- WHY ARCTIC WOLF
Each User is responsible for the quality, integrity, reliability, and appropriateness of Customer Information submitted in the Customer Portal and Solutions and must comply with terms contained in the applicable Arctic Wolf Master Solutions Agreement or, in the case of an MSP, by the terms of the applicable Arctic Wolf Master Partner Agreement. The information we may collect from you while using the Customer Portal and Solutions (the “Customer Information”) includes:
Customer Information Obtained via the Customer Portal
The types of Customer Information we collect about Users of the Customer Portal includes:
1) Corporate or Employee Information
Customer Portal Users experiencing issues relating to the Solutions may submit support tickets via the Customer Portal. In the course of your creation of support tickets and our provision of support services, you may provide corporate or employee information that assists us with the definition and resolution of issues.
2) Uploaded Credentials
Customers Portal Users may upload their credentials (such as names, email addresses, phone numbers, usernames, passwords, IP addresses, geolocation data, and device ID identifiers).
Customer Information Obtained via the Solutions
When using the Solutions, the Solutions may collect, and/or you may choose to submit to us, the following:
1) System Data
The Solutions, depending on their set up and deployment in your environment, may collect log data from various sources, including your:
In addition, the Solutions may perform inspection of network traffic, scan internal and external-facing devices, and collect configuration data, vulnerability data, system-level inventory, and event data.
2) Uploaded Credentials
Solutions Users may be required to upload their credentials (such as names, email addresses, phone numbers, usernames, passwords, IP addresses, geolocation data, and device ID identifiers).
We use Customer Information for the following purposes:
1) Support Ticket Management and Resolution
Support tickets are the primary medium that Users and the Concierge Security™ engineers (CSEs) use to communicate issues or requests over the use and improvement of the Solutions. Both parties can comment and provide more information in a support ticket until the issue/request is resolved. The CSEs use a ticketing system to communicate security alerts to Users allowing the Users to respond and see the status of the alert until it is closed.
2) Provision of the Solutions
System Data and uploaded credentials are integral to the functionality of our Solutions. This Information is used to provision the Solutions to you and to monitor and detect security and threat incidents within your network of connected applications and systems. Uploaded credentials can be viewed and managed by Users, including your MSP, and—to a limited extent—may be accessed and viewed by Arctic Wolf employees for support ticket issue resolution. Based on the your environment and configuration, Users can upload credentials in the Solutions and/or Customer Portal to:
3) Communication With You
Arctic Wolf may use your Customer Information for business purposes of communicating with you about Solutions in which you may be interested, updating you about changes to our terms and conditions, sending you general information about Arctic Wolf and its business, or other similar types of business purposes.
4) Improve the Customer Portal and Solutions
Arctic Wolf may aggregate and anonymize your Customer Information in order to improve the information it uses to deliver its Solutions.
We do not sell your Customer Information. We do not share, distribute, use, disclose, review, transfer, or reference any Customer Information except as set forth herein, as expressly permitted in writing by the User, as needed by an MSP to perform services for its end users, or as required or permitted by law. Additional information about our confidentiality and security practices with respect to Customer Information is available on our Information Security Overview page.
We may share Customer Information only in the manner described below. We do not control, however, how you or your third party service providers, collect, uses, shares or discloses Customer Information.
We may share or disclose Customer Information in the following ways:
When changing our business structure
In the event of a proposed or completed merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of our assets, similar transactions or proceedings, or steps in contemplation of such activities, Customer Information held by us may be among the assets transferred to the buyer or acquirer;
When conducting our business operations
We may use third party service providers and tools to provide services on our behalf, including billing, customer ticketing and collaboration, internal support ticketing, access and identity management, cloud hosting, customer relations management, marketing and advertising, Solution improvement projects, etc. Our service providers are only provided with information they need to perform their designated functions and are not authorized to use or disclose personal information for their own marketing or other purposes. Our service providers may be located in the U.S., Canada or other foreign jurisdictions;
To comply with laws
We and our affiliates or service providers in the U.S. or other jurisdictions may disclose Customer Information to comply with applicable legal or regulatory requirements (which may include lawful access by U.S. or foreign courts, law enforcement or other government authorities) and to respond to lawful requests by public authorities, including to meet national security, law enforcement requirements, court orders and legal processes;
To protect rights and safety
To protect and defend the brand, rights, property and safety of Arctic Wolf Networks, Inc. and its affiliates, Arctic Wolf customers, including enforcing contracts or policies, or in connection with investigating and preventing fraud.
