Privacy Policy

Zentry Security Privacy Policy

Last modified December 11, 2022

We at Zentry Security, Inc. (“Zentry”) are committed to respecting your online privacy and recognize your need for appropriate protection and management of any personal information you share with us when you visit our website or use our services.

This privacy policy statement (“Privacy Policy”) describes how we collect, use, store, share and disclose your personal data and applies to your use of our website, our cloud-hosted service platform and solutions such as Zentry Trusted Access, when you contact us to report a problem or sign up for a demo, or when you use any other products and services that we provide (collectively referred to here as the “Services”).

If you are visiting this website from the European Union, the United Kingdom, or elsewhere in the European Economic Area, please see the included Supplemental EEA Privacy Statement. Additional information is also provided for California residents below.

If you use our Services, then by doing so you consent to the collection and use of information as described in this Privacy Policy.

 

1.   Personal Data We Collect

“Personal Data” means information about you which can be used, on its own or together with other information, to identify you as a person and for our website, zentrysecurity.com, that includes but is not limited to name, title, employer, email address, mailing address, phone number and IP address. And for Zentry Trusted Access end-users and admins (“ZTA Users”) that is limited to username, password, and IP address, and email for ZTA admins.

Zentry collects Personal Data through various means, including voluntary collection such as when you provide information to us yourself to register as a new ZTA User, participate in certain promotional activities, fill out surveys, and correspond with us. We also collect data automatically when users access, use, or interact with the Services. Our primary reason for processing Personal Data is to operate, maintain, enhance, secure, and provide to you and your organization the features of the Services used.  

In addition to Personal Data that you provide to us yourself, we collect data and information made available through your connection and your device. This log data may include information such as your device Internet Protocol (“IP”) address, device name, device ID, operating system version, the time and date of your use of the Service, and other statistics.

We may use various technical mechanisms such as cookies, web beacons, and similar tracking technologies to monitor how users use our Services to better understand customer behavior and improve our Services, provide better security, and to support reporting, analytics, and visualization features of the Services for your organization. Cookies are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to your browser from the websites that you visit and are stored on your device’s internal memory. The data we collect in this manner when you visit our website may include the Uniform Resource Locator (“URL”) of the website that you came from before visiting ours, which pages you visit on our website, which URL you next go to, which browser you used to come to our site, and your Internet Protocol (“IP”) address.

You can delete and disable all cookies through settings in your Internet browser, however if you choose to do so, some components of our Services may not work properly if cookies necessary for operation are blocked.

 

2.   How We Use Personal Data

Personal Data we collect may be used to:

  • Create an account and provide you with the Services
  • Contact you for administrative purposes
  • Reply to your support requests
  • Send other communications to you, including updates on products, promotions, and events relating to Services offered by us if you have provided your consent and not withdrawn it.

We also use the information that we collect to:

  • Understand and analyze the usage trends and preferences of our users and provide your organization with reporting, analytics, and visualization features
  • Improve the Services, and to develop new products, services, feature, and functionality
  • Maintain the integrity and security of our Services.

 

3.   When We Disclose Data

Except as described in this Privacy Policy, we will not disclose Personal Data that we collect using the Services to third parties without your consent.

We may disclose information to third parties in the following circumstances:

Your Organization to Provide the Services. We use Personal Data we collect as an integral part of our solutions in order to provide features including identification, authentication, access gateway, application-specific access configured by your organization, and reporting, analytics, and visualization features to your organization’s assigned administrator(s).

Trusted Third-Party IT Infrastructure Providers. At times we use trusted third-party hosting and infrastructure providers to securely provide the Services to you. When your data is processed for us by these providers, content is encrypted for security, and they are prohibited from making any use of it other than to assist us in providing the Services. All Personal Data is encrypted in transit and when stored with our hosting providers in the ZTA solution.

Third-Party Services. Our solutions are designed to provide secure application-specific access for you to other services and resources as configured by your organization. As necessary to authenticate you and provide the Services, your information and the content of data exchanged will be made available to your organization and these third-party services. We do not control other parties and cannot be responsible for their use of your information. You are encouraged to consult their privacy policies and practices.

When required by law or necessary to avoid harm. We may share your information if we are required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, to protect our property, to prevent fraud, or in response to a court order, judicial or other government subpoena. This may include sharing information with other companies, lawyers, agents, or government agencies. 

We may also share your information if we believe it is necessary to protect you or others from harm, or as needed to establish our legal rights.

Corporate Events. If Zentry (or the assets related to our business) are acquired by another company, whether by merger, acquisition, or otherwise, that company will receive all information gathered by Zentry through the Services. In this event, you or your organization will be notified via email and/or a prominent notice on our website of any change in ownership, including information available on the uses of your Personal Data and choices you may have regarding your Personal Data.

