Privacy Policy

Last Updated:

Thank you (“you”, “your”, or “User”) for accessing https://nagomi.security/ (the “Website”) and/or any of the products and/or services (the “NAGOMI SECURITY Platform” and together with the Website, the “Service“) offered by NAGOMI SECURITY, INC, a company incorporated under the laws of Delaware and/or its affiliates (“we”, “us”, “our”, or “NAGOMI SECURITY”). This Privacy Policy sets out the basis on which any personal information we collect from you, or that you (or NAGOMI SECURITY’s Customer) provide to us, will be processed by us, through the use of any of the Services made available by us. We encourage you to read this Privacy Policy carefully and use it to make informed decisions.

PLEASE READ THE FOLLOWING TERMS CAREFULLY TO UNDERSTAND HOW WE WILL COLLECT, USE, AND MAINTAIN YOUR PERSONAL INFORMATION.

1.     INFORMATION COLLECTED

1.1.        NAGOMI SECURITY collects information that identifies individuals or that may, with reasonable effort, identify individuals, including (the “Personal Information“):

1.1.1.      Your name; professional experience; curriculum vitae; job title and position (including past roles); seniority; and the name of your supervisor.

1.1.2.      Your contact details; postal address; telephone numbers (this may include, for example, your mobile number, office number, etc.) and business or private e-mails.

1.1.3.      Your online browsing activities on our Website or through the NAGOMI SECURITY Platform (for example, device, software or hardware that may identify them, such as online identifiers, device unique identifiers (e.g. UDID, MAC address), IP address and geolocation).

1.1.4.      Your password(s) and usernames.

1.1.5.      Your interests, preferences, feedback and survey responses.

1.1.6.      Your correspondence and communications with NAGOMI SECURITY.

1.1.7.      other publicly available personal data, including any which you have shared via other public platforms (for example, user ID for LinkedIn or any other social network through which you choose to register, and other contact details and any other information you choose to provide).

1.2.        Non-Personal Information. NAGOMI SECURITY also collects certain unidentified, non-personal information that relates to your online browsing activities on our Website or through your use of the NAGOMI SECURITY Platform (the “Non-Personal Information”). Non-Personal Information is non-identifiable information that, when taken alone, cannot be used to identify you. As such, we are not aware of the identity of the user from which the Non-Personal Information was collected. We also collect aggregate user data regarding your use of our Services. We may anonymize or de-identify the information collected through the Service or via other means so that the information cannot, on its own, personally identify you. Our use and disclosure of such aggregated or de-identified information is not subject to any restrictions under this Privacy Policy, and we may disclose it to others without limitation and for any purpose. For the avoidance of doubt, if we combine Personal Information with Non-personal Information (e.g., analytics data), the combined information will be treated as Personal Information as long as it remains combined.

2.     HOW WE COLLECT YOUR PERSONAL INFORMATION

2.1.        NAGOMI SECURITY may collect Personal Information and/or Non-Personal Information (collectively, “Information”) in the following ways:

2.1.1.      Information You Provide to NAGOMI SECURITY.

NAGOMI SECURITY collects Information that you provide it, for example, when you use the NAGOMI SECURITY Platform by accessing the account that was set up for you by your customer (i.e., NAGOMI SECURITY’s Customer) or when you use the Service; when you answer questionnaires; send request customer support; or communicate with us for other purposes.

Please be aware that the Information you choose to provide, may reveal, or identify, information that is not expressly stated (for example, your name or photo may reveal your gender). Accordingly, you should carefully consider which information you wish to share about yourself when publishing your User Content.

2.1.2.      Information Provided to NAGOMI SECURITY by Your Customers.

NAGOMI SECURITY collects Information that was provided to it by the User’s customer (the “NAGOMI SECURITY’s Customer”) when setting up your account on your behalf to enable the functionality and features of the Service. This usually means that your customer, NAGOMI SECURITY’s Customer, will provide NAGOMI SECURITY with your name, email address, current position and past roles, seniority, the name of your supervisor, etc.

NAGOMI SECURITY’s Customer, please note that it is your responsibility to ensure that you have the right to provide us with Information regarding any User to which you wish granting access to the Service.

