Privacy Policy | Kolide by 1Password

Kolide, Inc. (“Kolide”, “we” or “us”) has prepared this privacy policy to describe our privacy practices regarding the Personal Information we collect from “you,” users of our website, located at kolide.com (the “Site” and the Kolide’s products and services, including, but not limited to, Kolide and other products and services offered via the Site (the “Services”). Capitalized terms not defined in this privacy policy will have the meaning given to them in Kolide’s standard form master software as a service agreement (the “MSA”) located at https://kolide.com/terms.

Why Do We Need Your Personal Information

We will only process your personal information in accordance with applicable data protection and privacy laws and this Privacy Policy. If you do not agree to our use of your personal information in line with this Privacy Policy, please do not use our Services.

Information Collection

Information You Provide to Us

We may collect personal information from you, such as your first and last name, email and mailing addresses, professional title, company name, and password when you create an account with us (“Account”).
We may collect certain information about and from each Customer Device, such as hostname, IP address, serial number, make, model.
We may also separately collect our Customer Device location. For example, we may collect nearby Wi-Fi access points from a network card and share it with Google's location services to discover your location. We may be able to combine this information with the name of the primary user of such Customer Device. As a result, the applicable Customer or Authorized Users may be able to track your location. The applicable Customer can deactivate this feature by opting-out on Kolide’s Security and Privacy settings pane located at https://k2.kolide.com/x/settings/admin/restrictions/edit
When connecting to our Services via a service provider that uniquely identifies your Customer Device, we may receive this identification and use it to offer extended services and/or functionality.
Certain Services may require our collection of your phone number. We may associate that phone number to your Customer Device identification information.
When you order Services, we will collect all information necessary to complete the transaction, including your name, credit card information and billing information. We do not store this information directly on our servers, but this information may be shared with third parties who help process and fulfill your purchases.
We retain information on your behalf, such as files and messages that you store using your Account.
If you provide us feedback or contact us via email, we will collect your name and email address, as well as any other content included in the email, in order to send you a reply.
When you post content (text, images, photographs, messages, comments or any other kind of content that is not your email address) on the Site or through the Services, the information contained in your posting will be stored in our servers and other users may be able to see it.
When you participate in one of our surveys, we may collect personal information that you provide in response to such surveys.
We also collect other types of personal information that you provide to us voluntarily, such as your operating system and version, product registration number, and other requested information if you contact us via email regarding support for the Services.
We may also collect personal information at other points in our Site or Services that state that personal information is being collected.

Please do not send us, or disclose to us in any way, any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership).

If you do send or disclose any sensitive personal information to us, you consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy.

Cookies

Like many online services, we use Cookies to collect information. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Services. This type of information is collected to make the Site more useful to you and to tailor the experience with us to meet your special interests and needs. We use two broad categories of Cookies: (1) first party Cookies, served directly by us to your computer or mobile device, which are used only by us to recognize your computer or mobile device when it uses the Services; and (2) third party Cookies, which are served by service providers on our Services, and can be used by such service providers to recognize your computer or mobile device when it visits other websites.

Our Services use the following types of Cookies for the purposes set out below:

Type of Cookies	Purpose
Essential Cookies	These Cookies are essential to provide you with services available through our Services and to enable you to use some of its features. For example, they allow you to log in to secure areas of our Services and help the content of the pages you request load quickly. Without these Cookies, the services that you have asked for cannot be provided, and we only use these Cookies to provide you with those services.
Functionality Cookies	These Cookies allow our Services to remember choices you make when you use our Services, remembering your login details and remembering the changes you make to other parts of our Site/Application(s)/Service which you can customize. The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Services.
Analytics and Performance Cookies	These Cookies are used to collect information about traffic to our Services and how users use our Services. The information gathered does not identify any individual visitor. The information is aggregated and anonymous. It includes the number of visitors to our Services, the websites that referred them to our Services, the pages they visited on our Services, what time of day they visited our Services, whether they have visited our Services before, and other similar information. We use this information to help operate our Services more efficiently, to gather broad demographic information and to monitor the level of activity on our Site/Application(s)/Services. We use Google Analytics and other third party analytics services for this purpose. Google Analytics uses its own Cookies. It is only used to improve how our Services works. Click for more info on Google Analytics Cookies Click for more info on how Google protects your data You can prevent the use of Google Analytics relating to your use of our Services by downloading and installing the browser plugin

Type of Cookies

Purpose

Essential Cookies

These Cookies are essential to provide you with services available through our Services and to enable you to use some of its features. For example, they allow you to log in to secure areas of our Services and help the content of the pages you request load quickly. Without these Cookies, the services that you have asked for cannot be provided, and we only use these Cookies to provide you with those services.

Functionality Cookies

These Cookies allow our Services to remember choices you make when you use our Services, remembering your login details and remembering the changes you make to other parts of our Site/Application(s)/Service which you can customize.

The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Services.

