Netsurion Privacy Policy

Solutions
Maximize the value from SIEM. Use this SIEM calculator to compare the cost of Co-Managed SIEM and Traditional SIEM.

SIEM TCO Calculator
Secure Connectivity

Overview

Secure SD-Branch

Secure Cellular

Managed Firewall

Threat Protection

Overview

Co-Managed SIEM

SIEM for MSP

Managed EDR

SIEM Software

Log Management Software

Compliance Readiness

Overview

Merchant PCI Compliance

HIPAA

NIST 800-171

View All Regulations
Capabilities
Find out your risk level and revenue impact potential, since the rise of ransomware attacks on retailers, with this custom risk and impact report.

Take the Assessment
By Industry

Retail & Hospitality

C-Store & Gas Station

Financial & Banking

Energy & Utilities

Legal & Professional Services

Healthcare

Government

Education

By Challenge

Distributed Enterprise Networks

Point-of-Sale Secure Connectivity

Advanced Threat Management

Compliance Management

IoT Infrastructure Connectivity
Knowledge Center
Are you PCI DSS compliant? Changes are taking place this year. Take 5 minutes to learn about the 12 SAQ requirements required to gain compliance.

Take the quiz
Knowledge Center

Videos

Articles

Whitepapers

Case Studies

Infographics

Upcoming Events
Partners
Find out more about how you can consult, resell, refer, or market Netsurion merchant data security solutions and add value to your existing merchant services.

View the brochure
"We’ve never seen a time-to-value in cybersecurity quite like what we’ve seen with the Netsurion and EventTracker partnership"

- MSP Partner

Partners

Become a Partner

Partner Portal
About Us
Learn how PCI DSS, Point-to-Point Encryption (P2PE), Next-Generation Firewalls (NGFW), and Advanced Threat Protection work together to secure your business.

View the eBooks
About Us

Leadership

News

Careers

Contact Us
Customer Support
Contact Us
Login
PCI Compliance Manager Internal Newtwork Services INSP without Remote Access Partner Portal

Privacy Policy

This Netsurion LLC (“Netsurion”) privacy notice (“Privacy Notice”) describes how Netsurion LLC (“Netsurion”, “we” or “us”) collects, uses, shares, and retains personal information that users (each, a “User”) provide to us, or that we collect, when you use the Netsurion website located at https://www.netsurion.com and/or other websites owned or controlled by Netsurion (the “Site(s)”) or related mobile applications, use Netsurion products and services and complete related forms, participate in Netsurion events, or communicate with one of our customer service representatives (“Personal Data”). By using the Site(s), you signify your acceptance of this policy and terms of service. If you do not agree to this policy, you must not use the Site(s) or mobile applications, or provide personal information to us in connection with Netsurion’s products or services. Your continued use of the Site(s) following the posting of changes to this policy will be deemed your acceptance of those changes.

1. Privacy Shield Policy

Netsurion has adopted this Privacy Shield Policy as part of its overall Privacy Notice to establish and maintain an adequate level of privacy protection to certain Personal Information that Netsurion obtains regarding individuals located in the European Union.

Netsurion has certified its compliance with the Privacy Shield. To learn more about the Privacy Shield program, and to view Netsurion’s certification listing, please click here.

We have certified with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the processing of certain Personal Information from the European Union member countries. We have certified that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this Privacy Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.

If you have any inquiries or complaints about our handling of your Personal Information under the Privacy Shield, you should first contact us at privacy@netsurion.com and we will respond to your inquiry promptly. If we are unable to satisfactorily resolve your complaint, or we fail to acknowledge your complaint in a timely fashion, we have further committed to cooperate and comply with the panel of European data protection authorities (DPAs) in the resolution of any Privacy Shield complaints. If you reside in the European Union, you may also have the opportunity under certain conditions to invoke binding arbitration for complaints regarding the Privacy Shield not resolved by the above mechanisms. For more information, please see the "Complaints and How to Contact Us" section below.

Netsurion is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and of other relevant US statutory bodies authorized to verify and ensure compliance with the Privacy Shield Principles.

2. Complaints and Data Protection Contact

If you have any questions, comments, or concerns about this Privacy Notice or our information practices, please email us at privacy@netsurion.com.

