Privacy Policy
Last Updated: 04/06/18
Kolide, Inc. (“Kolide”, “we” or “us”) have prepared this privacy policy to describe to you our privacy practices regarding the Personal Information we collect from users of our website, located at kolide.com (the “Site” and the Kolide’s products and services, including, but not limited to, Kolide Cloud and other products and services offered via the Site (the “Services”). Capitalized terms not defined herein shall have the meaning ascribed to them in the master subscription agreement between Kolide and the applicable enterprise customer (“Customer”) through whom you use the Services as a Permitted User (the “MSA”).

Information Collection

Information You Provide to Us

  • We may collect personal information from you, such as your first and last name, email and mailing addresses, professional title, company name, and password when you create an account with us (“Account”).
  • We may collect certain information about and from each Customer Device, such as hostname, IP address, serial number, make, model. You and/or the applicable Customer or Authorized Users may install the Integration Tech on your Customer Device.
  • We also separately collect our Customer Device location. For example, we may collect nearby Wi-Fi access points from a network card and share it with Google's location services to discover your location. We may be able to combine this information with the name of the primary user of such Customer Device. As a result, the applicable Customer or Authorized Users may be able to track your location. The applicable Customer can deactivate this feature can opt-out in Kolide’s Security and Privacy settings pane https://kolide.com/app/settings/general/security.
  • When connecting to our Services via a service provider that uniquely identifies your Customer Device, we may receive this identification and use it to offer extended services and/or functionality.
  • Certain Services may require our collection of your phone number. We may associate that phone number to your Customer Device identification information.
  • When you order Services, we will collect all information necessary to complete the transaction, including your name, credit card information and billing information. We do not store this information directly on our servers, but this information may be shared with third parties who help process and fulfill your purchases.
  • We retain information on your behalf, such as files and messages that you store using your Account.
  • If you provide us feedback or contact us via e-mail, we will collect your name and e-mail address, as well as any other content included in the email, in order to send you a reply.
  • When you post content (text, images, photographs, messages, comments or any other kind of content that is not your email address) on the Site or through the Services, the information contained in your posting will be stored in our servers and other users may be able to see it.
  • When you participate in one of our surveys, we may collect additional personal information.
  • We also collect other types of personal information that you provide to us voluntarily, such as your operating system and version, product registration number, and other requested information if you contact us via email regarding support for the Services.
  • We may also collect personal information, such as at other points in our Site or Services that state that personal information is being collected.

Cookies

Like many online services, we use Cookies to collect information. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing the website. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Services. This type of information is collected to make the Site more useful to you and to tailor the experience with us to meet your special interests and needs. We use two broad categories of Cookies: (1) first party Cookies, served directly by us to your computer or mobile device, which are used only by us to recognize your computer or mobile device when it uses the Services; and (2) third party Cookies, which are served by service providers on our Services, and can be used by such service providers to recognize your computer or mobile device when it visits other websites.

Our Services use the following types of Cookies for the purposes set out below:

Type of CookiesPurpose
Essential CookiesThese Cookies are essential to provide you with services available through our Services and to enable you to use some of its features. For example, they allow you to log in to secure areas of our Services and help the content of the pages you request load quickly. Without these Cookies, the services that you have asked for cannot be provided, and we only use these Cookies to provide you with those services.
Functionality CookiesThese Cookies allow our Services to remember choices you make when you use our Services, remembering your login details and remembering the changes you make to other parts of our Site/Application(s)/Service which you can customize. The purpose of these Cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our Services.
Analytics and Performance CookiesThese Cookies are used to collect information about traffic to our Services and how users use our Services. The information gathered does not identify any individual visitor. The information is aggregated and anonymous. It includes the number of visitors to our Services, the websites that referred them to our Services, the pages they visited on our Services, what time of day they visited our Services, whether they have visited our Services before, and other similar information. We use this information to help operate our Services more efficiently, to gather broad demographic information and to monitor the level of activity on our Site/Application(s)/Services.

We use Google Analytics and other third party analytics services for this purpose. Google Analytics uses its own Cookies. It is only used to improve how our Services works.

Information Collected via Technology

  • Information Collected by Our Servers. To make our Site and Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.
  • Log Files. To make our Site and Services more useful to you, our servers (which may be hosted by a third party service provider) collect information from you, including your browser type, operating system, Internet Protocol (“IP”) address (a number that is automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp for your visit.
  • How We Respond to Do Not Track Signals. We do not currently respond to “do not track” signals or other mechanisms that might enable consumers to opt out of tracking on our Services.
  • Mobile Services. We may also collect non-personal information from your Customer Device. This information helps us provide and improve the Services. Examples of information that may be collected and used include your geographic location, how you use the Services, and information about the type of Customer Device you use.
  • Analytics Services and Interest-Based Advertising. In addition to the tracking technologies we place, other companies may set their own Cookies or similar tools when you use our Services. This includes third party analytics services, including but not limited to Google Analytics (“Analytics Services”), that we engage to help analyze how users use the Services, as well as third parties that deliver content or offers. We may receive reports based on these parties’ use of these tools on an individual or aggregate basis. We use the information we get from Analytics Services only to improve our Services. The information generated by the Cookies or other technologies about your use of our Site and Services (the “Analytics Information”) is transmitted to the Analytics Services. The Analytics Services use Analytics Information to compile reports on user activity. The Analytics Services may also transfer information to third parties where required to do so by law, or where such third parties process Analytics Information on their behalf. Each Analytics Services’ ability to use and share Analytics Information is restricted by such Analytics Services’ Terms of Use and Privacy Policy. By using our Site and Services, you consent to the processing of data about you by Analytics Services in the manner and for the purposes set out above. For a full list of Analytics Services, please contact us at privacy@kolide.co.