2.2.        Information Collected Automatically Upon the Use in the NAGOMI SECURITY Services. When you access or use the NAGOMI SECURITY Services, we may automatically collect Information about you, including:

2.2.1.      Usage Information. NAGOMI SECURITY monitors Users’ activity in connection with the NAGOMI SECURITY Services and may collect log information about you when you access and use the NAGOMI SECURITY Services including your IP address, time of access, browser type and language, Internet Service Provider (“ISP”), information about the applications and features you use, , the content you access and any actions taken in connection with the access and use of your content in the NAGOMI SECURITY Services.

2.2.2.      Device Information. If you access the NAGOMI SECURITY Services from a mobile device, NAGOMI SECURITY may collect information about the device, including the hardware model, operating system and version, unique device identifiers, mobile network information (as allowed by the mobile network) or platform information (as allowed by the specific platform type).

2.2.3.      Cookies.

Like most websites and online platforms, NAGOMI SECURITY’s Service uses “cookies” to collect Information. “Cookies” are small text files containing strings of letters and numbers that are downloaded onto your device (such as, computer, tablet or smartphone) when you use the NAGOMI SECURITY Platform. These files allow us to store Information about you. Some “cookies” will expire when you exit the NAGOMI SECURITY Platform, and others will be saved in your device’s memory.

If you want to disable or change your “cookies” settings, you will have to access your device’s browser settings. Please note that if you disable all cookies, some (or all) of the features and functionality of the Service may not be available to you.

2.2.4.      Information Collected by Other Tracking Technologies. Other than “cookies”, when you use our Service, you consent to our use (and authorize third parties to use) of various technologies to collect Information, which may include web beacons (also known as “tracking pixels”), events and other technologies (collectively, “Tracking Technologies”). Such Tracking Technologies allow us to automatically collect Information about you, your device and your online behavior, in order to enhance your navigation on the Website or the NAGOMI SECURITY Platform, improve our Services’ performance, perform analytics and customize your experience. In addition, we may merge data we have with Information collected through these Tracking Technologies and data we may obtain from other sources and, as a result, such combined data may constitute Personal Information.

3.     USE OF INFORMATION

3.1.        NAGOMI SECURITY may use the Information collected for the limited purpose of providing the NAGOMI SECURITY Service and related functionality and services, or as otherwise specifically described in this Privacy Policy and as permitted by applicable laws. Such limited purposes include circumstances where it is necessary for NAGOMI SECURITY to provide or fulfill Services requested by, or for, you, or where you have given NAGOMI SECURITY your express consent. The Information may be used to perform a variety of legitimate purposes, including to:

3.1.1.      Provide, operate, maintain, improve, promote and audit the NAGOMI SECURITY Services.

3.1.2.      Enable you to access and use the NAGOMI SECURITY Service.

3.1.3.      Send you transactional messages, technical notices, updates, security alerts and support and administrative messages.

3.1.4.      Identify you, so that we can provide and deliver the services and features you request, process and complete transactions, and send you related information, including purchase confirmations and invoices.

3.1.5.      Respond to your comments, questions, and requests and provide customer service and support.

3.1.6.      Communicate with you about services, features, surveys, newsletters, offers, promotions, contests and events, and provide other news or information about NAGOMI SECURITY and our select partners, including responding to your comments, questions, and requests.

3.1.7.      Monitor and analyze trends, usage, and activities in connection with the NAGOMI SECURITY Services for research, marketing or advertising purposes.

3.1.8.      Personalize and improve the NAGOMI SECURITY Services, and provide content, features, and/or advertisements that match your interests and preferences or otherwise customize your experience on the NAGOMI SECURITY Services.

3.1.9.      Investigate and prevent fraudulent transactions, unauthorized access to the Service, and other illegal activities.

3.1.10.   For managing insurance claims.

3.1.11.   Cybersecurity needs, fraud detection and misuse of the NAGOMI SECURITY Platform or Website.

3.1.12.   User experience enhancements and improvements.

3.1.13.   Link or combine the Information with other information we receive from third parties to help understand your needs and provide you with better service.