If you don’t receive adequate resolution of a privacy-related problem, you may write to our Chief Information Security Officer at:

Chief Information Security Officer
Netsurion LLC
514 North East 13th Street
Fort Lauderdale, FL 33304
USA

For EU Individuals: If a complaint cannot be resolved by any of the mechanisms described above, you also have a right, under certain conditions, to invoke binding arbitration under the Privacy Shield Panel in compliance with the EU-US Privacy Shield. If you want to initiate this arbitration procedure, you are required to first formally notify us of your intention to do so by writing to privacy@netsurion.com. Please remember to include a summary of the steps you have already taken to resolve your complaint and a description of the alleged violation.

Specifically, if you are a European Union individual and a complaint cannot be resolved through Netsurion’s internal process, we have further committed to refer such complaints, under the EU-US Privacy Shield Principles to utilize JAMS as an alternative dispute resolution provider. Information regarding JAMS and the process for initiating a claim can be found at https://www.jamsadr.com/eu-us-privacy-shield.

3. Collection of Personal Information

Personal Identification Information
We may collect Personal Identification Information (“PII”) from Users in a variety of ways, including, but not limited to, when Users visit our Site(s), register on the Site(s), fill out a form, and in connection with other activities, services, features or resources we make available on our Site(s). Users may be asked for, as appropriate, name, email address, mailing address, phone number. Users may, however, visit our Site(s) anonymously. We will collect PII from Users only if they voluntarily submit such information to us. Users can always refuse to supply PII, except that it may prevent them from engaging in certain Site related activities.

Data Integrity and Purpose Limitation
Netsurion will use Personal Information only for the purpose of or in ways compatible with the purposes for which it was collected.

Accountability for Forward Transfer
To transfer personal data to a third-party acting as an agent, Netsurion will: (i) transfer such data only for limited and specified purposes; (ii) ascertain that the agent is obligated to provide at least the same level of privacy protection as is required by the Principles; (iii) take reasonable and appropriate steps to ensure that the agent effectively processes the personal information transferred in a manner consistent with the organization’s obligations under the Principles; (iv) require the agent to notify the organization if it makes a determination that it can no longer meet its obligation to provide the same level of protection as is required by the Principles; (v) upon notice, including under (iv), take reasonable and appropriate steps to stop and remediate unauthorized processing; and (vi) provide a summary or a representative copy of the relevant privacy provisions of its contract with that agent to the Department upon request.

Communications with Netsurion
If you communicate or correspond with us by email, through postal mail, via phone or through other forms of communication, we may collect the information you provide as part of those communications. For example, if you correspond with us through email, we may collect and store the email address you use to send the applicable correspondence and use it to respond to your inquiry; notify you of our services; or to keep a record of your complaint, accommodation request, or similar purposes.

4. Information We Automatically Collect from You

Non-Personal Identification Information
We may collect Non-Personal Identification Information (“NPII”) about Users whenever they interact with our Site(s). Netsurion may automatically collect information about you when you use the Site(s) or our services. For example, if you access the Site(s) through a computer, we will automatically collect information such as your browser type and version, computer and connection information, IP address and standard web log information. If you access the Site(s) through a mobile device, we may also be able to identify the location of your mobile device. You may choose not to share your location details with us by adjusting your mobile device’s location services settings. For instructions on changing the relevant settings, please contact your service provider or device manufacturer. This information that we automatically collect from you is used to enhance the performance of Netsurion’s website.

Cookies
We may automatically collect information from you when you use the Sites using “Cookies” and other similar technologies, such as web beacons. Cookies are small amounts of data that are stored within your computer’s Internet browser and that are accessed and recorded by the websites that you visit so that they can recognize the same browser navigating online at a later time. The Cookies are not able to execute code or access other information stored on the computer. Web beacons are transparent pixel images that are used in collecting information about website usage, email response and tracking.

Information that may be collected by Cookies when you use the Sites may include, without limitation:

the pages you visit within the Sites;
the date and time of your visit to the Sites;
the amount of time you spend using the Sites;
the Internet Protocol (IP) address used to connect your computer to the Internet; and/or
your computer and connection information such as your browser type and version, operating system and platform.

