Arctic Wolf Networks, Inc.
- Opening tickets
- Adding comments to existing tickets
- Adding attachment(s) to tickets
- Being authenticated to use the Solutions
- Uploading credentials for application event monitoring
- Obtaining configuration information, reports, and metrics related to the operation of the Solutions within your environment
Each User is responsible for the quality, integrity, reliability, and appropriateness of Customer Information submitted in the Customer Portal and Solutions and must comply with terms contained in the applicable Arctic Wolf Master Solutions Agreement or, in the case of an MSP, by the terms of the applicable Arctic Wolf Master Partner Agreement. The information we may collect from you while using the Customer Portal and Solutions (the “Customer Information”) includes:
Customer Information Obtained via the Customer Portal
The types of Customer Information we collect about Users of the Customer Portal includes:
1) Corporate or Employee Information
Customer Portal Users experiencing issues relating to the Solutions may submit support tickets via the Customer Portal. In the course of your creation of support tickets and our provision of support services, you may provide corporate or employee information that assists us with the definition and resolution of issues.
2) Uploaded Credentials
Customers Portal Users may upload their credentials (such as names, email addresses, phone numbers, usernames, passwords, IP addresses, geolocation data, and device ID identifiers).
Customer Information Obtained via the Solutions
When using the Solutions, the Solutions may collect, and/or you may choose to submit to us, the following:
1) System Data
The Solutions, depending on their set up and deployment in your environment, may collect log data from various sources, including your:
- data center,
- infrastructure in the cloud,
- on-premises infrastructure, and
- remote endpoints.
In addition, the Solutions may perform inspection of network traffic, scan internal and external-facing devices, and collect configuration data, vulnerability data, system-level inventory, and event data.
2) Uploaded Credentials
Solutions Users may be required to upload their credentials (such as names, email addresses, phone numbers, usernames, passwords, IP addresses, geolocation data, and device ID identifiers).
How We Use the Information
We use Customer Information for the following purposes:
1) Support Ticket Management and Resolution
Support tickets are the primary medium that Users and the Concierge Security™ engineers (CSEs) use to communicate issues or requests over the use and improvement of the Solutions. Both parties can comment and provide more information in a support ticket until the issue/request is resolved. The CSEs use a ticketing system to communicate security alerts to Users allowing the Users to respond and see the status of the alert until it is closed.
2) Provision of the Solutions
System Data and uploaded credentials are integral to the functionality of our Solutions. This Information is used to provision the Solutions to you and to monitor and detect security and threat incidents within your network of connected applications and systems. Uploaded credentials can be viewed and managed by Users, including your MSP, and—to a limited extent—may be accessed and viewed by Arctic Wolf employees for support ticket issue resolution. Based on the your environment and configuration, Users can upload credentials in the Solutions and/or Customer Portal to:
3) Communication With You
- configure the Solutions, and to monitor cloud infrastructure resources to detect access and misuse of a User’s networks, resources, and application instances;
- monitor SaaS applications to detect malicious activities and potential data exposures in cloud-based applications; and
- monitor security events related to user single sign-on and malicious endpoint activity for security providers.
Arctic Wolf may use your Customer Information for business purposes of communicating with you about Solutions in which you may be interested, updating you about changes to our terms and conditions, sending you general information about Arctic Wolf and its business, or other similar types of business purposes.
4) Improve the Customer Portal and Solutions
Arctic Wolf may aggregate and anonymize your Customer Information in order to improve the information it uses to deliver its Solutions.
How We May Share the Information
We do not sell your Customer Information. We do not share, distribute, use, disclose, review, transfer, or reference any Customer Information except as set forth herein, as expressly permitted in writing by the User, as needed by an MSP to perform services for its end users, or as required or permitted by law. Additional information about our confidentiality and security practices with respect to Customer Information is available on our Information Security Overview
We may share Customer Information only in the manner described below. We do not control, however, how you or your third party service providers, collect, uses, shares or discloses Customer Information.
We may share or disclose Customer Information in the following ways:
When changing our business structure
In the event of a proposed or completed merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of our assets, similar transactions or proceedings, or steps in contemplation of such activities, Customer Information held by us may be among the assets transferred to the buyer or acquirer;
When conducting our business operations
We may use third party service providers and tools to provide services on our behalf, including billing, customer ticketing and collaboration, internal support ticketing, access and identity management, cloud hosting, customer relations management, marketing and advertising, Solution improvement projects, etc. Our service providers are only provided with information they need to perform their designated functions and are not authorized to use or disclose personal information for their own marketing or other purposes. Our service providers may be located in the U.S., Canada or other foreign jurisdictions;
To comply with laws
We and our affiliates or service providers in the U.S. or other jurisdictions may disclose Customer Information to comply with applicable legal or regulatory requirements (which may include lawful access by U.S. or foreign courts, law enforcement or other government authorities) and to respond to lawful requests by public authorities, including to meet national security, law enforcement requirements, court orders and legal processes;
To protect rights and safety
To protect and defend the brand, rights, property and safety of Arctic Wolf Networks, Inc. and its affiliates, Arctic Wolf customers, including enforcing contracts or policies, or in connection with investigating and preventing fraud.
If Users have any questions about its Customer Information or rights with respect to the foregoing, please contact us at email@example.com
or open a ticket via your Customer Portal.