Information Collected from You About Others

If you decide to designate Permitted Users in connection with your use of the Services, we will collect from each Permitted User the following information: first and last name, email address, job title, phone number, and password. We rely on you to obtain all necessary rights, permissions, consents and approvals from Permitted Users to enable our collection, use, processing and disclosure of such information as set forth herein and in the MSA.

Why Do We Need Your Personal Information

We will only process your personal information in accordance with applicable data protection and privacy laws. We need certain personal information in order to provide you with access to the Services. If you do not agree to our use of your personal information in line with this Privacy Policy, please do not use our Services.

Use of Your Personal Information

General Use

In general, personal information you submit to us is used either to respond to requests that you make, or to aid us in serving you better. We use your personal information in the following ways:
  • facilitate the creation of and secure your Account;
  • identify you as a user in our system;
  • provide improved administration of our Site and Services;
  • provide the Services you request;
  • improve the quality of experience when you interact with our Site and Services;
  • send you a welcome email to verify ownership of the e-mail address provided when your Account was created;
  • send you administrative e-mail notifications, such as security, or support and maintenance advisories;
  • respond to your inquiries related to employment opportunities or other requests; and
  • make telephone calls to you, from time to time, as a part of secondary fraud protection or to solicit your feedback.
User Testimonials and Feedback. We often receive testimonials, comments and feedback from users who have had positive experiences with our Services. We may share your content with your first name and last initial only.

Creation of Anonymous Information. We may create anonymous information records from personal information by excluding information (such as your name) that makes the data personally identifiable to you. We reserve the right to use anonymous information and aggregated and other de-identified information for any purpose and disclose anonymous information to third parties in our sole discretion.

Disclosure of Your Personal Information

We disclose your personal information as described below and as described elsewhere in this Privacy Policy.

Third Parties Designated by You. When you use the Services, the personal information you provide will be shared with the third parties that you designate to receive such information, including other websites, your friends, relatives, employer, employees and business associates. Depending on the type of access you grant to such third parties, they may also be permitted to edit the information you have provided to us and to designate others to access and edit such information. You may change your settings at any time as to who has access to your information by going to your Account settings and changing your publishing options.

Users. We may share certain of your personal information with other users solely for the purpose of providing the Services.

Third Party Service Providers. We may share your personal information with third party service providers to: provide you with the Services; to conduct quality assurance testing; to facilitate creation of Accounts; to provide technical support; and/or to provide other services to Kolide. Without limiting the foregoing, certain Services require that Kolide make available certain of your personal information to third parties to be processed by such third parties. You (or the applicable Customer or Administrative Users) may be able to opt out of the sharing of personal information to certain such third parties via your Account.

Payment Processing Information. For online payments and/or Automated Clearing House (ACH) payouts, we use the payment services of Stripe. We do not process, record or maintain your credit card or bank account information or other related information necessary to process payments. For more information on how payments are handled, or to understand the data security and privacy afforded such information, please see https://stripe.com/us/privacy.

Affiliates. We may share some or all of your personal information our parent company, subsidiaries, joint ventures, or other companies under a common control.

Customers. We may share all or a portion of your personal information with Customers.

Corporate Restructuring. We may share some or all of your personal information in connection with or during negotiation of any merger, financing, acquisition or dissolution, transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, personal information may also be transferred as a business asset. If another company acquires our company, business, or assets, that company will possess the personal information collected by us and will assume the rights and obligations regarding your personal information as described in this Privacy Policy.

Other Disclosures. Regardless of any choices you make regarding your personal information (as described below), we may disclose personal information if it believes in good faith that such disclosure is necessary (a) in connection with any legal investigation; (b) to comply with relevant laws or to respond to subpoenas or warrants served on Kolide; (c) to protect or defend the rights or property of Kolide or users of the Site or Services; and/or (d) to investigate or assist in preventing any violation or potential violation of the law, this Privacy Policy, or the MSA.

Information Disclosed to Third Parties. This Privacy Policy addresses only our use and disclosure of information we collect from and/or about you on the Services. If you disclose information to others, or authorize us to do the same under this Privacy Policy, the use and disclosure restrictions contained in this Privacy Policy will not apply to any third party (such as a Customer, Administrative Users or other users). We do not control the privacy policies of such third parties, and you are subject to the privacy policies of those third parties where applicable.

