Vigilante Privacy Statement

EFFECTIVE: 12/30/2019

Your privacy is very important to us. Vigilante’s core business is protecting consumers and brands from abuse and fraud resulting from the compromise and exposure of personal and business information. We work with companies to prevent security incidents and fraud.  This Privacy Statement (“Statement”) describes the privacy practices of Vigilante. (“Vigilante” “we,” “our” or “us”). This Privacy Statement explains the information we collect, why we collect it, how we use and share it and the choices you can make regarding your information.

SUMMARY OF OUR PRIVACY STATEMENT

The following summarizes our Privacy Statement. For more detail, refer to the full Privacy Statement below. Refer to the Table of Contents to link directly to any section.

 

Information We Collect and How We Collect It. We collect personal and other information about consumers in various ways including:

  • Directly when you open a corporate account with us or sign up to receive emails or research papers from us. Information collected may include name, email address and other important identifying information,
  • Automatically when you interact with us online such as IP address, cookies, device information and browser information,
  • From other parties to help us set up, manage, protect or service your corporate account, such as service providers, marketing companies and data providers, and
  • From underground online communities, commonly referred to as the “dark web”, which can be sourced by a variety of means (e.g., vendor compromises, third party incidents, leaked or stolen data, etc.).

 

Use of Personal Information. We use personal and other information for many different reasons, including to:

  • Provide and maintain your corporate account, services and products,
  • Provide forensically sound packages of publicly leaked data that can be utilized to determine the impact of a breach,
  • Perform analysis to report data exposure against a secured repository
  • Perform analytics and research to improve and develop our websites and services,
  • Let you know about updates or important information about your company’s services,
  • Protect our business, services, customers, websites or comply with legal requirements.

 

Sharing Personal Information. We share personal and other information with others for business purposes, including with:

  • Our affiliates,
  • Companies that are involved in business transactions,
  • Our authorized agents,
  • Service providers,
  • Third parties in connection with a business transaction, and
  • Law enforcement, regulators and other parties for legal reasons.

Your Rights as a California Resident: As a California resident, you have certain rights including the right to access your personal information and the right to request deletion of your personal information. To learn more about these rights including how to make a request, refer to the full Privacy Statement below.

FULL PRIVACY STATEMENT

Use the Table of Contents to link directly to a specific section or scroll down to read the full Privacy Statement.

SUMMARY OF OUR PRIVACY STATEMENT
FULL PRIVACY STATEMENT
INFORMATION WE COLLECT AND HOW WE COLLECT IT
USE OF PERSONAL INFORMATION
SHARING INFORMATION
COOKIES AND OTHER TRACKING TECHNOLOGIES
SOCIAL MEDIA, LINKS AND EXTERNAL SITES
SECURITY
CHANGES TO OUR PRIVACY STATEMENT
STATE SPECIFIC INFORMATION

INFORMATION WE COLLECT AND HOW WE COLLECT IT

We collect personal and other information in several different ways. We collect personal information directly from you when you sign up to create a corporate account to access our services or if you sign up to receive emails or research papers. We collect information from underground online communities, commonly referred to as the “dark web”, which can be sourced by a variety of means (e.g., vendor compromises, third party incidents, leaked or stolen data, etc.). We and service providers working on our behalf collect personal and other information from you automatically when you use one of our websites, mobile apps, view our emails or otherwise engage with us through a computer or mobile device (“Sites”). We also collect personal and other information about you from third parties such as service providers, marketing companies and data providers.

 

The following are the categories of personal and other information that we may collect and examples of the information that fall into those categories. We do not intentionally seek some of this information, but it may be present in data sets that we locate in compromised data files on the dark web. Much of the information collected is in a form that is not reasonably capable of being associated or linked with an individual and may not be considered personal information:

CATEGORIES EXAMPLES
PERSONAL IDENTIFIERS Name, alias, postal address, unique personal identifier, online identifier, email address, account name, Social Security number, driver’s license number, passport number, or other similar identifiers.
OTHER IDENTIFYING INFORMATION A signature, description of physical characteristics, phone number, state identification card number, insurance policy number, date of birth, family member information, bank account number, credit card number or other payment or financial information, medical information or health insurance information, plan account balance
CHARACTERISTICS OF PROTECTED CLASS Age, race, color, marital status, sex (including gender, gender identity, gender expression).
COMMERCIAL INFORMATION Payment history, records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies and agent information, criminal conviction and credit information.
INTERNET OR OTHER ELECTRONIC NETWORK ACTIVITY INFORMATION Browsing history, search history, information regarding an interaction with our website, application or advertisement, links used or web pages visited while visiting our site or applications, browser type, internet service provider (ISP), cookies, and mobile device including device identifier or other device information, IP address or other location information.
GEOLOCATION DATA Physical location.
MULTIMEDIA INFORMATION Audio, electronic or similar information.
EMPLOYMENT INFORMATION Professional or employment‐related information.
EDUCATION INFORMATION Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, student financial information.

