While
the new GDPR regulations have been in place since the end of May
1. Information Collection
General. When you visit the Site, you can browse without submitting any personal information about yourself. We will, however, receive and store some non-personally identifiable information about you, as described below. In order to participate in certain functionalities, you may be asked to provide personally identifiable information. Personally identifiable information is information that can identify you, including, for example, your name or email address.
Account; Purchase; Payment Information. If you create an account or purchase paid features of the Service, we request certain personally identifiable information from you on our payment form, including, but not limited to, name, email address, and payment card information (including card number, expiration address, and verification code). We use a third party payment processor (currently Authorize.Net) to assist in securely processing your personally identifiable payment information, including recurring charges (if any). The credit card information that you provide is encrypted and transmitted directly to Authorize.Net. We do not store your credit card information and do not control and are not responsible for Authorize.Net or its collection or use of your information. You may find out more about how Authorize stores and uses your credit card information by accessing the Privacy Policy for Authorize.Net Services. If you choose to use PayPal to make purchases through the Site, you will be directed to the PayPal website and provide your payment information directly to PayPal. PayPal’s privacy policy applies to the information you provide on the PayPal website.
Communications; Email Address Collection. In order to receive certain communications from us, such as responses to user inquiries, you will be required to submit your email address to us. You may also provide your email address to us in order to receive security updates and news even if you do not sign up for an account or make a purchase. Any non-Service related email you receive from us will include an unsubscribe link that will allow you to opt-out of receiving future emails. It may be necessary to send you Service-related announcements. For example, if the Service is temporarily suspended for maintenance, we may send users an email. You may not opt-out of Service-related emails which are not promotional in nature.
User Content. The Service may allow you to post or submit comments or other information, such as in response to our blog content (www.wordfence.com/blog) (“User Content”). We may use User Content to improve the Service and we may save User Content or other content you post indefinitely.
Site Cleaning Service. If you purchase our site cleaning service we may download portions of your site to secure servers in order to analyze and clean the site. As part of the site cleaning service we also require: access to your database, access to your site control panel, and server credentials to log into your site. The server credentials are transmitted via an encrypted page and stored using PGP encryption. We may also retain a backup of portions of your site for a limited amount of time after the cleaning for quality assurance purposes.
Automatically Collected Information. Similar to other websites, we may collect some information automatically from you and store it in log files. This collection may include, but is not limited to: your domain name and host for Internet access, the Internet address of the site from which you came, the date and time of your access, your computer’s IP address and information about its operating system, browser, and host, the date and time you access the Service and the pages you visit. We collect this non-identifying information in order to help diagnose problems and to administer the Service. We also use it to help identify you and to gather broad demographic information. We may automatically collect information using various mechanisms, including but not limited to cookies and pixels.
A “cookie” is a small text file that is stored on a computer for record-keeping purposes. We use cookies for analyzing trends, site administration, tracking user movement, and to gather demographic information from our base as a whole. Some cookies remain on your computer until you delete them. Others, like session ID cookies, expire when you close your browser. You may set your browser setting to attempt to reject cookies and you may still use the Service, however, certain features of the Service may not be available if your browser does not accept cookies. See “Do-Not Track Settings” below for more information on how use of the Service may or may not be affected by your browser settings. We do not control the use of cookies by third parties. Also see “Third Party Analytics Providers” below.
“Pixels” are tiny graphics with a unique identifier that are used to track the online movements of web users. Unlike cookies, which are stored on a computer’s hard drive, pixels are small graphics that are about the size of the period at the end of the sentence that are embedded invisibly on web pages or in HTML-based emails. Our third-party analytics providers may place pixels on the Site that track what other websites you visit (both before and after visiting the Site). Our third-party analytics providers use information obtained from pixels to help us improve our business and the Service. We do not control the use of pixels by third parties.
