Privacy Policy
Last Updated: July 31, 2024
Who we are
This Statement of Privacy (“Statement”) relates to Hoplon Infosec LLC of Chicago, IL 60601 and its affiliates (“Hoplon”, “we”, “our”, “us”). Hoplon is committed to protecting your personal information, and this Statement explains how and why we process your personal information.
This Statement governs the data collection, processing, and usage practices of Hoplon on its Website and its services, software, and/or appliances (each, a “Solution”, and collectively, the “Solutions”), and the websites and Solutions of its affiliates and subsidiaries and in the other contexts outlined below. In many cases, Hoplon shares the various categories of personal information identified below with its affiliate and subsidiaries for a variety of purposes (as outlined below).
If you have any questions about this privacy Statement or want to exercise any of your data protection rights as described in this privacy Statement, please contact us at info@hoploninfosec.com. Please note we may update this privacy Statement from time to time.
Your personal information
Data protection law requires us to have a lawful basis to process your personal information. The purposes for which we use your personal information and the lawful basis on which we rely is as follows.
Purpose of processing
Types of Personal Information
Lawful Basis
Account registration
We may process personal information including your name, home and/or work address, company affiliation, telephone number, email, username and password.
Other account information may be collected as well, such as account credentials, demographic data, and payment data.
Necessary for the performance of our contract with you
Necessary for our legitimate interest of providing effective and efficient Solutions
Marketing communications
We may process personal information including your name, email, phone number and address
Necessary for our legitimate interest of promoting our business
Consent (if applicable). If so, you may withdraw your consent at any time by contacting us at info@hoploninfosec.com
Partner Promotion
We may process personal information including your name, email, phone number and address
Necessary for our legitimate interest of promoting our business
Provision of our Solutions
We may process personal information including your name, email, phone number, address, payment details, company name and job title
Necessary for our legitimate interest of providing effective and efficient Solutions
Responding to your enquiries
We may process personal information including your name, email, phone number and enquiry details
Necessary for our legitimate interest of responding to your enquiry
Testimonials
We may process personal information including your name and testimonial
Necessary for our legitimate interest of promoting our business
Surveys or Contests
We may process personal information including your name and opinion
Necessary for our legitimate interests of satisfying our customers and generating more business
Cookies and similar technologies
We may process personal information such as your name, email, IP address and usage data (e.g. number of website visits, pages visited, average time spent, number of clicks, pages referred from the landing page, etc.)
Consent
Use of data analytics to improve our Solutions
We may process personal information including your name, usage data, customer history and company details
Necessary for our legitimate interests of satisfying our customers and generating more business
Trade shows and events
We may process personal information including your name and contact details
Necessary for our legitimate interests of generating more business
Fraud prevention
We may process personal information including your name and customer history
Necessary for our legitimate interests of preventing fraud
Establishment and defense of legal claims
We may process personal information including your name and customer history
Necessary for our legitimate interests of dealing with legal claims
Requests/Support
We may process personal information including your name, e-mail address, company affiliation, telephone number, state, and country, as well as any other content that you send to us, in order to contact you or process your request.
Necessary for the performance of our contract with you
Necessary for our legitimate interest of providing effective and efficient Solutions
Necessary for our legitimate interests of satisfying our customers and generating more business
Device and Usage Information
We may collect information about your computer or device and Internet or other electronic network activity information. This includes:
- Device identifiers, such as IP address, WIFI MAC address and Bluetooth address;
- Geolocation information such as your mobile device’s Global Positioning System (GPS) technology, other technology (such as wireless transmitters known as beacons) and information about your contacts, depending on your device settings;
- Information about your online activity, including information collected through the use of standard Internet technologies, such as cookies, pixels, web beacons, logs and other Internet technologies, as further set forth in our Cookie Statement and your offline activity, including information about your visit to our resorts or properties; and
- Through Google Analytics, information about the use of our Site such as how often you visit our Site, what pages you visit, and what other sites you used prior to visiting our Site (for more information, see the “Web Analytics” section below).
Solution-Specific Information
Purpose of processing
Types of Personal Information
Lawful Basis
Agari Phishing Defense
Email Information
When using Agari Phishing Defense, email information such as “mail from”
header, Friendly From header, “rcpt to”/Email Friendly To header,
subject, and IP addresses are collected.