 

Our website is not intended for children. We do not market any products or services to children under the age of thirteen or knowingly collect any information from children under the age of thirteen.

USE OF PERSONAL INFORMATION

We use personal and other information for business purposes including to:

      • Help prevent and detect security incidents and fraud. We use information to identify data exposure and alert companies regarding specific exposures of information. Our corporate customers may use this information to alert individuals of the potential compromise of data to help prevent identity fraud or institute additional security measures deemed necessary.
      • Provide and maintain your services and products. We may use your personal information to provide service, or maintain your corporate account for services or products, make requested changes to your plan, complete a transaction, or respond to customer service requests or other inquiries.
      • Improve, develop and analyze our Sites, services and products. We use algorithms, analytics software and other similar methods to analyze personal information in order to improve, develop or deliver our Sites, products and services and develop new services, products or features. We also use information to analyze how visitors use our Sites to improve the Sites and enhance and personalize your experience. We collect some information used for these purposes using analytics software, cookies and other tracking technologies. For more information about the collection and use of this information, see Cookies and Tracking Technologies
      • Communicate with you about services or products. We may communicate with you about our products or services or your corporate account, provide you transaction confirmations, payment alerts or other service or product related messages via mail, email or other available methods such as text messages, if requested, and push notifications.
      • Comply with legal requirements and protect the safety and security of our business, services, and Sites. We may use information to comply with laws, regulations or other legal obligations, to assist in an investigation, to protect and defend our rights and property or the rights of third parties or enforce terms and conditions. We may also use personal and other information to prevent suspected fraud, threats to our network or other illegal activities, prevent misuse or for any other reason permitted by law. We may use personal information to protect our company, our affiliates, our customers, our network and our Sites.

SHARING INFORMATION

We may share personal information with our affiliates for business purposes consistent with the uses described in this Privacy Statement. We may also share personal information about you with third parties whenever you consent to or direct such sharing. We strive to work with companies that share our commitment to privacy. We may also share information with others in an aggregated or de-identified form that does not reasonably identify you.

 

We may also share personal or other information with third parties for business purposes or as required or permitted by law including with:

      • Our corporate customers: We may provide information from our repository which may contain your information. In most instances of this sharing, the information we provide is in a de-identified form that does not reasonably identify you.
      • Service providers: Personal information may be shared with service providers who perform services on our behalf for a business purpose including providers that:
        • engage in payment processing,
        • provide marketing and advertising, email or other communication services,
        • provide services that support our online activities including providing tracking technologies, web hosting and analytics,
        • provide technology services and enhance security, privacy and fraud protections,
        • provide analytics services or conduct research studies, and
        • provide support to our operations.

Any information shared with service providers in this regard is done in connection with the Services you request.

      • Third parties in connection with a business transaction: Personal information may be disclosed to third parties in connection with a corporate transaction, such as a merger, sale of any or all of our company assets or shares, reorganization, financing, change of control or acquisition of all or a portion of our business by an affiliate or third party, or in the event of a bankruptcy or related or similar proceedings.
      • Law enforcement, regulators and other parties for legal reasons: Personal information may be disclosed to third parties, as required by law or subpoena, or if we reasonably believe such action is necessary to:
        • comply with the law and the reasonable requests of regulators, law enforcement or other public authorities,
        • protect our or others safety, rights or property, and
        • investigate fraud or to protect the security or integrity of our Sites or any product or services
      • Our authorized agents: Vigilante may operate through agents and selling partners who sell our services and products on our behalf. We may share your personal information with those agents or selling partners to provide you with the services you’ve requested. They may use your personal information in the manner described in this Privacy Statement.

 

COOKIES AND OTHER TRACKING TECHNOLOGIES

Technologies and Information Collected: When you visit our Sites, we and our service providers automatically collect information about your use and access of these Sites. We collect this information through a variety of tracking technologies, including cookies and similar technology (collectively, “tracking technologies”). Information we collect automatically about you may be combined with other personal information we collect directly. The information collected in this manner includes:

      • Information about the computer, tablet, smartphone or other device you use, such as your IP address, browser type, Internet service provider, platform type, device type/model/manufacturer, operating system, date and time stamp, a unique ID that allows us to uniquely identify your browser, mobile device or your account (including, e.g., a persistent device identifier or an Ad ID), and other similar information,
      • Analytics information we collected or obtained via third party analytics tools, to help us measure traffic and usage trends for the Sites and to understand more about the demographics and behaviors of our users, and

 

Use of the information: We or our service providers may use the data collected through tracking technologies to improve, enhance and personalize your customer experience, to monitor and improve our Sites and for other internal purposes such as:

      • Provide custom, personalized content and information,
      • Perform analytics and detect usage patterns, and
      • Detect or prevent fraud or other harmful activities.

