Wombat Security participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-US Privacy Shield Framework. Wombat Security is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List. https://www.privacyshield.gov/list
Wombat Security is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Wombat Security complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Wombat Security Technologies, Inc is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Wombat Security may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
Information Collected by Us on the Sites
The Website includes forms you can fill out to request information, download or view content, or try our products. These forms request information such as your name, contact information, and information about your employer. We will use this information to provide the information requested and to send you information about our products and services. Please contact us at email@example.com if you no longer wish to receive information from us.
b) COMMUNITY PORTAL
All information posted to a discussion in the Community are viewable to all Wombat Security customers and employees. If there is sensitive information you do not want shared with all Wombat Security customers, please create a support ticket by emailing firstname.lastname@example.org to ensure privacy of your information. Information posted to a group is viewable by members of that group if it is a “Private Group”, and by all Wombat Security customers if it is a public group. Group members can change at anytime depending on the administrator of the group.
Wombat Security protects the identity of its customers by only allowing customers to view contact information of other administrators and persons involved in the procurement of the software at their company’s account in Wombat’s Salesforce CRM. This information does NOT include information about or grant access to end users or employees of a Wombat Security customer that are uploaded into the Security Education Platform for assessment and educational purposes.
Nicknames, which are viewable to all Wombat Security customers and part of your Community profile, have been randomized by default to protect the identity of Wombat Security’s customers and are the only piece of information viewable about yourself in the Community. Your company name is not shared with the Community. All other personally information such as email address, names, and phone numbers can optionally be provided to other Wombat Security customers by going to “My Settings” in the Community. When this information’s Profile Visibility is set by you to either “Members” or “Public”, IT IS VIEWABLE TO ALL WOMBAT SECURITY CUSTOMERS.
Cookies and Tracking Technologies
- More information on "Incognito" mode and cookie setting in Google Chrome
- More information on “Inprivate” and cookie setting in IE
- More information on “Private Browsing" and cookie setting in FireFox
- More information on "Private Browsing" and cookies setting in Safari
Please note that if you wish to turn off the cookies in your web browser, you might not be able to take advantage of many features of our service.
As is true of most websites, we gather certain information automatically. This information may include Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
Website and Community Portal Tracking Metrics
- The privacy statement from the Google Analytics Terms of Service applies only to information collected for use by Google Analytics and is located here: https://support.google.com/analytics/answer/6004245?hl=en
As noted below, we are not responsible for the privacy practices of any other websites.
Use of Personal Information
We use the information you provide us to perform the services for which such data was collected. For example, if you sign up for an email newsletter, we will send the email newsletter to the address you provide us. Wombat Security may use your personal information for a number of purposes including but not limited to the following:
- For "service administration purposes", which means that Wombat Security may contact you for reasons related to the service you have signed up for (e.g. to provide you with password reminders or to notify you that a particular service has been suspended for maintenance).
- To contact you about a submission, discussion, support ticket, or other content you have posted to our Website or Community Portal, including any content you provide.
- To issue invoices, administer accounts, collect and process payments.
- To send you e-mails, e-newsletters, personalized offers via direct messaging or other communications about our products and services.
- To send you information about our and our affiliates' and business partners' products and services and other information and materials that may be of interest to you.
- To manage and administer sweepstakes, contests, or similar promotions.
- To identify the number of visits (including via IP address logging) from different locations and also to block disruptive use.
- To analyze and improve the services offered by Wombat Security Technologies.
- To stop disruptive or abusive behavior by our users (e.g. the posting or transmission of offensive, inappropriate or objectionable content on or to Wombat Security Technologies).
- • On rare occasions, to disclose specific information upon governmental request, in response to lawful requests by public authorities, including to meet national security or law enforcement requirements, a court order, when required by law, to enforce our website policies, or to protect our or others' rights, property, or safety. We may also share information with companies assisting in fraud protection or investigation. We do not provide information to these agencies or companies for their marketing or commercial purposes.
In the event Wombat Security Technologies goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, your personally identifiable information will likely be among the assets transferred. You will be notified via email of any such change in ownership or control of your personal information.
We may post customer testimonials/comments/reviews on our website which may contain personally identifiable information. We obtain the customer's consent via email to post their name prior to posting the testimonial. If you want your testimonial removed please contact us at email@example.com.