If Users have any questions about its Customer Information or rights with respect to the foregoing, please contact us at firstname.lastname@example.org or open a ticket via your Customer Portal.
The security of Customer Information is important to us. We maintain appropriate administrative, physical, and technical safeguards to help protect the confidentiality and integrity of Customer Information, during transmission and once it is received. However, we cannot guarantee that hackers or unauthorized personnel will not gain access to Customer Information, despite our best efforts. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect Customer Information, we cannot guarantee its absolute security. Customer Portal Users are responsible for protecting themselves against unauthorized access to passwords, private keys and computers, and unauthorized disclosure, alteration, and destruction of Customer Information. To learn more about our Security practices, please refer to Information Security Overview.
All Customer Information uploaded to the Customer Portal and the Solutions may be stored within the Amazon Web Services environment, or such other third party cloud service provider(s) selected by us, within the U.S., however, Customer Information may be accessed by employees, including non-US citizens, outside of the U.S.
Arctic Wolf complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Arctic Wolf has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. Arctic Wolf may process some personal data from individuals or companies via other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses. To learn more about the Privacy Shield program and view our certification, visit the U.S. Department of Commerce’s Privacy Shield site at Privacy Shield. Arctic Wolf is responsible for the processing of the personal data it receives under each Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Arctic Wolf complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, Switzerland and United Kingdom, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Arctic Wolf is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we are required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, Arctic Wolf commits to resolve complaints about our collection or use of your personal data. EU, Swiss, and UK individuals with inquiries or complaints regarding our Privacy Statement should first contact Arctic Wolf at email@example.com or you may also call (888) 286-6726.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration by going to Submitting a Complaint on the Privacy Shield website when other dispute resolution procedures have been exhausted.
Access to Information
Subject to limited exceptions under applicable law, Users may have the right to access, update and correct inaccuracies on their Customer Information. To exercise these rights, please submit a request by emailing firstname.lastname@example.org or you may also call (888) 286-6726. Please be as specific as possible in relation to the Customer Information you wish to access. Once Arctic Wolf receives your request, Arctic Wolf will review it, determine whether Arctic Wolf can verify your identity, and process the request accordingly. If Arctic Wolf needs additional information to verify your identity, Arctic Wolf will let you know.
California Consumer Privacy Act
The California Consumer Privacy Act (“CCPA”), which is effective as of January 1, 2020, regulates how Arctic Wolf handles personal information of California residents and gives California residents certain rights with respect to their personal information.
Information Arctic Wolf May Collect:
We may collect the following categories of information:
For each category of information, Arctic Wolf collects the information from a variety of sources, including directly from you, from your devices, and/or from your third party providers. Arctic Wolf collects the information to:
Arctic Wolf may share personal information with Third Parties as the term is defined under the CCPA.
Arctic Wolf does not sell personal information of any individual, including personal information of minors under 16 years of age.
Arctic Wolf engages certain trusted third parties to perform functions and provide services to us, including auditing, marketing, hosting and maintenance, error monitoring, debugging, performance monitoring, and other short term uses. We may share your Customer Information with these third parties, but only to the extent necessary to perform these functions and provide such services. We require these third parties to maintain the privacy and security of the Customer Information they process on our behalf.
|Identifiers (names, email addresses, phone numbers, mailing address)||YES|
|Commercial Information (Solution information)||YES|
Do Not Sell My Personal Information:
Arctic Wolf does not sell your personal information as defined under CCPA.
You may have certain rights with respect to your personal information, including:
To exercise these rights, please submit a request by emailing email@example.com or you may also call (888) 286-6726. Please be as specific as possible in relation to the personal information you wish to access. Once Arctic Wolf receives your request, Arctic Wolf will review it, determine whether Arctic Wolf can verify your identity, and process the request accordingly. If Arctic Wolf needs additional information to verify your identity, Arctic Wolf will let you know. Arctic Wolf will respond to your request within 45 days of receipt or notify you if Arctic Wolf requires additional time.
If you would prefer, you may designate an authorized agent to make a request on your behalf.
Arctic Wolf Networks, Inc.
Attn: Information Security and Data Protection Officer
111 West Evelyn Ave., Suite 115
Sunnyvale, CA 94086