This information is collected to enhance the site performance and end user experience. You can set your browser to reject Cookies or to notify you when you are sent a Cookie. To learn more about your ability to manage Cookies and web beacons, please consult the privacy features in your browser. To personalize User experience, Netsurion may: (1) use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site; and/or (2) send periodic emails. Netsurion may use your email address to respond to their inquiries, questions, and/or other requests. If User decides to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email.

Netsurion will not associate identifiers from Cookies or similar technologies with sensitive identifiers about you, such as race, religion, sexual orientation or health.

5. Information Collected by Third Parties via Third-Party Links and Content

The Sites may include links to other websites and other content from third-party businesses and can offer direct interaction with external websites, networks or platforms that are outside Netsurion’s control. These third-party businesses may use Cookies, web beacons or other similar technology to collect information about you. Netsurion does not have access to, or control over, these third parties or the Cookies, web beacons or other technology that these third parties may use. Netsurion is not responsible for the security, privacy of the information collected by these third parties or the privacy practices of these third parties or the content on any third-party website. You are encouraged to review the privacy policies of the different websites you visit and of the advertisers whose ads you may choose to click while on our Sites (see Section 5 below for additional information about Online Advertising)

Information Collected by Third-Party Analytics Services
We may work with third-party analytics services to help us understand how the Site(s) are being used, such as tracking the frequency and duration of use of the Site(s). We may use Google Analytics, web analytics services provided by Google (“Analytics Tools”) to collect information about your use of the Site(s). These Analytics Tools may use Cookies to collect information about the content you view, what websites you visit immediately prior to and after visiting the Site(s), and your system information and geographic information. The information generated by these Cookies about your use of the Site(s) will be transmitted to and stored by the applicable analytics services. The information collected by these analytics services allows us to analyze your use of the Site(s). The Analytics Tools may also transfer this information to third parties where required to do so by law, or where such third parties process the information on their behalf. You may refuse the use of Cookies by selecting the appropriate settings on your browser, however, please note that if you do this you may not be able to use the full functionality of the Site(s). At that moment you should discontinue use of the Site(s) and withdraw your consent for the processing of personal information, Netsurion will not be able to access the personal information processed by third-party analytics. By using the Site(s), you consent to the processing of data about you by Google Analytics Tools in the manner and for the purposes set out above. You can opt-out of Google Analytics by installing Google’s opt-out browser add-on, and out of interest-based Google ads using Google’s Ads Settings.

Information You Share or Post on Third-Party Websites or through Social Media Services
The Site(s) may include links to third-party websites and social media services where you will be able to post comments, stories, reviews or other information outside of Netsurion’s control. Your use of these third-party websites and social media services may result in the collection or sharing of information about you by these third-party websites and social media services. Netsurion is not responsible for the security or privacy of any information collected by other websites or other services. Information collected by third parties is governed by their privacy practices. We encourage you to review the privacy policies and settings on the third-party websites and social media services with which you interact to make sure you understand the information that may be collected, used, and shared by those third-party websites and social media services. If you post information on public areas of the Site(s), that information may be collected and used by Netsurion, other users of the Site(s), and the public generally. It is possible that your posting may result in unsolicited messages from third parties. We strongly recommend that you do not post any information on the public areas of the Site(s) that allows strangers to identify or locate you or that you otherwise do not want to share with the public.

6. Online Advertising; Tracking

Netsurion and third-party businesses may use the information collected through the Site(s) using Cookies, web beacons, and other similar technologies to help manage online advertising programs. This information may enable Netsurion and our third-party advertising services and other third-party businesses to track the actions of users online over time and across different websites or platforms to measure statistics relating to marketing efforts, and to deliver electronic advertisements that may be more relevant to individual consumers and that will improve the consumer experience. Some third-party businesses may provide a mechanism to opt-out of their technology.

7. Use, Sharing and Retention of Personal Information

How We Use Your Information
Netsurion may collect and use Users personal information for the following purposes:

To improve customer service – the information you provide helps us respond to your customer service requests and support needs more efficiently.
To personalize user experience -- we may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site(s).
To send periodic emails -- we may use the email address to respond to their inquiries, questions, and/or other requests. If Users decide to opt-in to our mailing list, they will receive emails that may include company news, updates, related product or service information, etc. If at any time the User would like to unsubscribe from receiving future emails, we include detailed unsubscribe instructions at the bottom of each email.
Netsurion also uses your information, as permitted by law, to provide you with information about Netsurion, our products and services or other products and services in which we believe you may be interested. If you are a registered User, we may email you about products and services that we believe may be of interest to you. If you wish to opt-out of receiving these emails from us, please follow the instructions contained in an applicable email you receive from us, which will allow you to opt-out of receiving these types of email communications from us.