Analytics and Performance Cookies

These Cookies are used to collect information about traffic to our Services and how users use our Services. The information gathered does not identify any individual visitor. The information is aggregated and anonymous. It includes the number of visitors to our Services, the websites that referred them to our Services, the pages they visited on our Services, what time of day they visited our Services, whether they have visited our Services before, and other similar information. We use this information to help operate our Services more efficiently, to gather broad demographic information and to monitor the level of activity on our Site/Application(s)/Services.

We use Google Analytics and other third party analytics services for this purpose. Google Analytics uses its own Cookies. It is only used to improve how our Services works.

Information Collected via Technology

Information Collected by Our Servers. To make our Site and Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.

How We Respond to Do Not Track Signals. We do not currently respond to “do not track” signals or other mechanisms that might enable consumers to opt out of tracking on our Services.

Mobile Services. We may also collect information from your Customer Device. This information helps us provide and improve the Services. Examples of information that may be collected and used include your geographic location, how you use the Services, and information about the type of Customer Device you use.

Analytics Services and Interest-Based Advertising. In addition to the tracking technologies we place, other companies may set their own Cookies or similar tools when you use our Services. This includes third party analytics services, including but not limited to Google Analytics (“Analytics Services”), that we engage to help analyze how users use the Services, as well as third parties that deliver content or offers. We may receive reports based on these parties’ use of these tools on an individual or aggregate basis. We use the information we get from Analytics Services only to improve our Services. The information generated by the Cookies or other technologies about your use of our Site and Services (the “Analytics Information”) is transmitted to the Analytics Services. The Analytics Services use Analytics Information to compile reports on user activity. The Analytics Services may also transfer information to third parties where required to do so by law, or where such third parties process Analytics Information on their behalf. Each Analytics Services’ ability to use and share Analytics Information is restricted by such Analytics Services’ Terms of Use and Privacy Policy. By using our Site and Services, you consent to the processing of data about you by Analytics Services in the manner and for the purposes set out above. For a full list of Analytics Services, please contact us at privacy@kolide.com.

Information Collected from You About Others

If you decide to designate Permitted Users in connection with your use of the Services, we will collect from each Permitted User the following information: first and last name, email address, job title, phone number, and password. We rely on you to obtain all necessary rights, permissions, consents and approvals from Permitted Users to enable our collection, use, processing and disclosure of such information as set forth herein and in the MSA.

Use of Your Personal Information

General Use

In general, personal information you submit to us is used either to respond to requests that you make, or to aid us in serving you better. We use your personal information in the following ways:

facilitate the creation of and secure your Account;
identify you as a user in our system;
provide improved administration of our Site and Services;
provide the Services you request;
improve the quality of experience when you interact with our Site and Services;
send you a welcome email to verify ownership of the e-mail address provided when your Account was created;
send you administrative e-mail notifications, such as security, or support and maintenance advisories;
respond to your inquiries related to employment opportunities or other requests; and
make telephone calls to you, from time to time, as a part of secondary fraud protection or to solicit your feedback.

User Testimonials and Feedback. We often receive testimonials, comments and feedback from users who have had positive experiences with our Services. If you provide such information, we may share your content with your first name and last initial only.

Creation of Anonymous Information. We may create anonymous information records from personal information by excluding information (such as your name) that makes the data personally identifiable to you. Information that does not relate to an identified or identifiable individual is not considered personal information. We reserve the right to use anonymous information and aggregated and other de-identified information for any purpose and disclose anonymous information to third parties in our sole discretion.

Disclosure of Your Personal Information

We disclose your personal information as described below and as described elsewhere in this Privacy Policy.

Third Parties Designated by You. When you use the Services, the personal information you provide will be shared with the third parties that you designate to receive such information, including other websites, your friends, relatives, employer, employees and business associates. Depending on the type of access you grant to such third parties, they may also be permitted to edit the information you have provided to us and to designate others to access and edit such information. You may change your settings at any time as to who has access to your information by going to your Account settings and changing your publishing options.

This Privacy Policy addresses only our use and disclosure of information we collect from and/or about you on the Services. If you disclose information to others, or authorize us to do the same under this Privacy Policy, the use and disclosure restrictions contained in this Privacy Policy will not apply to any third party (such as a Customer, Administrative Users or other users). We do not control the privacy policies of such third parties, and you are subject to the privacy policies of those third parties where applicable.

Users. We may share certain of your personal information with other users solely for the purpose of providing the Services.

Third Party Service Providers. We may share your personal information with third party service providers: to provide you with the Services; to conduct quality assurance testing; to facilitate creation of Accounts; to provide technical support; and/or to provide other services to Kolide. Without limiting the foregoing, certain Services require that Kolide make available certain of your personal information to third parties to be processed by such third parties. Kolide may provide access to Personal Information to the entities listed on this page https://kolide.com/privacy-policy/sub-processors. You (or the applicable Customer or Administrative Users) may be able to opt out of the sharing of personal information to certain such third parties via your Account.

Payment Processing Information. For online payments and/or Automated Clearing House (ACH) payouts, we use the payment services of Stripe. When you provide payment information to us, it is routed directly to Stripe and is not received or processed on our servers. For more information on how payments are handled, or to understand the data security and privacy afforded such information, please see https://stripe.com/us/privacy.