 

Our service providers include Google. To learn more about Google’s privacy practices, click here. To access and use the Google Analytics Opt-out Browser Add-on, click here.

 

Your choices regarding cookies: If you prefer not to accept cookies, most browsers will allow you to change your browser settings to disable existing cookies, automatically request cookies or to notify you when you receive a cookie. However, if you disable, modify, or reject cookies, some parts or functionalities of our Site may be inaccessible or not function properly. For example, disabling cookies may require you to repeatedly enter information to take advantage of services.

SOCIAL MEDIA, LINKS AND EXTERNAL SITES

Links to other company’s websites may be provided on the Vigilante Sites as a convenience to you. If you choose to go to these external websites, you will be subject to the privacy practices of those external websites; Vigilante is not responsible for the privacy practices of those websites. We encourage you to be aware when you leave our Site to read the privacy policies or statements of every Website you visit, as those privacy policies or statements may differ from ours. Our Privacy Statement applies solely to the Sites where this Privacy Statement appears.

 

Our website includes Social Media Features, such as for Twitter or LinkedIn. These Features may collect your IP address, which page you are visiting on our website, and may set a cookie to enable the Feature to function properly. Social Media Features are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy policy of the company providing it.

SECURITY

The security of your personal information is important to us. We use a combination of reasonable technical, administrative, and physical safeguards to protect your personal information. However, no website, mobile application, database or system is completely secure or “hacker proof.” So, we cannot guarantee its absolute security. You are also responsible for taking reasonable steps to protect your personal information against unauthorized disclosure or misuse.

We limit access to your personal information to those who need it to do their jobs. We comply with all applicable federal and state data security laws.

CHANGES TO OUR PRIVACY STATEMENT

We may periodically update or revise this Privacy Statement. The date at the top of this page shows when this Privacy Statement was last revised. We will let you know when we update the Privacy Statement by changing the date or other appropriate means. If you have questions about our Privacy Statement, you can contact us at 2425 East Camelback Road, Phoenix, AZ 85016 or via email at support@vigilante.io.

STATE SPECIFIC INFORMATION

For California Residents:

 

California residents have certain rights to access and delete their personal information described in this section, as well as other rights described below.

 

To better protect you and your personal information, we will only respond to access or deletion requests that we have been able to properly verify through our authentication processes. Since Vigilante does not have direct relationships with consumers, our ability to verify an individual is limited. To verify your identity, you will be asked to provide certain information, which we will only use to verify your identity or authority to make the request.

 

To submit an access or deletion request, please click here to submit an online request or call us at (1-800-659-1251).  Responses to a verified request may take up to 45 calendar days, or longer depending on the nature of the request. If additional time is needed, we will notify you of the additional time. We may only respond to two access requests within a 12-month period.

 

Right to Access Your Personal Information: You have the right to request that we disclose certain information about our collection and use of your personal information over the past twelve months including:

      • the categories of personal information collected about consumers,
      • the specific pieces of personal information we have about you,
      • the categories of sources from where personal information was collected,
      • the business purpose for collecting the personal information, and
      • the categories of third parties with whom we share personal information.

Since Vigilante does not have direct relationships with consumers, our ability to verify an individual or match data in our repository with an individual is limited. Accordingly, we are likely unable to provide specific pieces of personal information in response to a request.

 

Right to Deletion of Personal Information: You have the right to request we delete the personal information we collected, with certain exceptions. We will delete your personal information in response to a verifiable request unless needed for the following:

      • To complete a transaction for which we collected the personal information, provide a good or service you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you,
      • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities,
      • Debug products to identify or repair errors that impair functionality,
      • Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law,
      • Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us,
      • Comply with a legal obligation, including compliance with the California Electronic Communications Privacy Act, or
      • Otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

 

Sale of Personal Information

We do not sell personal information for money. We do share information with our business customers to assist the business customer to detect security incidents and protect against fraudulent, deceptive, or illegal activity. In most instances of this sharing, the information we provide is in a de-identified form that does not reasonably identify you. Under California law, sharing of this information may be considered a “sale” of information. Except for this kind of sharing, we do not sell any other information.

 

Because Vigilante does not have direct relationships with consumers and information is kept in a form that is not reasonably capable of being associated or linked to an individual, Vigilante may be unable to locate your information in our records to limit the sharing. Where we are able to locate your information, limiting sharing will impact our business customers’ ability to notify you of a potential compromise of your information and to help you prevent identity fraud. To make a request for Vigilante to not share this information, please click here.

 

Non-Discrimination Rights: You have the right not to receive discriminatory treatment by us for the exercise of your California privacy rights.