This privacy notice is effective starting January 1, 2020.

Stratus Security Consulting is committed to protecting the privacy of all individuals who entrust their personal data with us. As a company dedicated to protecting data, our collection and use of personal data is guided by our mission to prevent misuse and protect our customers' data.

This privacy notice applies to the personal data collected, processed, or stored by Stratus Security Consulting, and its subsidiaries (“Stratus Security”, “we”, “our” or “us”), when you visit our websites, download and install any of our products, use any application we provide to you, or utilize any of our services.

If you have any questions regarding this notice, see the Contact Us section later in this statement.


Why We Collect and Use Your Data

Stratus Security Consulting will only collect, use, or store your personal data when we have a fair and lawful purpose for such processing. We rely on several legal basis for the purposes described in this privacy notice, including:

  • as necessary to provide a service requested by you, such as when you request a whitepaper or register to attend a webinar
  • as necessary to fulfill or perform a contract we enter with you, or an organization you work for, such as when our products and services process information about the computer they are installed upon
  • where you have given your consent, which you may revoke at any time, to process your personal data for a specific purpose, such as subscribing to receive an email from us about our company’s products and services
  • when we have a legal obligation, or the processing is in the public interest or in furtherance of a vital interest
  • the processing is necessary to further our legitimate interests, which may include the improvement of our products or services, securing our systems and to protect against fraud

We collect information from you for the following purposes:

Service Delivery and Product Improvement

  • Enable the trial, purchase and delivery of our products and services
  • Improve the performance and optimize the utilization of our products and services
  • Provide customer support, and respond to requests, questions and comments

Marketing, Events and Promotions

  • Deliver information about our products, services and promotions, including advertising
  • Improve the operation of our websites and effectiveness of marketing campaigns
  • Administer contests, promotions, surveys and focus groups

Improve Internal Operations

  • Analyze your use of our products and services to drive improvements
  • Manage our sales and marketing activities, and measure corporate performance

Fraud Prevention, Security and Compliance

  • Protect the security and integrity of our products, services and data
  • Prevent fraudulent transactions, protect our intellectual property and other assets
  • Meet our corporate reporting, compliance and fiduciary obligations

What We Collect and How We Use Your Data

When Visiting Our Websites

We automatically collect and aggregate information related to your use of our websites. We use technologies, such as cookies, to enable functionality, measure performance, and provide relevant information when you visit or return to our sites. This information helps our websites work correctly, provide information about our products and services, and supports our efforts to understand our customers’ interests.

We collect the following types of information from you when you visit our websites:

  • Device and Browser Information: We collect information about the device and browser you use when visiting our websites, including information such as the Internet Protocol (IP) address of the device, your preferred language, the type of device you use, the device operating system and browser type.
  • GeoLocation: We derive the approximate geographic location, such as country, based upon the IP address of the device used when visiting our website to analyze traffic and improve our site. 
  • Browsing Activity: We collect information about how you browse our website, including the address of referring websites, the pages you visit, and the path you take through our websites.
  • Cookie and Related Technologies: We use technologies, such as cookies and related technologies, to collect information about the use of our websites to determine the effectiveness of content or the email messages you’ve subscribed to.
  • Social Media Features: Our websites allow you to share information on your social media platform of choice, such as Facebook, Google+, Twitter, and LinkedIn. These features are usually recognizable by their third-party logo and may collect your IP address, the page you are visiting on our site, and set a cookie to enable the feature to work properly when you use this functionality.


When Requesting Information

You may sign up to receive information about our company, our products and services, cyber security news and information. Based on your consent, we may send you electronic communications to keep you informed of changes to our products and services.

Your personal data will be accessed by authorized Stratus Security Consulting personnel to deliver the requested information and market to you in compliance with this privacy notice. We may also provide your personal data to trusted third-party providers to help us deliver the information you requested, support event activities, or provide updates about Stratus Security Consulting products and services. Third-party providers are not permitted to use your information for any other purposes.


Data collected when requesting information from us


The personal data we collect to deliver the information you requested, or register you for an event, may include your name, title, company name, email address, country, phone number and recent web activity.

You can update your information, review your communication preferences, or stop receiving further communications from us by following the instructions contained within each communication we send you.


When Using Our Products and Services

When providing professional services to our clients, Stratus Security Consulting may collect personal data from our clients, users of our clients' networks and systems, and individuals that connect to our clients' networks and systems. The collection and use of this personal data are limited to providing the professional service to the client. Authorized Stratus Security Consulting personnel will access personal data and we may transfer personal data to trusted third-party providers to help us provide professional services to our clients.

Data collected by our products and services


As part of using our products and services we collect information that is necessary to perform an analysis of potentially malicious software or activity detected by our products, manage licenses, and communicate with customers. Your personal data is stored on Stratus Security Consulting’s cloud-based infrastructure.

Analysis of potentially malicious software and activity


When the product is configured by the user or customer, potentially malicious executable files and forensically relevant computer activity data may be collected for analysis. Data contained within the potentially malicious executable files is non-personal, and any attribution data is deleted or anonymized prior to analysis.