Affiliates. We may share some or all of your personal information with our parent company, subsidiaries, joint ventures, or other companies under common control.

Customers. We may share all or a portion of your personal information with Customer, that is, with your employer or the entity with whom you contract and that has requested that you participate in the Services.

Corporate Restructuring. We may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition or dissolution, transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, personal information may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the personal information collected by us and will assume the rights and obligations regarding your personal information as described in this Privacy Policy.

Other Disclosures. Regardless of any choices you make regarding your personal information (as described below), we may disclose personal information if we believe in good faith that such disclosure is necessary (a) in connection with any legal investigation; (b) to comply with relevant laws or to respond to subpoenas or warrants served on Kolide; (c) to protect or defend the rights or property of Kolide or users of the Site or Services; and/or (d) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or the MSA (if applicable).

Customers and Administrators

We may receive personal or anonymous information about you from Customers, such as first and last name, photo, email address, phone numbers, job title, and department. We may add this information to the information we have already collected from you in order to provide and improve the Services. Information we collect from you may be shared with Customers and Administrative Users. Such Administrative Users may also be able to modify certain or your Account settings.

Security

The protection of personal information is a top priority for us so we will maintain administrative, physical, and technical safeguards designed to protect personal information. Those safeguards will include measures designed to prevent unauthorized access, use, modification, deletion and disclosure of personal information. You can view these safeguards and practices at https://kolide.com/security.

Third Party Websites

Our Services may contain links to third party websites. When you click on a link to any other website or location, you will leave our Services and go to another site and another entity may collect personal or anonymous information from you. We have no control over, websites or content, or to any collection of your personal information after you click on links to such outside websites. We encourage you to read the privacy policies of every website you visit. The links to third party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content or websites.

Your Rights and Choices Regarding Your Information

You have several choices regarding use of information on our Services:

Email Communications. We will periodically send you direct marketing communications. When you receive such communications, you may “opt-out” of such communications by following the unsubscribe instructions provided in the email you receive or by contacting us directly at the e-mail address set forth below. Even if you opt out of receiving marketing communications, we may send you service related communications, including notices of any updates to the MSA or Privacy Policy.

Cookies. If you decide at any time that you no longer wish to accept Cookies from our Services for any of the purposes described above, then you can change the settings in your browser to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the Services or all functionality of the Services.

Access. You may access the personal information we hold about you at any time via your Account or by contacting us at the e-mail address set forth below.

Amend. You can also contact us at the e-mail address set forth below to update or correct any inaccuracies in your personal information.

Move. Your personal information is portable – i.e. you to have the flexibility to move your personal information to other service providers as you wish.

Erase and forget. In certain situations, for example when the personal information we hold about you is no longer relevant or is incorrect, you can request that we erase your personal information. To request to delete, access, and transfer your data, please email support@kolide.com.

Updates

We may change this Privacy Policy at any time. The most current version is always available on our website and will have a “last updated” date at the top. Please note that at all times you are responsible for updating your personal information to provide us with your most current email address. If you do not wish to permit changes in our use of your personal information, you must notify us that you wish to deactivate your Account with us and must stop using our Services. Continued use of our Site or Service after we post an updated Privacy Policy shall indicate your acknowledgement of such changes and agreement to be bound by the terms and conditions of such changes.

Transfer of Personal Information Outside the EEA

Your information, including personal information that we collect from you, may be transferred to, stored at and processed by us and our affiliates and other third parties outside the country in which you reside, including, but not limited to the United States, where data protection and privacy regulations may not offer the same level of protection as in other parts of the world. By using our Services, you agree to this transfer, storing, and processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this policy.

When Kolide engages with customers in-scope for the GDPR, Kolide will work with them to build a Data Protection Addendum (DPA) that satisfies GDPR requirements and gives organizations assurances their employee's personal data will be handled responsibility and within the parameters of US and EU data privacy laws.

In addition, Kolide will not engage with sub-processors or other third parties that might potentially handle personal data that do not have the appropriate documentation, tools, and legal attestations surrounding their GDPR compliance.

Automated Decision-Making

We do not use your personal information for the purposes of automated decision-making. However, we may do so in order to fulfill obligations imposed by law, in which case we will inform you of any such processing and provide you with an opportunity to object.

Data Retention Periods

We will only retain your personal information as long as reasonably required for you to use the Services and/or to provide you with the Services or until you close your Account unless a longer retention period is required or permitted by law (for example, for regulatory purposes).

A Note About Children

We do not intentionally gather personal information from visitors who are under the age of 13. If a child under 13 submits personal information to Company and we learn that the personal information is the information of a child under 13, we will attempt to delete the information as soon as possible. If you believe that we might have any personal information from a child under 13, please contact us at privacy@kolide.com.

Questions

If you have any questions or concerns or complaints about our Privacy Policy or our data collection or processing practices, or if you want to report any security violations to us, please contact us at the following email address: privacy@kolide.com.

Kolide, Inc.
Attn: Director of Operations
51 Pleasant Street, #765
Malden, MA 02148