How We Share Your Information with Third Parties
Except as set forth in this Privacy Notice or when specifically agreed to by you, we will not disclose personal information we gather from you to third parties unless Netsurion is required to share this information to complete your request or for legitimate business purposes. Netsurion shares personal information in the following circumstances:

Netsurion does not sell, trade, or rent Users PII to others. We may share generic aggregated demographic information not linked to any PII regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above. We may use third-party service providers to help us operate our business and the Site(s) or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.

Third-Party Service Providers. Users may find advertising or other content on our Site(s) that link to the sites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these sites and are not responsible for the practices employed by websites linked to or from our Site(s). In addition, these sites or services, including their content and links, may be constantly changing. These sites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our Site(s), is subject to that website’s own terms and policies.

Board Members. Netsurion may share your information with our affiliates, subsidiaries and Netsurion volunteers and board members for purposes of conducting Netsurion’s internal business operations. Netsurion also makes publicly available the names, titles, country and business affiliations of officers, committee members and others who have assisted with initiatives or projects.

Response to Subpoenas, Court Orders, Government Requests or to Protect Rights and to Comply with Our Policies. To the extent permitted by law, we will disclose your information to government authorities or third parties if: (a) required to do so by law or regulation, or in response to a subpoena or court order or any other enforceable governmental request or order; (b) we believe in our sole discretion that disclosure is reasonably necessary to protect against fraud, to protect the property or other rights of us or other users, third parties or the public at large; or (c) we believe that you have abused the Site(s) by using them to attack other systems or to gain unauthorized access to any other system, to engage in spamming or otherwise to violate applicable laws. You should be aware that, following disclosure to any third-party, your information may be accessible by others to the extent permitted or required by applicable law.

Business Transfers; Bankruptcy. In the event of a merger, acquisition, bankruptcy or other sale of all or a portion of our assets, any user information owned or controlled by us may be one of the assets transferred to third parties. Unless you are residing in the European Economic Area, we reserve the right, as part of this type of transaction, to transfer or assign your information and other information we have collected from users to third parties. Netsurion will still ensure the confidentiality and security of any user information. Other than to the extent ordered by a bankruptcy or other court, the use and disclosure of all transferred user information will be subject to this Privacy Notice.

Aggregate Information. We may share your information with affiliated or unaffiliated third parties on an anonymous, aggregate basis. While this information will not identify you personally, in some instances these third parties may be able to combine this aggregate information with other data they have about you, or that they receive from third parties, in a manner that allows them to identify you personally.

Where we do share your personal data with third parties, Netsurion takes steps to ensure that they use appropriate safeguards to protect your personal data.

Information for Individuals Located in the European Union
Legal Basis for The Processing of Personal Information from EEA Residents:

If you reside within the European Economic Area (EEA), our processing of your personal information will be legitimized as follows:

(i) Whenever we require your consent for the processing of your personal information such processing will be justified pursuant to Article 6(1) lit. (a) of the General Data Protection Regulation (EU) 2016/679 (“GDPR”). This article in the GDPR describes when processing can be done lawfully.

(ii) If the processing of your personal data is necessary for the performance of a contract between you and Netsurion or for taking any pre-contractual steps upon your request, such processing will be based on GDPR Article 6(1) lit. (b).”). If this data is not processed, Netsurion will not be able to execute the contract with you.

(iii) Where the processing is necessary for us to comply with a legal obligation, we will process your information on basis of GDPR Article 6(1) lit. (c), for example complying in the fields of employment law.

(iv) And where the processing is necessary for the purposes of Netsurion’s legitimate interests, such processing will be made in accordance with GDPR Article 6(1) lit. (f), for example to detect fraud.