3.1.14.   Internal record keeping.

3.1.15.   For crime and fraud prevention, detection and related purposes.

3.1.16.   Where it has a legal right or duty – to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).

Please note that where we rely on your consent to process any of your Personal Information, you have the right to withdraw or decline consent at any time. Where we rely on our legitimate interests to process your Personal Information, you have the right to object. If you have any questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us through the contact details available below.

3.2.        NAGOMI SECURITY may send you push notifications from time-to-time through the NAGOMI SECURITY Platform in order to update you about events or activities related to the Service. If you no longer wish to receive these types of communications, you may turn them off. To ensure you receive proper notifications, we collect certain information about your device such as operating system and user identification information.

3.3.        Marketing (Promotional communications)

3.3.1.      NAGOMI SECURITY may use your email address to send you electronic mail for marketing purposes and update you about promotional offers, products and services which we think may be of interest to you as an individual (the “Newsletters“).

3.3.2.      You are not obligated by law to receive our Newsletters and you have the right to opt out of receiving such communications, any time, by:

3.3.2.1.  following the unsubscribe instructions included in each Newsletter; or

3.3.2.2.  contacting NAGOMI SECURITY via [email protected].

3.3.3.      Please note that regardless of your election, NAGOMI SECURITY may continue sending you notices (a) to update you on revisions made to this Privacy Policy or our Terms of Service; and (b) related to the ongoing Service, for example, promotions regarding products and services used by you, notices concerning your accounts and any additional operational notices as required.

3.4.        Sharing Your Information With Third Parties.

3.4.1.      We may use and share your Information with certain third parties that help us operate our Service, (e.g., deliver customer support, monitor and analyze the performance of our Services, provide marketing support, etc.), such as newsletter distribution, cloud providers and other service providers. When NAGOMI SECURITY uses such third parties, it restricts them from using or disclosing the Information, except as required to perform the services on behalf of NAGOMI SECURITY or to comply with legal requirements. Specifically, we do not permit such third parties to use any Personal Information we share with them for their own marketing purposes or for any purpose other than in connection with the services they provide to us. Third parties with which we may share your Information will be required to meet our standards on processing information and security. Personal Information we provide them will only be provided in connection with the performance of their function.

3.4.2.      NAGOMI SECURITY may share your data with:

3.4.2.1.  governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are required to do so (a) to comply with our legal obligations; (b) to exercise our legal rights (for example in court cases); (c) for the prevention, detection, investigation of crime or prosecution of offenders, situations involving potential threats to the physical safety of any person, violations of our policies, or as otherwise required to comply with our legal obligations; and (d) for the protection of our employees and customers.

3.4.2.2.  If NAGOMI SECURITY becomes involved in a merger, acquisition, or any form of sale of some, or all, of its assets, it may transfer all the Information that was collected from users in connection with such a transaction.

3.5.        International Transfer of Information. Certain aspects of the Service are performed by NAGOMI SECURITY’s affiliates, which is why it might be necessary for us to share your Information outside of your country of residency, with parties located in other countries in which we do business. If we shall transfer your Information outside of your country of residency, we will take all reasonable measures to ensure that such transfer will be compliant with data protection law. NAGOMI SECURITY’s standard practice is to use the ‘standard data protection clauses’ which have been approved by the European Commission for such transfers. Those clauses can be accessed here.

3.6.        Advertising and Analytics Services.

3.6.1.      NAGOMI SECURITY may use standard analytics tools such as Google Analytics, and may provide you with opportunities to connect with third-party websites, applications or services such as application tracking systems. This Privacy Policy does not apply to your use of such third-parties’ websites, applications and services, and NAGOMI SECURITY is not responsible for how those third parties collect, use and disclose your Information and content, because these tools maintain their own privacy practices in accordance with their own privacy policies to provide their service. For example, if you wish to know how Google uses data when you use our Service, you can visit here.

NAGOMI SECURITY strongly encourages its users to review the privacy policies of those third parties before connecting to or using their applications or services to learn more about their information and privacy practices.

3.6.2.      If you do not want us to share your Personal Information for marketing and advertising purposes, you may opt-out in accordance with provisions below section below or contact us using the details provided below. Please note that even if you unsubscribe, NAGOMI SECURITY may still use and share your Personal Information with third parties for non-marketing purposes (for example to fulfill your requests and orders, communicate with you and respond to your inquiries, etc.). In such cases, the entities with whom we share your Information are authorized to use your Personal Information only as necessary to provide these non-marketing services.