Additional information may be collected if attachment analysis or Uniform Resource Identifier URI) analysis is enabled, such as attachment filename, URI, attachment metadata, and attachment hash.
Necessary for the performance of our contract with you.
Necessary for our legitimate interest of providing effective and efficient Solutions
Agari DMARC Protection
Email Information
When using Agari DMARC Protection, email information such as Email From and Email To addresses, Email subject, URI, and Sender IP are collected.
Necessary for the performance of our contract with you.
Necessary for our legitimate interest of providing effective and efficient Solutions
Hoplon VM
Company and User information
When using Hoplon VM, company name and address, and user information including username and password is collected.
Necessary for the performance of our contract with you.
Necessary for our legitimate interest of providing effective and efficient Solutions
Scanning Information
When using Hoplon VM, infrastructure information, such as network configuration, IP addresses, scanning configuration settings, asset names, host names, and file share listings, vulnerabilities, and results, including malware findings, are collected. Additional binary information may be collected if Active Threat Scanning Autosubmit is enabled.
Necessary for the performance of our contract with you.
Necessary for our legitimate interest of providing effective and efficient Solutions
Reports
External reports can be uploaded into Hoplon VM, these include information such as usernames, passwords, phishing results, physical site reviews, domain services reports, and vulnerabilities.
Necessary for the performance of our contract with you.
Necessary for our legitimate interest of providing effective and efficient Solutions
PhishLabs Web App
User information
When using PhishLabs, user information including first and last name, email address, and company affiliation is collected.
Necessary for the performance of our contract with you.
Necessary for our legitimate interest of providing effective and efficient Solutions
PhishLabs Suspicious Email Analysis (SEA)
Email Information
When using PhishLabs SEA, email information such as “mail from” header, Friendly From header, “rcpt to”/Email Friendly To header, subject, and IP addresses are collected. Additional information may be collected if attachment analysis or Uniform Resource Identifier URI) analysis is enabled, such as attachment filename, URI, attachment metadata, and attachment hash.
Necessary for the performance of our contract with you.
Necessary for our legitimate interest of providing effective and efficient Solutions
Terranova Security’s Phish Submitter add-on for Gmail use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.
Additionally, we may process your personal information to comply with our legal or regulatory obligations.
In addition to the purposes and uses described above, we may use personal information in the following ways:
- to identify you when you visit our Website
- to provide our Solutions
- to provide access to our Solutions
- to improve our Solutions
- to conduct analytics;
- to verify the accuracy of data that we hold about you
- to manage the security of your information and our network and, more specifically, in relation to any steps we may take to protect your information against loss, damage, theft or unauthorized access or disclosure
- for the prevention of fraud and other criminal activities
- for the establishment and defense of our legal rights
- to respond to inquiries related to support, or other requests and more generally correspond or communicate with you
- to send marketing and promotional materials, including information relating to our Services, sales, or promotions
- for internal administrative purposes, as well as to manage our relationships
- for other purposes that are not incompatible with the purposes we have disclosed to you (such as archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes) if and where this is permitted by applicable data protection laws.
Although the sections above describe our primary purpose in collecting and using your personal information, in many situations we have more than one purpose. For example, if you complete an online purchase, we may collect your information to perform our contract with you, but we also collect your information as we have a legitimate interest in maintaining your information after your transaction is complete so that we can quickly and easily respond to any questions about your order. As a result, our collection and processing of your information is based in different contexts upon your consent, our need to perform a contract, our obligations under law, and/or our legitimate interest in conducting our business.
Public Forums and Comment Sections
Our Website offers publicly accessible message boards, blogs, and community forums. Please keep in mind that if you directly disclose personally identifiable information or personally sensitive data through Hoplon public message boards, blogs, or forums, this information may be collected and used by others. Note: Hoplon does not share your private online communications with others.