Information from Third-Parties

As part of our marketing activities, we may receive additional information about you from third-party service providers to supplement the information you provided directly to us, so we can provide more relevant information about our company, products and services to you. The information we receive is public information related to the organization or business you work for, such the size of your company, industry, and business mailing address.


Who We Share Your Data With

We do not sell, lease, or trade the personal data we collect from you. We may provide access or transfer your personal data to authorized Stratus Security Consulting personnel, business partners and trusted third-party providers, including those who help us market, provide support, maintain or service our products and services.

The personal data shared with Stratus Security Consulting entities may include: name, e-mail address and telephone number, company, title, work address, your recent interactions with our business applications, and event attendance.

Stratus Security Consulting requires our partners and third-party providers to take commercially reasonable steps to safeguard your personal data, comply with applicable laws and regulations, and not using your personal data for other purposes unless you have provided consent.

We may disclose your personal data to government agencies and law enforcement officials when we believe it is necessary to respond to subpoenas, court orders, other legal process or as required by law and to prevent or take action regarding illegal activities, suspected fraud or software piracy, and situations involving potential threats to the physical safety of any person, or in cases where we believe our intellectual property rights may be violated.

We may also provide access to, assign, or disclose your personal data, in connection with a corporate transaction, such as a merger, acquisition, or purchase all or a portion of our company assets.


How We Protect Your Data

We are committed to ensuring that your personal data is secure. We take commercially reasonable measures, including physical, administrative and technical safeguards, to protect your personal data from unauthorized access, use, alteration, destruction and disclosure.


How Long We Store Your Data

We retain your personal data for the period necessary to fulfill the purposes for which it was collected, or for a reasonable period thereafter to comply with our legal obligations, and contractual and business operations requirements. With relation to personal data collected by our products and services, we retain information during the term of the agreement, based upon instructions provided by our customers, or for shorter periods of time as described in the applicable product or service documentation. Non-personal data, such as samples of potentially malicious software or anonymized data, may be retained indefinitely for the purpose of improving the performance of our products and services.


Our Use of Cookies and Other Tracking Technologies

How We Use Cookies and Other Tracking Technologies

We use cookies, web beacons, pixel tags and other tracking technologies on our websites or emails to, to:

  • present information to you based on your expressed preference, such as desired language
  • collect statistics regarding your website usage, such as time spent, pages viewed, and actions taken on our websites
  • allow us to measure and improve the effectiveness of our marketing activities
  • provide you with messages that is more relevant to your interests, demographics or industry
  • in some cases, to deliver advertising about our products and services to you when you visit websites owned by other third-parties

Please bear in mind that disabling cookies may reduce the functionality of our website.


Use of Analytics Services

Stratus Security Consulting uses services from trusted third-parties to collect and analyze data from users about their use of our websites, products and services. We use this information to improve the quality and functionality of the services we provide, and to develop features that serve you and other users.

The types of information that we collect include the date and time a user accesses our website, products or services, the IP address the request came from, the features they use, and their frequency of use.


Use of Third-Party Cookies

Stratus Security Consulting and its partners, including ad networks, use cookies and other tracking technologies to manage our advertising delivered on other sites. We may display targeted advertisements to you while you are visiting our website, and other websites, based on information we obtain from you, or from third-parties.

Children’s Privacy

We do not knowingly collect any information from anyone under 13 years of age. If you become aware that your child has provided us with personal data, please contact us.

If we become aware that a child under 13 has provided us with personal data, we will remove such information from our active systems and will terminate the child’s account.

Your California Privacy Rights

If you are a California resident, California Civil Code Section 1798.83 permits you to request and obtain from us once a year, free of charge, information regarding the disclosure of your personal information by Stratus Security Consulting to third-parties for the third-parties’ direct marketing purposes.

To make such a request, please contact us by submitting our request form.

Your Rights and Contacting Us

To the extent allowed by applicable law, you have the right to request details of the personal data we have about you, update inaccurate information, request your personal data be deleted, right to restrict processing of your personal data, right to data portability, and object to the collection or use of personal data we process based on our legitimate interests as a company. In some cases, you may be directed to make your request to the organization who licensed our software or services. If you wish to exercise these rights, please contact us by submitting our request form.


Contact Us

We value your feedback. If there are any questions regarding this notice, or our collection and use of your data, you may submit our request form, contact us by email, or write to us at:


Stratus Security Consulting
Attn: Privacy Officer
PO Box 221
Monrovia, MD 21770
privacy@stratussc.com

 

Updates to our Privacy Notice

Each time you use the Stratus Security Consulting website, products or services, the current version of this notice will apply. We reserve the right to change this notice at any time to reflect changes in the law, the products and services we provide, our business and technology, and our data collection and use practices.

If we make any material changes, we will notify you using your email address on record or by placing a notice on the site prior to the change becoming effective.

Your continued use of our products, services or website following the posting of changes to this notice will be deemed your acceptance those changes.