3.6.3.      How To Opt-Out?

3.6.3.1.  Emails. If you no longer wish to receive emails from us, you may opt out of receiving them at any time, by following the ‘unsubscribe’ process detailed at the bottom of any e-mail communication we send, or by sending us an email with your request to [email protected].    

Please note that even if you opt out of receiving marketing communications, we may continue to send you transactional communications about your subscription or orders by postal mail.

3.6.3.2.  Cookies. You can choose to have your device warn you each time a persistent or session cookie is being sent, or you can choose to turn off such cookies through your browser settings.

3.7.        Our Cloud Service Provider. The server(s) on which our Service is hosted are located within the European Union, and are managed by third parties, including, Amazon Web Services (AWS), whose mailing address is 410 Terry Avenue North, Seattle, WA 98109-5210, U.S.A. You can find more details on AWS’s Privacy Policy here.

3.8.        We reserve the right to disclose your Information as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, or court order. Also, please note that we may disclose general, aggregated, non-personal and non-identifiable information about our users to potential business partners, investors, or the public.

3.9.        For other purposes about which we will provide you with prior notice as described in Section 12 (Changes to This Policy).

4.     SPECIFIC PROVISION FOR CALIFORNIA RESIDENTS

This Section 4 applies to you only if you are a resident of the State of California, United States. NAGOMI SECURITY adopted the following provisions to comply with the California Consumer Privacy Act (“CCPA”) and any terms defined in the CCPA have the same meaning when used in this Section 4.

4.1.        The following categories reflect the type of personal information which NAGOMI SECURITY has collected within the last twelve (12) months:

4.1.1.      Identifiers and Personal information as listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), for example, first names, surnames, telephone numbers, address, online Identifier, Internet Protocol address, business or private email addresses, account usernames, as well as Personal Information as such term is defined in this Privacy Policy.

4.1.2.      Electronic network activity information, including, but not limited to, browsing history and any additional information related to your interaction with our Service.

4.2.        NAGOMI SECURITY has obtained such information as set forth in Section 4.1 above and Personal Information as provided under Section 1.1 above (for the purpose of this Section 4, the “Personal Data”).

4.3.        NAGOMI SECURITY may use the Personal Data it collects or receives for its legitimate interests (as set out in Section 3 above), which NAGOMI SECURITY believes are not overridden by your fundamental rights. NAGOMI SECURITY may also disclose such Personal Data to third parties for its legitimate purposes as described in Section 3 above.

4.4.        In the preceding twelve (12) months, NAGOMI SECURITY has disclosed the following Personal Data for our business purposes:

4.4.1.      Identifiers (including your name, email address, profession).

4.4.2.      Personal Data’s categories as listed in the California Customer Records statute.

4.4.3.      Inferences.

4.5.        In the preceding twelve (12) months, NAGOMI SECURITY has not sold any of your Personal Data.

4.6.        Your rights as a California Resident. You are entitled to request the following specific rights under the CCPA, solely with respect to Personal Data related to you:

4.6.1.      Request to know (a) what categories and specific components of Personal Data we collect about you and from which sources; (b) categories of Personal Data that we disclosed for the purpose described in Section 3 above, and the categories of third parties with whom we have shared any particular category of your Personal Data. If we disclose any of your Personal Data to a third-party, we will provide you, after authenticating your identity, with a list that will identify the specific category of your Personal Data which was disclosed.

4.6.2.      Request that we delete any Personal Data we collect about you. After authenticating your identity, we will delete (and direct our service providers to delete) any Personal Data related to you from our records, unless an exception applies. Please note that if we need to delete any Personal Data related to you following your request, it can take time until we completely delete residual copies of Personal Data from our servers and backup systems.

4.6.3.      Instruct us not to sell any Personal Data related to you that was collected by us.

4.6.4.      You have the right not to be discriminated against by NAGOMI SECURITY, for exercising your rights under the CCPA.