Who we share your personal information with
We may share your personal information to the following affiliates, subsidiaries, and our business partners:
- Hoplon: we share personal information to Hoplon affiliate and subsidiaries who may assist us in providing certain aspects of our Solutions or, where you use our websites to enquire about a particular Solution, we may share your personal information with the affiliate responsible for providing that particular Solution;
- Business partners: we may partner with other companies to provide you with products and, services. Additionally, we may allow third-party partners to recognize you when you visit a particular website or app, or to recognize you as one of their customers when you visit our websites or apps. We may share your email address with third parties using available security measures that may match it with their own email addresses so that they can send online and email advertisements to you on our behalf. We may also share geolocation information with business partners and service providers to provide information, offers and services that may be of interest to you;
- third party services providers: who provide data processing services to us (for example, to support the delivery of, provide functionality on, or help to enhance the integrity of our websites, hosting elements of our services, conduct surveys, provide technical support and process payments), or who otherwise process personal information for purposes that are described in this Privacy Statement or notified to when we collect your personal information. Such third parties may include information technology providers, CRM providers, marketing agencies, research companies, cloud service providers (such as hosting and email management), data analytics providers, data backup providers, security services providers, advertising agencies and administrative services. In particular, we use Gong and Drift, services that enable it to record, transcribe, analyse and share the contents of its sales communications, including phone calls, video conferences, email and other correspondences, as well as its CRM and customer contact;
- Web Analytics and Other Third-Party Analytics: We use tools to collect information about the use of our websites (e.g., web analytics tools such as Google Analytics collect information such as how often users visit our websites, what pages they visit, when they do so and what other sites they used prior to visiting our websites). The providers of these tools only collect the IP address assigned to you on the date that you visit, rather than your name or other identifying information. The information collected through the use of such tools is not combined with your personal information. We also may use other third-party analytics tools to collect similar information about use of our Solutions. In particular, we partner with provider FullStory who provides analytics to us on how our customers interact with our various Solutions. This tool works by capturing page views, mouse movements and clicks made within those platforms our customers use to interact with our Solutions.
- Social media platforms: We maintain pages on certain social media platforms, such as LinkedIn and Reddit, and may use personal information collected through our website and such pages for personalized advertising. If you choose to participate in social media activities or offerings sponsored by us, we may collect certain information from your social media account consistent with your settings within the social media service.
- Our professional advisors such as our lawyers, accountants and insurers: who provide us with consultancy, banking, legal, insurance and accountancy services but only where we are either legally oblige to share, or have a legitimate interest in sharing, your personal information.
- A competent law enforcement body, government or regulatory agencies (or similar bodies) or court: where we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, (iii) to protect your vital interests or those of any other person, or (iv) to investigate, prevent, or take action regarding possible illegal activities, , safety of person or property, or a violation of our policies; to a potential buyer (and its agents and advisers) in connection with any proposed purchase, merger or acquisition of any part of our business, including at the negotiation stage; to any other person with your consent to the disclosure; and,
- Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them.
Where we store your personal information
Hoplon is a global business. your personal information is subject to the EU GDPR and/or the UK GDPR and we transfer your personal information outside of the EU and/or UK we will only do so in accordance with applicable data protection law.
How long we keep your personal information
We will keep your personal information for as long as your account is active or as needed to provide you with our Solutions, unless we are required to keep it for longer to comply with our legal or regulatory requirements.
If your personal information is no longer needed and there is no legal or regulatory requirement to maintain your personal information, your personal information may be maintained for up to 12 months. If you wish to cancel your account please contact us at info@hoploninfosec.com.
Security
Hoplon has implemented appropriate technical and organizational security measures to help protect your personal information from unauthorized access, use, or disclosure. Hoplon secures the personally identifiable information you provide on computer servers in a controlled, secure environment.
Cookies
We may collect personal information about your devices and their location, and your use across our websites, including through cookies, pixels, web beacons, logs and other Internet technologies.
For detailed information regarding cookies and related data processing activities please refer to our Cookie Statement.
Your data protection rights
EU / UK
If you are located in the EU or UK, you have the following rights under applicable data protection law. However, please note that these rights are only available in certain circumstances. To exercise any of these rights please contact us at info@hoploninfosec.com.
Your Rights
Further Information
Right of rectification
You have the right to have any incomplete or inaccurate personal information corrected.