 

4.   Security

We value your trust in providing your Personal Data to us. We implement appropriate physical, technical and organizational security measures to protect Personal Data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of use, in accordance with industry standards. Despite our efforts we want to remind you that no method of transmission over the internet, or method of electronic storage, is 100% secure and reliable, and we cannot guarantee its absolute security. It is important that you take steps necessary to protect your information as well, such as protecting your passwords and means of multi-factor authentication.

We do our best to make sure that our personnel and trusted service providers who need information to perform a specific job are granted access to the Personal Data only on a need-to-know basis and are subject to stringent confidentiality requirements.

 

5.   Children’s Privacy

Our Services are not designed or intended for use by anyone under the age of 13, and you may not use the Services if you are under the age of 13. As such, we do not knowingly collect personal information from children under 13. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to take the necessary actions.

 

6.   Supplemental EEA Privacy Statement

This Supplemental EEA Privacy Statement is relevant to any individual located in the European Economic Area (“EEA”) who uses the Services. Applicable law, including the European Union Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”), may require Zentry to provide additional and different information about its data processing practices to data subjects in the EEA. If you are accessing the Services from a member state of the EEA through a site targeting an EEA member country, then this Supplemental EEA Privacy Statement applies to you.

For purposes of the GDPR and other applicable laws, we, Zentry Security, Inc., with offices at 1371 McCarthy Blvd., Milpitas, CA 95035 USA, are the data controller of your personal information that we collect when you are using our website, however your organization may be the data controller when we are acting on their behalf and providing other Services. When we act as a data controller, the processing of personal information undertaken by our affiliates, subsidiaries, or related entities is as a joint controller with Zentry.

 

7.   Legal Basis for Processing Personal Data

Personal Data Transfers outside of the EEA. Zentry may transmit some of your Personal Data to a country where the data protection laws may not provide a level of protection equivalent to the laws in your jurisdiction, including the United States. As required by applicable law, Zentry will provide an adequate level of protection for your Personal Data using various means, including, where appropriate:

  • relying on a formal decision by the European Commission that a certain country ensures an adequate level of protection for personal data ;
  • entering into appropriate data transfer agreements based on language approved by the European Commission, such as the most recent Standard Contractual Clauses;
  • implementing appropriate physical, technical and organizational security measures to protect Personal Data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access, and against all other unlawful forms of processing;
  • taking other measures to provide an adequate level of data protection in accordance with applicable law.

Any onward transfer is subject to appropriate onward transfer requirements as required by applicable law.

Data Retention. Zentry keeps Personal Data from the website for as long as required to provide the Services you have requested or registered for, and to comply with applicable laws and record-keeping requirements. Zentry keeps Personal Data from ZTA Users while the Services are being used and Personal Data is deleted shortly thereafter and not retained.

Data Subject Rights. You have a right to request from Zentry access to and rectification or erasure of your Personal Data or restriction of processing concerning you, as well as the right to data portability under the GDPR. You also have the right to object, on grounds relating to your situation, at any time to the processing of your Personal Data by us and we can be required to no longer process your Personal Data. In general, you have the right to object to our processing of your Personal Data for direct marketing purposes. If you have a right to object and you exercise this right, your Personal Data will no longer be processed for such purposes by us. You can exercise such rights by accessing the information in your account and privacy settings, if applicable, or submitting a request by email to support@zentry.com.

If you have provided consent for cookies that are not strictly necessary, or for direct marketing emails or other data processing based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal. You have the right to lodge a complaint with a supervisory authority.

Your Choices. You are not required to provide any Personal Data to Zentry, but if you do not provide any Personal Data at all to Zentry, we will not be able to provide the Services. If you provide only some of the personal information requested, the functionality of some Services designed to process certain information for you may not operate correctly.

Profiling. Except for the purposes of authentication, security, and access features of the Services, Zentry does not use automated decision-making, including profiling, in a way that produces legal effects concerning you or which significantly affects you.

 

8.   International Transfers of Your Data

The personal information we collect is stored in secure hosting facilities in the United States. Your personal information may be accessed by our personnel in other countries on a need-to-know basis through secure connections to respond to your support requests, and to provide other maintenance, communications, and development services. 

We will ensure that any transfer of personal information from countries in the European Economic Area (“EEA”) to countries outside the EEA will be protected by appropriate safeguards, for example by using standard data protection clauses approved by the European Commission and the United Kingdom, or the use of binding corporate rules, or other legally accepted means.


9.   Additional Information for California Residents

How We Source, Use, and Disclose Information for Business Purposes. The following chart details the categories of personal information we collect, the sources of such personal information, and how we use and share such information for business purposes.