Third Party Analytics Providers. We use third parties to help us operate and improve the Service. In doing so, we may share with these third parties non-personally identifiable information about users’ use of the Service. These third party providers also use cookies. We use third party analytics providers, such as Google Analytics, to provide us with general demographic and interest-level information about our users and to help create a better user experience. We do not control information collected by third parties and are not responsible for their use of that information.
Google Analytics uses cookies and pixels in order to collect demographic and interest-level information and usage information from users that visit the Service, including but not limited to information about the pages where users enter and exit the Service and what pages users view on the Service, time spent, browser, operating system, and IP address. Cookies and pixels allow Google to recognize a user when a user visits the Service and when the user visits other websites. Google uses the information it collects from the Service and other websites to share with us and other website operators information about users including, but not limited to, age range, gender, geographic regions, general interests, and details about devices used to visit websites and purchase items. We take reasonable measures to prevent linking of information we receive from Google with any of your personally identifiable information. For more information regarding Google’s use of cookies and collection and use of information see the Google Privacy Policy. To opt out of Google Analytics, please visit the Google Analytics Opt-Out Page to learn about opting out and installing the appropriate browser add-on.
“Do Not Track” Settings. Because we track website usage information as described above, your selection of the “Do Not Track” option provided by your browser may not have any effect on our collection of certain information. The only way to completely “opt out” of the collection of information through cookies or other tracking technologies is to actively manage the settings on your browser to delete and disable cookies and other tracking/recording tools. However, getting a “Do Not Track” signal to work as you might want is difficult. Using browsers as an example, not all tracking technologies can be controlled by browsers; unique aspects of your browser might be recognizable even if you disable a tracking technology; not all settings will necessarily last or be effective; even if a setting is effective for one purpose, data still may be collected for another; and even if one website observes a “Do Not Track” signal, that website may not be able to control other websites.
Linked Sites. The Site may contain links to third party websites (“Linked Sites”), including social media features such as Facebook, LinkedIn, or Twitter buttons. We are not responsible for the privacy practices or content of any Linked Sites and Linked Sites may collect personally identifiable information from you that is not subject to our control. The data collection practices of Linked Sites will be governed by that site’s privacy policy.
2. Information Use
General. We will use your personally identifiable information to operate, manage and administer the Service; to fulfil your purchase of any paid features of the Service (if applicable); to provide you with support or a more personalized experience; to communicate with you; and to provide you information about products and services (including the products and services of third parties). We may also use personal information to resolve disputes; to detect and protect against errors, fraud, and criminal activity; to assist law enforcement; to enforce this Privacy Policy and the Terms of Use; or for any other purpose described in this Privacy Policy or that we describe to you at the time of collection.
Use of Non-Personally Identifiable and Aggregate Information. We may use non-personally identifiable information and aggregate information for any lawful purpose, including, but not limited to, analyzing trends, managing and administering the Service, tracking users’ movements, for research purposes, or to improve our business and the Service. In addition, we may share aggregate statistical information with our business partners. We may also combine your non-personally identifiable information and aggregate information with other non-personally identifiable information and aggregate information collected from other sources.
Information Retention. We will retain your information indefinitely, or as long as legally required or allowed. We may dispose of any information in our discretion without notice, subject to applicable law. We do not undertake any retention obligations through this statement.
3. Information Disclosure
Affiliated Entities and Service Providers. We may disclose your information, including personal information, to any affiliated entity or organization, business partner, and to agents and service providers to help us operate the Service, improve our business or the Service, and to provide services to us. These third parties may include customer service providers, business or sales service providers, or providers that provide support for the Service.
Insolvency or Business Transition. If we should ever file for bankruptcy or engage in a business transition such as a merger with another company, or if we purchase, sell, or reorganize all or part of our business or assets, we may disclose your information, including personal information, User Content, and user data or information, to prospective or actual purchasers in connection with one of these transactions.
Disclaimer. Due to the complexity and open nature of the Internet, no transmission of data over the Internet can be 100% secure. There is always a risk that information collected by and/or displayed on the Service may be compromised or accessed notwithstanding the steps we take to secure your information. For example, a third party may unlawfully intercept or access transmissions or private communications, or other users of the Service may abuse or misuse your personal information. Accordingly, you agree that you are providing such information at your own risk.
