processes your Personal Data,
  • Rectify inaccurate Personal Data,
  • Erase or delete your Personal Data,
  • Withdraw any consent you have provided for the processing of your Personal Data,
  • Transfer the data Corelight holds to another entity, and
  • Object to the processing of your personal data.

To exercise your rights, please contact us using the methods described in the Contact section. We will use commercially reasonable efforts to comply with your request, typically within one month unless otherwise required by law, and will contact you if we need additional information from you in order to honor your request or verify your identity. If you are an employee of a Corelight customer, we recommend you contact your employer’s system administrator for assistance in correcting or updating your information.

As described above, we may also process Personal Data submitted by a Corelight customer or third party acting on your behalf. We are not responsible for and have no control over the privacy and data security practices of our customers or other third parties, which may differ from those explained in this Privacy Policy. If your data has been submitted to us by a Corelight customer or third party and you wish to exercise any rights you may have under applicable data protection laws, please inquire with them directly. If you wish to make your request directly to us, please provide the name of the Corelight customer who submitted your information to us. We will refer your request to that customer and will support them as needed in responding to your request within a reasonable timeframe.

Additionally, if you believe that we have not been able to assist with your complaint or concern and you are located in the European Economic Area or the United Kingdom, you have the right to lodge a complaint with the appropriate data protection authority in your country. If you work or reside in a country that is a member of the European Union or that is in the EEA, you may find the contact details for your appropriate data protection authority at website.

Contact

If you have any questions or concerns regarding this Privacy Policy, please contact us at privacy@corelight.com, or write to the address below:

Attention: Legal Department

Corelight, Inc.

548 Market Street, PMB 77799

San Francisco, CA 94104-5401

United States

Privacy Policy Updates

We may update this Privacy Policy from time to time. If we do, we will update the Effective Date section so that you may determine when this Privacy Policy was last revised. We encourage you to periodically review this Privacy Policy to learn how Corelight is protecting your information.

Effective Date

Corelight Privacy Policy, effective as of August 22, 2022 

 

How we use your information.

We may use your information, including personal information, for the following purposes:

Providing and improving our services.
To provide and maintain our Site and Services; to improve our Site and Services; to develop new features, products, or services; to perform technical operations, such as updating software; and for other customer service and support purposes.

Marketing and communications.
To communicate with you about your account and use of our Site and Services, including to send you product or service updates; to respond to your inquiries; to provide you with news and newsletters, special offers, promotions, and other information we think may interest you; and for other informational, marketing, or promotional purposes. Our communications with you may include communications via email. Please see our section regarding your choices for more information about how to change your email notification preferences.

Research and analytics.
To analyze how you interact with our Site and Services; to monitor and analyze usage and activity trends; and for other research, analytical, and statistical purposes.

Protecting rights and interests.
To protect the safety, rights, property, or security of Corelight, the Site, the Services, any third party, or the general public; to detect, prevent, or otherwise address fraud, security, or technical issues; to prevent or stop activity that Corelight, in its sole discretion, may consider to be, or to pose a risk of being, an illegal, unethical, or legally actionable activity; to use as evidence in litigation; and to enforce this Privacy Policy and our Terms of Use.

Legal compliance.
To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request, whether formal or informal, from law enforcement or a governmental authority.

How we disclose your information.

We may disclose your information, including personal information, as described to you at the time of collection or disclosure, or as follows:

Affiliates.
We may disclose your information to current or future affiliates or subsidiaries for research, marketing, and other purposes consistent with this Privacy Policy.

Service providers.
We may disclose your information to our vendors, service providers, agents, or others who perform functions on our behalf.

Business transfers.
We may disclose your information to another entity in connection with, including during negotiations of, an acquisition or merger, sale or transfer of a business unit or assets, bankruptcy proceeding, or as part of any other similar business transfer.

Protecting rights and interests.
We may disclose your information to protect the safety, rights, property, or security of Corelight, the Site, the Services, any third party, or the general public; to detect, prevent, or otherwise address fraud, security, or technical issues; to prevent or stop activity which Corelight, in its sole discretion, may consider to be, or to pose a risk of being, an illegal, unethical, or legally actionable activity; to use as evidence in litigation; and to enforce this Privacy Policy and our Terms of Use.

Legal compliance.
We may disclose your information to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; in response to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request, whether formal or informal, from law enforcement or a government official.

Aggregate and de-identified information.
We may disclose aggregate, anonymous, or de-identified information about users for marketing, advertising, research, compliance, or other purposes.

Cookies and other tracking mechanisms.

We and our service providers use cookies and other tracking mechanisms to track information about your use of our Site and Services. We or our service providers may combine this information with other information, including personal information, we collect about you.

For example, we or our service providers may use cookies to track visitor activity on our Site. A cookie is a text file that a website transfers to your computer’s hard drive for record-keeping purposes. We or our service providers may use cookies to track user activities on our Site, such as the pages visited and time spent on our Site. Most browsers allow users to refuse cookies. The Help portion of the toolbar on most browsers will tell you how to prevent your computer from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Visitors to our Site who disable cookies may not be able to browse certain areas of the Site.

We may also use clear GIFs, pixel tags, and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer's hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (also known as web beacons, web bugs or pixel tags), in connection with our Site to, among other things, track the activities of Site visitors, help us manage content, and compile statistics about Site usage. We and our third party service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

Third-party analytics.

We may use third-party analytics companies, such as Google Analytics, to evaluate use of our Site and Services. We or our service providers use these tools to help us understand use of, and to improve, our Services, performance, and user experiences. These entities may use cookies and other tracking technologies, such as web beacons or local storage objects (LSOs), to perform their services.

Third-party links.

Our Site and Services may contain links to third-party websites and applications. Any access to and use of such linked websites and applications is not governed by this Privacy Policy but instead is governed by the privacy policies of those third parties. We are not responsible for the information practices of such third-party websites or applications.

Security.

We have taken steps to help protect the personal information we collect. However, no data security measures can guarantee 100% security. You should take steps to protect against unauthorized access to your device and account by, among other things, choosing a robust password that nobody else knows or can easily guess and keeping your log-in information private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity.

Your choices.

Accessing or correcting your personal information.
You may access, modify, or delete the personal information that you have provided to us by emailing us at info@corelight.com with what you would like updated. Please note that we may retain certain information about you as required by law or as permitted by law for legitimate business purposes. For example, if you request that we delete your information but we believe that you have violated our Terms of Use we may retain information about you in order to attempt to resolve the issue before deleting it.

Opting out of emails.
We may send periodic promotional emails to you. You may opt out of such communications by following the opt-out instructions contained in the email. Please note that it may take up to ten (10) business days for us to process opt-out requests. If you opt out of receiving emails about recommendations or other information we think may interest you, we may still send you emails about your account or any Services you have requested or received from us.

Children.

Our Site and Services are not targeted to children under thirteen (13) years of age and we do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will promptly delete such personal information from our systems.

Contact us.

If you have questions about this Privacy Policy or the privacy aspects of our Site or Services, please contact us at info@corelight.com.

Changes to this privacy policy.

This Privacy Policy is current as of the Effective Date set forth above. We may change this Privacy Policy from time to time, so please be sure to check back periodically. We will post any changes, including any material changes, to this Privacy Policy on our Site. If we materially change how we use or disclose your personal information, we will obtain your consent prior to using it or disclosing it in the materially different way.