Last updated: June 26, 2018

This Privacy Policy (“Policy”) describes the policies and practices of Madalos, LLC d/b/a Defendify, a Maine limited liability company (“we” or “us”) with respect to personally identifiable information that we collect through: 1) our informational website, www.defendify.io (“Public Website”), 2) our blog, at www.defendify.co (“Blog”) and 3) our Defendify software application, which organizations that subscribe to our Defendify Services (“Customers”) access at api.defendify.io (the “Application”) and which also includes Third-Party Services, defined below (together, we refer to the Application and Third-Party Services as “Defendify Services”). We refer to the Public Website, Blog and Defendify Services together as the “Service,” and we refer to individual employees of Customers and Public Website and Blog visitors together as “Users.”

This Policy describes the ways that we collect personally identifiable information from Customers and Users (together, “you” or “your”) when you visit, access or use the Service and how we disclose that same information to others. We will not use or share your Collected Information (defined below) with anyone except as described in this Policy.

The Purpose of the Policy

We take your privacy seriously. We provide this Policy so that you understand how we treat the information that you provide us as you use the Service (“Collected Information”).

This Policy applies only to information collected through the Service. It may not apply to information that we may collect offline (for example, via phone calls). We reserve the right to change this Policy at any time. Any material changes will take effect immediately as soon as we give you notice of them, which we may do by means including but not limited to issuing an email to the email address listed by registered users and/or posting the revised Policy on this page. It is your responsibility to review this Policy periodically and to be aware of any modifications. Your continued use of the Service after any modification means that you acknowledge the change and consent to the practices that we disclose in the Policy.

How We Collect Information

We collect information in these ways:

  • User-Provided Information. Various parts of the Service ask Customers and/or Users to manually provide information including names, addresses, email addresses, phone numbers, titles, domains and names of individuals’ employers.
  • Automatically Collected Information. When you use the Service, we may automatically collect or generate information including but not limited to the Internet Protocol (“IP”) address of your computer; web pages that you access within the Service; geographic information; a unique user ID; the type of browser, device or operating system you use; the version of our software that you are using; referring services or websites; search information; and usage and browsing information.
  • Passwords Identified in Dark Web Scans. Some of our Customers subscribe to Defendify plans that include a Dark Web Scan. Those Customers provide us email addresses and names associated with individual Users employed by the Customers. If our scan of the Dark Web identifies compromised passwords associated with those Users found on the Dark Web, we provide those passwords to the Company that employs the User.

We refer to all of the information described in this section as “Collected Information.”

How We Use Collected Information

We use Collected Information to deliver the Service to you, for billing purposes, and for communicating with you about the Service. We will never use personally identifiable information for our own purposes except as expressly described in this Policy. If we use your email address to communicate with you (with the exception of transactional emails regarding your use of the Service), we will provide you with the option to unsubscribe or opt out of future emails.

How We Disclose Collected Information to Others

We will not sell, rent, license or disclose Collected Information to anyone, except:

  1. where necessary for us to work with third-party companies that we use to provide the Service (“Third-Party Services,” detailed below);
  2. in response to a court order or where required by law;
  3. to investigate suspected fraud, harassment or illegal conduct, or suspected violations of our Master Services Agreement with you (if you are a Customer) or with your employer (if you are a User employed by one of our Customers); or
  4. to disclose to another company in the course of a business acquisition, merger or sale of assets.

Third-Party Services

We use several Third-Party Services to provide the Service to you. In connection with the Public Website and Blog, we use Third-Party Services that include popular Google marketing products. To power the Defendify Services, we also use other Third-Party Services.

We share your Collected Information with Third-Party Services only for the purposes described in this Policy. For security reasons, because this Policy itself is available to the public, we cannot identify all of the Third-Party Services here, but we will be happy to provide you with more information about them if you contact us at legal@defendify.io and ask us.

Third-Party Services will handle Collected Information pursuant to their own privacy and security policies. By using our Service, you consent to our providing Collected Information with Third-Party Services to be used in accordance with their own privacy and security policies as they exist today and as they may change in the future. For more information about how Google’s services use your Collected Information, see “How Google uses information from sites or apps that use our services.”

Security

The security of your Collected Information is very important to us. We use reasonable efforts to protect it from unauthorized access, but we cannot guarantee that your Collected Information will be free from unauthorized access by third parties such as hackers. By using the Service, you (a) consent to our using your Collected Information as described in this Policy notwithstanding this risk; (b) waive any claims against us relating to the interception, use or disclosure of Confidential Information by third parties unauthorized by us; and (c) agree to notify us promptly if you suspect any unauthorized usage of Confidential Information.

For more information on protecting your privacy, please visit www.ftc.gov/privacy.

Children

To access or use the Service, you must be at least 18 years old and have the requisite power and authority to understand and consent to the practices described in this Policy.

Your Rights with respect to Collected Information

If you are a Customer, you may edit or delete personal information about Users in your organization by using your Defendify dashboard or contacting Defendify.

If you are an individual User, you may edit or delete personal information that we store about you by contacting your employer (each of our Customers has an individual designated to manage the Defendify organizational account, and that individual can edit or delete information that Defendify stores about you on your request) or using other instructions that we provide you by email.

“Do Not Track” Technology

If you use Do-Not-Track tools to prevent websites and software products from tracking your online behavior across websites, please be aware that we do not change the way the Service works (as described in this Policy) in response to requests not to be tracked. You may, however, be able to disable certain tracking signals used by individual Third-Party Services, which you may do by accessing those services.

Cookies and other storage technologies

When you use the Service, we or our Third-Party Services may use tools including cookies, web beacons and other storage technologies that store Users’ IDs or passwords to provide the Service, to personalize certain portions of the Service that Users see, to provide analytics regarding the Service, to collect information about how Users use the Service and to advertise the Service. To the extent that we store Users’ passwords, we do so only as cryptographically secure salted/hashed passwords.

You are welcome to opt out of our use of these tools with you, and you can learn more about how do to so at the Digital Advertising Alliance’s Webchoices page, European Advertising Standards Alliance (EASA)’s Framework and the Network Advertising Initiative’s Consumer Opt Out page.

No Rights of Third Parties

This Policy does not create rights enforceable by third parties, nor does it require disclosure of any information relating to Customers or Users of the Service.

Limitation of Warranties

We make no representations, warranties or promises about the security of Collected Information except as stated expressly in this Policy or where required by law.

For More Information

Please direct any questions about this Policy by email to legal@defendify.io.