The security of Customer Information is important to us. We maintain appropriate administrative, physical, and technical safeguards to help protect the confidentiality and integrity of Customer Information, during transmission and once it is received. However, we cannot guarantee that hackers or unauthorized personnel will not gain access to Customer Information, despite our best efforts. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect Customer Information, we cannot guarantee its absolute security. Customer Portal Users are responsible for protecting themselves against unauthorized access to passwords, private keys and computers, and unauthorized disclosure, alteration, and destruction of Customer Information. To learn more about our Security practices, please refer to Information Security Overview
Location of Data
All Customer Information uploaded to the Customer Portal and the Solutions may be stored within the Amazon Web Services environment, or such other third party cloud service provider(s) selected by us, within the U.S., however, Customer Information may be accessed by employees, including non-US citizens, outside of the U.S.
EU-U.S. Privacy Shield and Swiss-U.S. Privacy Shield
Arctic Wolf complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Arctic Wolf has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. Arctic Wolf may process some personal data from individuals or companies via other compliance mechanisms, including data processing agreements based on the EU Standard Contractual Clauses. To learn more about the Privacy Shield program and view our certification, visit the U.S. Department of Commerce’s Privacy Shield site at Privacy Shield
. Arctic Wolf is responsible for the processing of the personal data it receives under each Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Arctic Wolf complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, Switzerland and United Kingdom, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Frameworks, Arctic Wolf is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we are required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
In compliance with the Privacy Shield Principles, Arctic Wolf commits to resolve complaints about our collection or use of your personal data. EU, Swiss, and UK individuals with inquiries or complaints regarding our Privacy Statement should first contact Arctic Wolf at firstname.lastname@example.org
or you may also call (888) 286-6726.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://www.jamsadr.com/eu-us-privacy-shield
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration by going to Submitting a Complaint
on the Privacy Shield website when other dispute resolution procedures have been exhausted.
Access to Information
Subject to limited exceptions under applicable law, Users may have the right to access, update and correct inaccuracies on their Customer Information. To exercise these rights, please submit a request by emailing email@example.com
or you may also call (888) 286-6726. Please be as specific as possible in relation to the Customer Information you wish to access. Once Arctic Wolf receives your request, Arctic Wolf will review it, determine whether Arctic Wolf can verify your identity, and process the request accordingly. If Arctic Wolf needs additional information to verify your identity, Arctic Wolf will let you know.
California Consumer Privacy Act
The California Consumer Privacy Act (“CCPA”), which is effective as of January 1, 2020, regulates how Arctic Wolf handles personal information of California residents and gives California residents certain rights with respect to their personal information.
Information Arctic Wolf May Collect:
We may collect the following categories of information:
- Corporate or employee information that you may provide to Arctic Wolf
- Uploaded Credentials – such as names, email addresses, phone numbers, usernames, passwords, IP addresses, geolocation data and device ID identifiers
- System Log Data that may include personal information you elect to provide to us
For each category of information, Arctic Wolf collects the information from a variety of sources, including directly from you, from your devices, and/or from your third party providers. Arctic Wolf collects the information to:
- provide you with support on the Solutions,
- deliver the Solutions to you,
- protect Arctic Wolf (including the Solutions) and its customers,
- communicate with you regarding our Solutions and terms and conditions,
- conduct internal marketing activities, and
- improve our Solutions.
Arctic Wolf may share personal information with Third Parties as the term is defined under the CCPA.
Arctic Wolf does not sell personal information of any individual, including personal information of minors under 16 years of age.
Arctic Wolf engages certain trusted third parties to perform functions and provide services to us, including auditing, marketing, hosting and maintenance, error monitoring, debugging, performance monitoring, and other short term uses. We may share your Customer Information with these third parties, but only to the extent necessary to perform these functions and provide such services. We require these third parties to maintain the privacy and security of the Customer Information they process on our behalf.
Do Not Sell My Personal Information:
|Identifiers (names, email addresses, phone numbers, mailing address)
|Commercial Information (Solution information)
Arctic Wolf does not sell your personal information as defined under CCPA.
You may have certain rights with respect to your personal information, including:
- The right to access, including the right to know the categories and specific pieces of personal information Arctic Wolf collects;
- The right to deletion of your personal information, subject to certain limitations under applicable law;
- The right to request disclosure of information collected;
- The right to disclosure of information disclosed for valuable consideration; and
- The right not to be discriminated against for exercising certain rights under California law.
To exercise these rights, please submit a request by emailing firstname.lastname@example.org
or you may also call (888) 286-6726. Please be as specific as possible in relation to the personal information you wish to access. Once Arctic Wolf receives your request, Arctic Wolf will review it, determine whether Arctic Wolf can verify your identity, and process the request accordingly. If Arctic Wolf needs additional information to verify your identity, Arctic Wolf will let you know. Arctic Wolf will respond to your request within 45 days of receipt or notify you if Arctic Wolf requires additional time.
If you would prefer, you may designate an authorized agent to make a request on your behalf.
or by regular mail addressed to:
Arctic Wolf Networks, Inc.
Attn: Information Security and Data Protection Officer
111 West Evelyn Ave., Suite 115
Sunnyvale, CA 94086