Categories of Personal Information Collected Sources of Personal Information Purposes for Use of Personal Information Disclosures of Personal Information for Business Purposes
Contact information (e.g., name, title, employer, email address, phone number)
• You
• Your organization
• To fulfill orders and provide the Services
• Communicate with you for administrative and other purposes
• Analyze use of and personalize the Services
• Improve the Services
• Provide security, prevent fraud, and for troubleshooting errors
• Comply with legal requirements
• Hosting and other trusted service providers
• Law enforcement in the event of a lawful request or to others to prevent harm
• With entities in the event of a corporate transaction
• With your consent
• Third-party services and resources your organization permits you to access
Financial and transactional information (e.g., payment account information and purchase history)
• You
• Your organization
• Provide the Services ordered
• Facilitate your payments
• Provide security and prevent fraud and abuse
• Comply with legal requirements
• Payment processors
• Law enforcement in the event of a lawful request
• With entities in the event of a corporate transaction
• With your consent
Login credentials (e.g., your account name and password)
• You
• Your organization
• Authenticate you and authorized users of the Services
• Provide security, and prevent fraud and abuse
• Third-party service providers as needed to interoperate
• Law enforcement in the event of a lawful request
• With entities in the event of a corporate transaction
• With your consent
Device and online identifier information (e.g., device ID, IP address, browser type, operating system, general location inferred from IP address, and similar information
• You, through your device
• Provide the Services
• Analyze use of and personalize the Services
• Improve the Services
• Provide security, and prevent fraud and abuse
• Hosting and other trusted service providers
• Law enforcement in the event of a lawful request
• With entities in the event of a corporate transaction
• With your consent
Service usage information (e.g., the dates and times you use our Services, how you use our Services, and the content you interact with on our Services)
• You, through authentication to the ZTA solution
• You, through your device and tracking technologies
• Provide the Services and for billing purposes
• Analyze use of and personalize the Services
• Improve the Services
• Provide security, and prevent fraud and abuse
• Comply with legal requirements
• Third-party service providers as needed to interoperate
• Law enforcement in the event of a lawful request
• With entities in the event of a corporate transaction
• With your consent

Your California Privacy Rights. If you are a California resident, the California Consumer Privacy Act (“CCPA”) allows you to make certain requests about your personal information. Specifically, the CCPA allows you to request us to:

  • Inform you about the categories of personal information we collect or disclose about you; the categories of sources of such information; the business or commercial purpose for collecting your personal information; and the categories of third parties with whom we share/disclose personal information
  • Provide access to and/or a copy of certain personal information we hold about you
  • Delete certain personal information we have about you
  • Provide you with information about the financial incentives that we offer to you, if any.

The CCPA further provides you with the right not to be discriminated against (as provided for in applicable law) for exercising your rights under the statute. Please note that certain information may be exempt from such requests under California law. For example, we need certain information to provide our Services to you. We also will take reasonable steps to verify your identity for security purposes before responding to a request. In doing so, we may ask you for verification information so that we can match at least two verification points with information we maintain in our files about you. If we are unable to verify you through this method, we shall have the right, but not the obligation, to request additional information from you.

If you would like further information regarding your legal rights under California law or would like to exercise any of them, or if you are an authorized agent making a request on a California consumer’s behalf, please contact us at support@zentrysecurity.com.

The CCPA provides certain rights if a company “sells” personal information, as such term is defined under the CCPA. We do not engage in activities that would be considered “sales” of your personal information under the CCPA.

Shine the Light Disclosure. The California “Shine the Light” law gives residents of California the right under certain circumstances to request information from us regarding the way we share certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes. We do not share your personal information with third parties for their own direct marketing purposes without your affirmative consent.

Browser “Do Not Track” Signals. Some web browsers may transmit “do-not-track” signals to a website. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they are aware of them. Because there currently is no industry standard concerning what, if anything, a service should do when they receive such signals, we currently do not take action in response to these signals.

 

10.   Changes to This Privacy Policy

We may update this Privacy Policy from time to time and if we do, we’ll post any changes on this page. These changes are effective immediately. If you continue to use our website and our Services after those changes are in in effect, you agree to the new policy. If the changes are significant, we may provide more prominent notice or get your consent, as required by law.

 

11.   Account Information and Deletion

You may update, correct, or delete your Personal Data and preferences at any time by contacting us at support@zentrysecurity.com. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain some information you submit for satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.

 

12.   Contact Us

If you have any questions or suggestions about our Privacy Policy, do not hesitate to contact us at support@zentrysecurity.com or write to us at Zentry Security, Inc., with offices at 1371 McCarthy Blvd., Milpitas, CA 95035 USA.

LET’S Get Started

Learn how to Zentrify your Applications.