Right of objection
You have the right to object to us processing your personal information, depending on our lawful basis for processing your personal information. However, you do have the absolute right to object to the processing of your personal information for direct marketing purposes.
Right to withdraw consent
Where we rely on your consent as the lawful basis for processing your personal information, you have the right to withdraw your consent at any time.
Right of restriction
You have the right to limit the way that we use your personal information.
Right of erasure
You have the right to ask us to delete your personal information. Unless there is a reason that the law allows us to use your personal information for longer, we will make reasonable efforts to comply with your request.
Right of access
You have the right to ask us for a copy of the personal information that we hold about you. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
Right of portability
You have the right to ask us to send you your personal information in a structured, commonly used and machine-readable format and the right to ask us to send your personal information directly to another controller.
Rights relating to automated decision making, including profiling
You have the right to contest a decision made about you based purely on automated processing.
Right to complain to a data protection authority
You have the right to complain to a data protection authority. In the UK this is the Information Commissioner’s Office and, in the EU, as set out here-https://www.edpb.europa.eu/about-edpb/aboutedpb/members_en
US
A number of US States afford certain rights to residents of those states with respect to their personal information.
In particular, for residents of California, please see additional information about your rights in the “California Residents – Your California Privacy Rights” section below.
For residents of Nevada, you have the right to opt-out of the sale of your personal information, but please note that Hoplon does not “sell” your personal information as that term is defined under Nevada law.
For residents of Iowa your rights include (i) the right to know whether Hoplon holds or processes your personal information, (ii) the right to access your personal information, (iii) the right to have your personal information deleted and, if applicable, (v) the right to opt out of the sale of personal information.
For residents of Colorado, Connecticut, Indiana, Virginia or Utah, your rights include (i) the right to know whether Hoplon holds or processes your personal information, (ii) the right to receive a copy of your personal information in a readily usable format, (iii) the right to request correction of your personal information, (iv) the right to have your personal information deleted and, if applicable, (v) the right to opt out of targeted advertising, the sale of personal information, or certain profiling (if the profiling is in furtherance of decisions that produce legal or similarly significant effects on you). If you are a resident of one of these states, please contact us at info@hoploninfosec.com.
If, after reviewing your request, we determine that we cannot honor it, we will notify you of that decision via email. If you wish to appeal any such decision, please respond to the emailed decision.
We do not sell your personal information for financial benefit. If you are a resident of California, Colorado or Connecticut, however, please note that some of our data transfers do constitute a “sale” under California, Colorado and Connecticut law.
“Do Not Track”
If you have enabled the feature, your web browser may transmit “do-not-track” signals to our websites and other online services with which your browser communicates. We currently do not take any action in response to these signals.
Third Party Links
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
Children’s privacy
We do not knowingly collect personal information from children under 13.
Contact Us
If you have any questions or comments regarding this Statement, please contact us at info@hoploninfosec.com or at the physical addresses set out in the list of global entities at the top of this Statement.
Changes to this Statement
Hoplon will occasionally update this Statement. Hoplon encourages you to periodically review this Statement to be informed of how Hoplon is protecting your information. When such a change is made, we will update the “Last Updated” date above. If we make any material changes, we will notify you or our Client by email (sent to the email address specified in your account) or by means of a notice on this Site prior to the change becoming effective. To the extent that ¬our policy changes in a material way, the Statement that was in place at the time that you submitted personal information to us will generally govern that information unless we receive your consent to the new Statement. We encourage you to periodically review this page for the latest information on our privacy practices.
Copyright Terms and Conditions
The content on this website is protected by the Copyright Laws of the United States of America and other countries worldwide. The unauthorized use and/or duplication of this material without express and written permission from Hoplon is strictly prohibited.
For purposes of applicable data protection laws, the data controller of your personal information is Hoplon Infosec, LLC and its affiliates and subsidiaries.
We’re Here to Secure Your Hard Work
Protect your system from cyber attacks by utilizing our comprehensive range of services. Safeguard your data and network infrastructure with our advanced security measures, tailored to meet your specific needs. With our expertise and cutting-edge technology, you can rest assured that your system is fortified against any potential threats. Don’t leave your security to chance – trust our proven solutions to keep your system safe and secure.