4.7.        If you have any concerns about how we process Personal Data related to you, or if you wish to withdraw your consent, for any reason, kindly let us know by sending an email to [email protected]. Please note that exercising this right will not affect the lawfulness of any previous processing activities based on consent that was lawfully obtained before its withdrawal. Also, please note that NAGOMI SECURITY shall not charge you for requesting to exercise any of the rights set forth in this Section 4.

5.     SPECIFIC PROVISIONS FOR EU-RESIDENTS

5.1.        This Section 5 applies to you only if you are a resident of the European Economic Area (EEA). NAGOMI SECURITY adopted the following provisions, to comply with the EU 2016/679 Directive General Data Protection Regulation (“GDPR”), pursuant to which NAGOMI SECURITY will be considered as a “Data Controller” with respect to our use of Personal Information of residents of the European Union.

5.2.        Legal Basis. NAGOMI SECURITY bases its processing activities of any Personal Information related to you as “Data Controllers” based on the following lawful grounds:

5.2.1.      NAGOMI SECURITY relies, primarily, on your consent to the terms of this Privacy Policy, as a legal basis for processing any Personal Information related to you or communicating any other promotional material.

5.2.2.      NAGOMI SECURITY may collect and use your Personal Information when it is necessary for one of the legitimate uses set out in Section 3 above, which we believe are not overridden by your fundamental rights.

5.2.3.      We may process your Personal Information to comply with a legal obligation and to protect our users’ vital interests.

5.2.4.      If, at any time, you wish to exercise your rights in accordance with the provisions provided by law (including as provided under this Section 5 of this Privacy Policy) you may send us an email to [email protected] and request, under certain circumstances as provided by the GDPR:

5.2.4.1.  to access your Personal Information together with information about how, and on what basis, such information is being processed. Should you desire to receive such information in a different format than the one that was provided to you, you can contact us via [email protected] and we shall use commercially reasonable efforts to accommodate your request, if applicable.

5.2.4.2.  to rectify any of the Personal Information being held when such information is inaccurate.

5.2.4.3.  to delete or restrict access to your Personal Information in limited circumstances as described under the GDPR. Please note that if we need to delete any Personal Information related to you, as per your request, it can take time until we completely delete residual copies of such data from our servers and backup systems.

5.2.4.4.  to withdraw your consent to the processing of your Personal Information. However, please note that exercising this right will not affect the lawfulness of any previous processing activities based on consent that was lawfully obtained before its withdrawal.

5.2.4.5.  to obtain and reuse your Personal Information for your own purposes across different services, as part of your right to data portability.

5.3.        By accessing or using the Service or otherwise providing Information to us, you consent to the processing and transfer of information in and to the European Economic Area (EEA) and other countries and territories, which may have different privacy laws from your country of residence. In these instances, we will transfer your Personal Information only to such countries as approved by the European Commission as providing an adequate level of data protection or enter into legal agreements ensuring an adequate level of data protection.

5.4.        Please note that you have the right to complain to a Data Protection Authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority in the European Economic Area (EEA).

5.5.        If you have any concerns with respect to our methods of processing any Personal Information related to you, or if wish to withdraw your consent, for any reason, kindly let us know by sending an email to [email protected].

5.6.        NAGOMI SECURITY shall not charge you for requesting to exercise any of the aforementioned rights.

6.     SECURITY

6.1.        We take great care in implementing and maintaining the security of the Services and your Personal Information. We employ industry standard procedures to ensure the confidentiality, integrity, availability and safety of your Personal Information, and prevent unauthorized use of any such information. However given that no online service can be completely secured, we cannot guarantee that hackers or unauthorized personnel will not gain access to Personal Information despite our efforts.

6.2.        You should note that by using our Services, your Personal Information will be transferred through third party infrastructures which are not under our control. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.

6.3.        You may access your account information and our Service only through the use of an individual username and password. To protect the confidentiality of Personal Information, you must keep your password confidential and not disclose it to any other person. Please advise us immediately if you believe your password has been misused. In addition, always logout and close your browser when you finish your session. Please note that we will never ask you to disclose your password in an unsolicited phone call or email.

6.4.        If you have any questions or concerns about the security of your Personal Information, you can contact us at [email protected].