Sharing with Third Parties
Information about our customers is an important part of our business, and we use it responsibly. We do not share, sell, rent or otherwise disclose personal information collected by our forms such as email addresses, company information, or names to third parties for their promotional purposes. Information sent to third parties may include browsing data used for third party promotional or tracking purposes.
We do employ or partner with other companies and individuals to perform functions on our behalf. Examples include processing credit card payments, shipping, web analytics, surveys and providing marketing assistance to us. These agents/service providers have access to personal information needed to perform their functions, but may not use it for other purposes. We also release personal information when we believe release is appropriate to comply with law or protect the rights, property, or safety of Wombat Security Technologies, its users, or others.
Links to Other Sites
This website contains links to other sites that are not owned or controlled by Wombat Security Technologies. Please be aware that we, Wombat Security Technologies, are not responsible for the privacy practices of such other sites. We encourage you to be aware when you leave our website and to read the privacy statements of each and every website that collects personally identifiable information. This privacy statement applies only to information collected by these sites.
Choice, Access, and Correction of Information
As discussed above, you can always choose not to provide certain information, however such information may be required to take advantage of our service features and functions.
Our Sites also generally provide you with the opportunity to choose not to receive communications from us and our partners. You have the following options for changing and modifying certain information previously provided or removing certain information from our database.
Email Communication: To unsubscribe from an email, please follow the instructions in the email you receive or send an email to firstname.lastname@example.org.
Upon request, Wombat Security will provide you with information about whether we hold any of your personal information. If you wish to access, correct or cancel your account or request that we no longer use your information to provide you services contact us at email@example.com. We will respond to your request within a reasonable timeframe.
We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.
Please note, if you have unsubscribed from any Wombat Security Technologies communications, due to production schedules, you may receive communications already in production.
The security of your personal information is important to us. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. If you have any questions about the security of your personal information, you can contact us at firstname.lastname@example.org.
Security Education Platform PII
Our Security Education Platform uses the following Personally Identifiable Information (“PII”) residing in our production environment:
- Customer email addresses (optional)
- Customer first and last name (optional)
- Mobile phone number (optional)
- Other information supplied by customer (optional)
Wombat Security minimizes the use, collection, and retention of PII to what is strictly necessary to accomplish our business purpose and mission. Customer email addresses are collected to administer training assignments and to conduct assessments within the customer’s employee base. The email addresses are uploaded by the customer acting as administrator of the training and assessments.
For our Managed Services offerings, customers provide the data to Wombat Security via encrypted emails with Wombat certificates. Alternatively and upon request, Wombat Security creates a sftp server for customers to upload files.
Wombat Security limits access to PII to customers with administrative roles in managing their training and assessments activities. These administrators have independent access to their employee’s email addresses.
Wombat Security collects information under the direction of its customers, and has no direct relationship with the individuals whose personal data it processes. If you are an employee or contractor of one of our customers and would no longer like to be contacted by one of our customers that use our service, please contact the customer that you are employed by directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our customers.
Wombat Security acknowledges that you have the right to access your personal information. Wombat Security has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his/her query to Wombat Security’s customer (the data controller). If requested to remove data by its customer, we will respond within a reasonable timeframe.
We will retain personal data we process on behalf of our customers for as long as needed to provide services to our customers. Wombat Security will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Commitment to Children's Privacy
To protect children's personal information and to meet the standards of the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect any personal information from children under the age of 13. The website and service is a general audience service for users 18 and older and is not geared toward children. If you are under the age of 18, you should not use this service or website and should not submit any personal information to us.
Your California Privacy Rights
Under California’s "Shine the Light" law, California residents who provide personal information in obtaining products or services for personal, family or household use are entitled to request and obtain from us, once per calendar year, information about the customer information we shared, if any, with other businesses for their own direct marketing uses. If applicable, this information would include the categories of customer information and the names and addresses of those businesses with which we shared customer information for the immediately prior calendar year (e.g. requests made in 2014 will receive information regarding 2013 sharing activities). To obtain this information from us, please send an email message to email@example.com with "Request for California Privacy Information" on the subject line and in the body of your message. We will provide the requested information to you at your e-mail address in response. Not all information sharing is covered by the "Shine the Light" requirements and only information on covered sharing (if any) will be included in our response.
Our website does not respond to “do not track” requests.
Last updated: May 09, 2017