Transferring Personal Data from the EU to the US
Netsurion has its headquarters in the United States. Information we collect from you will be processed in the United States. The United States has not sought, nor received, a finding of “adequacy” from the European Union under Article 45 of the GDPR. A finding of “adequacy”, in short, means that the European Commission has decided that this country outside the EEA ensures an adequate level of data protection. Netsurion relies on derogations as set forth in Article 49 of the GDPR as the United States has no “adequacy” decision and no other safeguards under the GDPR are in place (for example, binding corporate rules on the transfer outside the EEA). In particular, Netsurion collects and transfers to the U.S. personal data only: with your explicit consent; to perform a contract with you; in a manner that does not outweigh your rights and freedoms. If this data is not processed and transferred, Netsurion will not be able to execute the contract with you or you will not have access to any or all of the benefits and features associated with your transaction. Netsurion endeavors to apply reasonable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Netsurion and the practices described in this Privacy Notice. Netsurion also minimizes the risk to your rights and freedoms by not collecting or storing sensitive information about you.

European Union Data Subject Rights
The European Union’s General Data Protection Regulation and other countries’ privacy laws provide certain rights for data subjects (these are persons that can be identified). This Privacy Notice is intended to provide you with information about what personal data Netsurion collects about you and how it is used. If you wish to confirm that Netsurion is processing your personal data, or to have access to the personal data Netsurion may have about you, or have other questions, please contact us via the information provided in Section 1, above.

You have a right to correct (rectify) the record of your personal data maintained by Netsurion if it is inaccurate. You may request that Netsurion erase that data or cease processing it, subject to certain exceptions. You may also ask Netsurion for your personal data to be supplemented or updated, or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons. You may withdraw your consent for the processing of personal data or the further processing of personal data by Netsurion at any time. You may also request that Netsurion cease using your data for direct marketing purposes. In many countries (including EEA countries), you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Netsurion processes your personal data. When technically feasible, Netsurion will—at your request—provide your personal data to you or transmit it directly to another controller. You have the right to receive your personal information in a structured and standard format.

In cases of onward transfer to third parties of Personal Data received pursuant to the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield, Netsurion is potentially liable.

8. Security of Your Information

Netsurion uses reasonable physical, technical and administrative measures to safeguard personal information you provide through the Site(s) or in connection with Netsurion’s products and services hosted by Netsurion. Please be aware that no data transmission or storage over the Internet can be guaranteed to be 100% secure. As a result, Netsurion cannot guarantee or warrant the security of any information you transmit on or through the Sites and you do so at your own risk.

9. Data Storage and Retention

Your personal data is stored by Netsurion on its servers, and on the servers of the database management services Netsurion engages, located in the United States. Netsurion retains data for the duration of the customer’s or member’s business relationship with Netsurion and otherwise as required under applicable law. Personal data will be kept for no longer than is necessary for the purposes for which your personal data are processed. We will retain your personal data as long as you require Netsurion’s services so that we can provide these services to you.

If you are located in the European Economic Area, at the moment, you can withdraw your consent for the processing of your personal information, all your personal data received and stored are erased if no longer needed by us. Unless we are required to retain this personal data by law or to comply with our regulatory obligations. In such a case, we will only keep this personal data for as long as necessary.

10. Children

Netsurion is a software and managed service provider and the Site(s) are not directed to children under the age of 13. Netsurion does not knowingly collect personally identifiable data from persons under the age of 13 of COPPA (The Children’s Online Privacy Protection Act). If you are a parent of a child under 13, and you believe that your child has provided us with information about him or herself, please contact us at via the information provided in Section 1.

11. Modifications to this Privacy Notice

From time to time, Netsurion may need to update or modify this Privacy Notice, to reflect changes in our business practices, data collection practices or organization. We reserve the right to amend this Privacy Notice at any time, for any reason, without notice to you, other than the posting of the amended Privacy Notice on the Site(s). It is strongly recommended to check the Site(s) often, referring to the date of the last modification listed at the top. We will in any case not reduce your rights under this Privacy Notice without your explicit and informed consent. If you do not agree to the changes, you should discontinue your use of the Site(s) or services, and cease providing personal information to Netsurion, prior to the time the modified Privacy Notice takes effect. If you continue using the Site(s) or provide personal information after the modified Privacy Notice takes effect, you will be bound by the modified Privacy Notice. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

Last Updated: February 13, 2019