GreyNoise Privacy Policy

1. Introduction

1.1 About us

GreyNoise Intelligence, Inc. ("GreyNoise" or "we") is a company organized under the laws of Delaware in the United States that provides threat intelligence services through our proprietary Platform (defined in our End User License Agreement or "EULA"). We respect your privacy and are committed to protecting it through our compliance with this Privacy Policy. Any capitalized terms used in this Privacy Policy not defined here has the meaning given to it in our End User License Agreement.

This Privacy Policy together with our EULA describes the types of information we may collect from both visitors of our website at [greynoise.io] ("Site") and subscribers to our Platform ("Customers"), and our practices for collecting, using, maintaining, protecting, and disclosing that information, including Personal Data. "Personal Data" means information by which you may be personally identified, which includes but is not limited to your name, mailing address, email address, telephone number, job title, username, password, social security number, date of birth, and financial/payment details.

If you have subscribed to our Platform through a Data License Agreement and this Privacy Policy, then the terms of your Data License Agreement will take priority. This Privacy Policy applies to information we collect on our Site, through your access to the Platform, in email, text, and other electronic messages between you and us, whether through the Platform or otherwise, and through offline communication such as phone calls.

Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Site or access the Platform. By using the Site and/or accessing the Platform, you accept and consent to this Privacy Policy. You may choose not to submit requested information online or may choose to restrict the use of cookies (see Section 4 Cookies below for more information) but that may limit the Platform and content we can provide to you.

1.2 Children

Our Site and Platform are not intended for children under 16 years of age. No one under age 16 may provide any Personal Data to GreyNoise. We do not knowingly collect Personal Data from children under 16. If you are under 16, do not use or provide any information on the Site, register for a subscription to the Platform, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received Personal Data from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at support@greynoise.io.

2. Visitors

2.1 What we collect/process

2.1.1 Data you provide us

We may ask you to provide Personal Data voluntarily when you access certain parts of our Site, including when you submit an inquiry through our Contact feature or report a problem with the Site. If you choose to communicate with us, we may also collect additional data you provide, including copies of your communications and the method of communication you used. The Personal Data we may collect includes:

  • Your Name
  • Email Address
  • Phone Number

2.1.2 Data from third parties

We may collect information about you from certain parties with whom we have a relationship, including social media websites like LinkedIn, analytics providers like Google Analytics, marketing partners like Hubspot, and other third-party service providers.

2.1.3 Aggregated data

As you navigate through and interact with our Site, we may use automatic data collection technologies, including cookies (see section 5 Cookies below for more details) to collect certain information about your equipment, browsing actions, and patterns, including:

  • Details of your visits to our Site, including traffic data, location data, logs, and other communication data and the resources that you access and use on the Site
  • Information about your computer and internet connection, including your IP address, operating system, browser ID and type, browsing activity (such as the website from which you arrived at our Site or navigated to after our Site, for example)

2.1.4 Usage data

If you use our data visualizer located at [link], we will collect Usage Data (defined in the [EULA]) from your queries the same as we do for Customers who subscribe to the Platform.

2.2 Purpose for collection/processing

We collect and process Personal Data of visitors on one or more legal bases related to the particular information at issue and the context in which we collect it. Generally speaking, our bases for obtaining and using your Personal Data is our legitimate interest in providing, maintaining, and improving our Site and Platform, based on your consent, or any combination of these bases. If required by law, we will only process your Personal Data after receiving your consent to do so. Please see Your Data Rights below for more details on withdrawing consent.

3. Customers

3.1 What we collect/process

We may collect the same data from Customers that we do for visitors as described in Section 2 above, depending on the context of your interactions with us.

3.1.1 Data you provide us

To enjoy full use of our Platform, you must become a Customer by registration an account and subscribing to the Platform. Customers are required to provide certain Personal Data at the time of registration, including:

  • Organization name (if applicable)
  • Contact Name
  • Contact Title
  • Mailing Address
  • Email Address
  • Phone Number
  • Username
  • Password
  • Payment Method Details

3.1.2 Data from third parties

In addition to the third-party data that we collect from all Site visitors listed above in Section 2.1, we may collect information as you access the Platform from certain third-party partners integrated with our Platform, such as SIEMs, TIPs, and SOAR cybersecurity platforms.

3.1.3 Aggregated data

We collect the same type of Aggregated Data from Customers that we do from visitors, as described above in Section 2.1.3. Our rights concerning Usage Data are set out in the EULA.

3.2 Purpose for collection/processing

In addition to the uses pertaining to of information of visitors of our Platform described in Section 2.2, we also use Personal Data collected from Customers:

  • to provide you with information, products, or services that you request from us
  • to provide you with notices about your account
  • to carry out our obligations and enforce our rights arising from any contracts entered into between you and us (such as our End User License Agreement or Data License Agreement), including for billing and collection
  • to notify you about changes to our Platform or any products or services we offer or provide,
  • to provide you with our newsletter if you have signed up for it
  • in any other way we may describe when you provide the information
  • for any other purpose with your consent

4. Disclosure

We may disclose Personal Data that we collect as described in this Privacy Policy:

  • to our subsidiaries and affiliates
  • to contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep Personal Data confidential and use it only for the purposes for which we disclose it to them, including our analytics providers, cloud providers, CRM and marketing platforms, and communication tools
  • to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by us about our Customers is among the assets transferred
  • to comply with any court order, law, or legal process, including to respond to any government or regulatory request
  • if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of GreyNoise, our Customers, or others
  • for any other purpose disclosed by us when you provide the Personal Data
  • with your consent

5. Cookies

We may use cookies and similar tracking technologies to collect information about you, as described in Section 2.1.3, when you visit the Site or access the Platform. You can find more information about our use of cookies at our Cookie Policy [insert link].

6. Links

On occasion we include links to third parties on the Site. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Where we provide a link, it does not mean that we endorse or approve that website’s policy towards visitor privacy. You should review their privacy policy before sending them any Personal Data.

7. Your data rights

You have the right to:

  • Request access to, correct or delete any Personal Data that you have provided to us. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect. You may send us an email at support@greynoise.io to make such a request.
  • As a Customer, review and change your Personal Data by logging into the Platform and visiting your account profile.
  • Remove and/or reject cookies from our Site with your browser settings. If you remove or reject our cookies, it could affect how the Site and our Platform perform for you.
  • You can object to processing of your Personal Data, request us to restrict processing of your Personal Data, or request to have your Personal Data in a portable format. You may send us an email at support@greynoise.io to make such a request.
  • You can object to processing of your Personal Data, request us to restrict processing of your Personal Data, or request to have your Personal Data in a portable format. You may send us an email at support@greynoise.io to make such a request.
  • To make a complaint at any time to the data privacy authority in your jurisdiction. We would, however, appreciate the chance to deal with your concerns before you approach such authority so please contact us in the first instance.

8. Data, security, and retention

8.1 Security

We have implemented measures designed to secure your Personal Data from accidental loss and from unauthorized access, use, alteration, and disclosure. Any payment transactions are encrypted in accordance with the policies of our third-party payment processor.

The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password and/or API key for access to the Platform, you are responsible for keeping this information confidential.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to us. Any transmission of Personal Data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Platform.

8.2 Retention

We will only retain your Personal Data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

9. Changes to our Privacy Policy

It is our policy to post any changes we make to our Privacy Policy on this page. If we make material changes to how we treat our Customer’s Personal Data, we will notify you by email to the email address specified in your account. The date the Privacy Policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting our Site and this Privacy Policy to check for any changes. Your continued use of this Platform after we make changes is deemed to be acceptance of those changes.

10. Contact information

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at: support@greynoise.io.