4. Security
Keeping your information secure is of great concern to us. We exercise care in facilitating the transmission of information between your device or computer and our servers (or the third party servers that operate and store information for the Service). Any personally identifiable information collected by the Service is stored in operating environments that are not available to the public. While we have mechanisms in place to safeguard your personal information after we receive it, no transmission of data over the internet can be 100% secure.
5. International Use
Our servers and offices are located in the United States, so your information may be transferred to, stored, or processed in the United States. While the data protection, privacy, and other laws of the United States might not be as comprehensive as those in your country, we take many steps to protect your privacy, including offering a data processing agreement for European Union (“EU”) customers.
To comply with EU General Data Protection Regulation (“GDPR”), our EU customers must sign our Data Processing Agreement (“DPA”) and the Standard Contractual Clauses to establish the respective responsibilities between the Defiant customer (as the data controller) and Defiant itself (as the data processor). If the GDPR applies to you please download, sign, and email both the DPA and the Standard Contractual Clauses to privacy@defiant.com. Both the DPA and Standard Contractual Clauses are available in one document in our GDPR Help section. Note you must sign in two places.
By using the Services, you understand and consent to the collection, storage, processing, and transfer of your information to our facilities in the United States and those third parties with whom we share it as described in this policy.
6. Children’s Privacy
The Service is Not for or Directed Towards Children. While the Service is not intended for anyone under the age of 18, we do not intend to and will not knowingly collect any personal information from children under the age of 13. Children under the age of 13 are prohibited from using the Service. If we learn that we have collected information from a child under the age of 13, we will remove that information immediately and delete it from our servers (subject to applicable law and this Privacy Policy). If you believe content from a child under the age of 13 has been posted to the Service, please notify us by contacting us at privacy@defiant.com.
California Shine the Light Law. California Civil Code Section 1798.83 permits users who are California residents to obtain from us once a year, free of charge, a list of third parties to whom we have disclosed personal information (if any) for direct marketing purposes in the preceding calendar year. If you are a California resident and you wish to make such a request, please send an e-mail with “California Privacy Rights” in the subject line to privacy@defiant.com or write us at: Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104.
California Minors. While the Service is not intended for anyone under the age of 18, if you are a California resident who is under age 18 and you are unable to remove publicly-available content that you have submitted to us, you may request removal by contacting us at: privacy@defiant.com. When requesting removal, you must be specific about the information you want removed and provide us with specific information, such as the URL for each page where the information is located, so that we can find it. We are not required to remove any content or information that: (1) federal or state law requires us or a third party to maintain; (2) was not posted by you; (3) is anonymized so that you cannot be identified; (4) you don’t follow our instructions for removing or requesting removal; or (5) you received compensation or other consideration for providing the Content or information. Removal of your content or information from the Service does not ensure complete or comprehensive removal of that content or information from our systems or the systems of our service providers. We are not required to delete the content or information posted by you; our obligations under California law are satisfied so long as we anonymize the content or information or render it invisible to other users and the public.
7. Changes and Updates to this Privacy Policy
We reserve the right to revise this Privacy Policy by updating it and posting it at https://www.wordfence.com/privacy-policy/, with the new terms taking effect on the date of posting. You should periodically review this Privacy Policy to ensure you are familiar with the most current version. Your use of the Service after the Effective Date posted above constitutes your acceptance of the updated Privacy Policy.
8. Accessing, Updating, or Deleting User Content and Your Personal Information
You may access, update, or delete your personal information by contacting us at privacy@defiant.com or write us at: Defiant, Inc., 800 5th Ave Ste 4100, Seattle, WA 98104. We will make good faith efforts to resolve requests to correct inaccurate information except where the request is unreasonable, requires disproportionate technical effort or expense, jeopardizes the privacy of others, or would be impractical.