Customers and Administrators

We may receive personal or anonymous information about you from Customers, such as first and last name, photo, email address, phone numbers, job title, and department. We may add this information to the information we have already collected from you in order to provide and improve the Services.

Information we collect from you may be shared with Customers and Administrative Users. Such Administrative Users may also be able to modify certain or your Account settings.

Security

The protection of personal information is a top priority for us so we will maintain administrative, physical, and technical safeguards designed to protect personal information at a level not materially less protective than as described in our Security Practices Page. Those safeguards will include measures designed to prevent unauthorized access, use, modification, deletion and disclosure of personal information. You can view these safeguards and practices at https://kolide.com/security

Third Party Websites

Our Services may contain links to third party websites. When you click on a link to any other website or location, you will leave our Services and go to another site and another entity may collect personal or anonymous information from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Policy do not apply to these outside websites or content, or to any collection of your personal information after you click on links to such outside websites. We encourage you to read the privacy policies of every website you visit. The links to third party websites or locations are for your convenience and do not signify our endorsement of such third parties or their products, content or websites.

Your Rights and Choices Regarding Your Information

You have several choices regarding use of information on our Services:

Email Communications. We will periodically send you direct marketing communications. When you receive such communications, you may “opt-out” of such communications by following the unsubscribe instructions provided in the email you receive or by contacting us directly at the e-mail address set forth below. Despite your indicated email preferences, we may send you service related communications, including notices of any updates to the MSA or Privacy Policy.

Cookies. If you decide at any time that you no longer wish to accept Cookies from our Services for any of the purposes described above, then you can instruct your browser, by changing its settings, to stop accepting Cookies or to prompt you before accepting a Cookie from the websites you visit. Consult your browser’s technical information. If you do not accept Cookies, however, you may not be able to use all portions of the Services or all functionality of the Services.

Access. You may access the personal information we hold about you at any time via your Account or by contacting us at the e-mail address set forth below.

Amend. You can also contact us at the e-mail address set forth below to update or correct any inaccuracies in your personal information.

Move. Your personal information is portable – i.e. you to have the flexibility to move your personal information to other service providers as you wish.

Erase and forget. In certain situations, for example when the personal information we hold about you is no longer relevant or is incorrect, you can request that we erase your personal information.

Updates

You have several choices regarding use of information on our Services:

This Privacy Policy is subject to occasional revision, and if we make any material changes in the way we use your personal information, we will notify you by sending you an email to the last e-mail address you provided to us and/or by prominently posting notice of the changes on our Site. Any changes to this Privacy Policy will be effective upon the earlier of thirty (30) calendar days following our dispatch of an e-mail notice to you or thirty (30) calendar days following our posting of notice of the changes on our Site. These changes will be effective immediately for new users of our Services. Please note that at all times you are responsible for updating your personal information to provide us with your most current email address. In the event that the last e-mail address that you have provided us is not valid, or for any reason is not capable of delivering to you the notice described above, our dispatch of the e-mail containing such notice will nonetheless constitute effective notice of the changes described in the notice. If you do not wish to permit changes in our use of your personal information, you must notify us prior to the effective date of the changes that you wish to deactivate your Account with us. Continued use of our Site or Service, following notice of such changes shall indicate your acknowledgement of such changes and agreement to be bound by the terms and conditions of such changes.

Transfer of Personal Information Outside the EEA

Your information, including personal information that we collect from you, may be transferred to, stored at and processed by us and our affiliates and other third parties outside the country in which you reside, including, but not limited to the United States, where data protection and privacy regulations may not offer the same level of protection as in other parts of the world. By using our Services, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your information is treated securely and in accordance with this policy.

Automated Decision-Marking

We do not use your personal information for the purposes of automated decision-making. However, we may do so in order to fulfil obligations imposed by law, in which case we will inform you of any such processing and provide you with an opportunity to object.

Data Retention Periods

We will only retain your personal information as long as reasonably required for you to use the Services and/or to provide you with the Services or until you close your Account unless a longer retention period is required or permitted by law (for example, for regulatory purposes).

A Note About Children

We do not intentionally gather personal information from visitors who are under the age of 13. If a child under 13 submits personal information to Company and we learn that the personal information is the information of a child under 13, we will attempt to delete the information as soon as possible. If you believe that we might have any personal information from a child under 13, please contact us at privacy@kolide.co.

Questions

If you have any questions or concerns or complaints about our Privacy Policy or our data collection or processing practices, or if you want to report any security violations to us, please contact us at the following address or phone number:

    Kolide, Inc
    Attn: Antigoni Sinanis
    100 Dover St Suite 100A, Somerville MA 02144.
Subject to the next paragraph, we ask that you not send us, and you do not disclose, any sensitive personal information (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through our Services or otherwise to us.
If you send or disclose any sensitive personal information to us when you submit user-generated content to our Services, you consent to our processing and use of such sensitive personal information in accordance with this Privacy Policy. If you do not consent to our processing and use of such sensitive personal information, you must not submit such information to our Services.