7.     YOUR CHOICES

7.1.        Account Information & Retention. You may request us to update, correct, or delete (under certain circumstances) information about you at any time by emailing us at [email protected].

7.2.        We will retain your Information for as long as it is necessary to fulfill our legitimate purposes as outlined in this Privacy Policy. We will retain and use your Information to comply with our legal obligations, internal record keeping, resolve disputes and enforce our agreements.

7.3.        Upon request, NAGOMI SECURITY will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Information that we are aware of. To request this information, contact us at [email protected].

7.4.        When you send an email or other communication to [email protected] or any other correspondence that you have with us, we may retain those communications to process and respond to your requests and improve our Service.

7.5.        Please DO NOT send us any communication which contains confidential or sensitive information, since we are unable to evaluate whether your content constitutes as confidential or sensitive information, or not, and we may retain or use such communication as described hereinabove, and such retention or use shall not be deemed as a breach of any of our obligations pursuant to this Privacy Policy.

8.     COMMUNITY FORUMS AND BLOGS

8.1.        Our Website can offer publicly accessible blogs. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them.

8.2.        To request removal of your Personal Information from our blog or testimonials, contact us at the email address listed above. In some cases, we may not be able to remove your Personal Information, in which case we will let you know if we are unable to do so and why.

9.     TESTIMONIALS

NAGOMI SECURITY display personal testimonials of satisfied customers on our website in addition to other endorsements. With your consent NAGOMI SECURITY may post your testimonial along with your full name, company information, title, and photo/company logo.

10.  LINKS TO THIRD PARTY WEBSITES

10.1.     NAGOMI SECURITY may place links to other websites and resources provided by third parties via the Services, including links contained in advertisements, banner advertisements and sponsored links. Such links are provided for your convenience only.

10.2.     When you click on a link to a third-party website from our website, your activity and use on the linked website is governed by that website’s policies, not by those of NAGOMI SECURITY.

10.3.     NAGOMI SECURITY does not operate, control, or monitor these websites and their content and assumes no responsibility for such third-party websites, content, or any product and services offered by such third-party websites. Should you decide to access any of such third-party websites linked to or through the Service, you are doing so at your own risk and subject to the terms and conditions of use for such third-party websites. Accordingly, we encourage you to visit their websites and review their privacy and user policies.

11.  OUR POLICY TOWARD CHILDREN

The NAGOMI SECURITY Services is not directed to individuals under the age of consent (as determined under the applicable laws where the individual resides; “Age of Consent”). We do not knowingly collect or solicit Personal Information from individuals under the Age of Consent. By accessing, using or interacting with our Services, you certify to us that you are not under the Age of Consent. If you become aware that a child has provided us with Personal Information, please contact us at  [email protected]. If we become aware that a child under the Age of Consent has provided us with Personal Information, we will take steps to delete such information as soon as applicable.

12.  CHANGES TO THIS POLICY

12.1.     We may change this Privacy Policy from time to time. If we make any changes, we will notify you by revising the “Last Updated” date at the bottom of this Privacy Policy and, in some cases, we may provide you with additional notice (such as adding a statement to our homepage or sending you an email notification). If there are material changes to this Privacy Policy. We encourage you to review our Privacy Policy whenever you access the Service to stay informed about our information practices and the ways you can help protect your privacy.

12.2.     If you disagree with any changes to this Privacy Policy and do not wish your information to be subject to the revised Privacy Policy, you will need to deactivate and stop using the Service. Your use of any of the Service after the posting of such changes shall constitute your consent to such changes.

13.  GOVERNING LAW AND DISPUTES

13.1.     All disputes arising out of this Privacy Policy will be subject to the governing law of the State of Delaware, United States and the exclusive jurisdiction of the competent courts located in Delaware, United States.

13.2.     The parties agree and submit to the personal and exclusive jurisdiction and venue of these courts, except that nothing will prohibit either party from instituting an action in any court of competent jurisdiction to obtain injunctive relief or protect or enforce its intellectual property rights. The United Nations Convention on Contracts for the International Sale of Goods shall not apply to this Privacy Policy.

14.  CONTACTING US

Any questions about this Privacy Policy should be addressed to [email protected].