Go to main content

Privacy policy

The following discloses the privacy practices and disclaimers for Coalfire Systems, Inc.

California and Virginia Residents, please read our CA & VA Privacy Policy.

Privacy Policy

Coalfire Systems, Inc. ("Coalfire") takes your privacy seriously. We want you to know how we collect, use, share, and protect your personal data.

This Privacy Policy tells you:

This Privacy Policy applies only to personal data that we collect on the website www.Coalfire.com as it may be modified, relocated and/or redirected from time to time (the "Site"). This Privacy Policy does not apply to any other web sites that may be accessible through the Site.

If you do not want us to handle your personal data as described in this Privacy Policy, please do not use the Site. If you reside outside the U.S., you will not be able to submit personal data through this website unless you consent to this Privacy Policy.

Personal data means information that relates to you as an individually identifiable person, such as your name, e-mail address, and mobile number.

1. WHAT PERSONAL DATA WE COLLECT

a) Information You Give Us

We collect personal data that you voluntarily share with us through the Site. For example, we may ask you to register and provide information when you download free information, such as white papers and email newsletters, or if you respond to a marketing campaign.

b) Information We Collect Through Technology On The Site

We collect information through technology to enhance our ability to serve you. When you access and use the Site, Coalfire and, in some cases, our third-party service providers collect information about how you interact with the Site. We describe below methods we use to collect information through technology.

IP Address

When you visit the Site, we collect your device identifier, browser information, and Internet Protocol (IP) address. An IP address is often associated with the portal you used to enter the Internet, like your Internet service provider (ISP), company, association, or university. While an IP address may reveal your ISP or geographic area, we cannot determine your identity solely based upon your IP address. We do not link your personal data to device identifier information, browser information, and IP addresses. Where, according to local law, IP addresses and the like are considered personal data, then we treat them as such.

Do We Use Cookies?

Yes. We use cookies on this website. A cookie is information sent by a web server to a web browser, and stored by the browser. Each time the browser requests a page from the web server, the cookie communicates with the web server. This enables the web server to identify and track the web browser. We use cookies to help us understand how users use the Site. For example, cookies gather information about how long you spend on a web page so that we can understand what web pages are of most interest to users.

We, or our service providers, may send cookies which may be stored by your browser on your computer’s hard drive. We, or our service providers, may use the information we obtain from the cookies in the administration of this website, to improve the website’s usability and for marketing purposes. For example, our sales team may use information about website engagement to determine the potential interests of a user who has asked to be contacted about our services. We may use information obtained from cookies to recognize your computer when you visit our website, and to personalize our website for you. For example, we also may use information obtained from cookies to tailor how the website appears to you (including the advertisements and offers you receive) to better match your interests and preferences.

We may use anonymous cookies to record non-personal information such as website activity, date and time of visit, and domain type. We may use this information for retargeting purposes. For example, when you visits certain pages on our Site, we can bid to display advertisements to you on various advertisement networks on the Internet.

Most browsers allow you to refuse to accept cookies. (For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector.) This will, however, cause some features of this website and other websites not to work. For example, without cookies, a website typically cannot remember that you have logged in when you move from page to page in the website.

Service Provider's Cookies

We use cookies provided by third-party service providers, such as Google Analytics, Pardot, BrightFunnel and Terminus to assist us in better understanding our Site visitors. These cookies generally collect data tied to a user’s IP address, such as the length of time a user spends on a page, the pages a user visits, and the websites a user visits before and after visiting the Site. For example, based on this information, Google Analytics compiles aggregate data about Site traffic and Site interactions, which we use to offer better Site experiences and tools in the future. Google Analytics does not collect any personal data (other than IP Address which may be considered personal data in some countries). You can obtain more information about Google Analytics here: www.google.com/intl/en/policies/privacy/

Web Beacons

We include small graphic images or other web programming code, called web beacons (also known as "pixel tags", “web bugs” or "clear GIFs"), on the Site. The web beacons are minute graphics with a unique identifier. They are used to track the online movements of Web users. In contrast to cookies, which are stored in a user's computer hard drive, web beacons are embedded invisibly on Web pages and are about the size of the period at the end of this sentence.

Chatbot

In the event you interact with the chatbot, you may be asked to provide Personal Information. Note that our chatbot will only ever ask for your name and email address; any other Personal Information you provide is at your own discretion and not required. Please do not provide any sensitive information. If you use our chatbot, know that when you share personal data, you’re giving us permission to monitor, collect, and record the personal data. By using these tools and technologies, you consent to your conversations being monitored and recorded.

Your 'Do Not Track' Browser Setting

We support the Do Not Track (DNT) browser setting. DNT is a preference you can set in your browser’s settings to let the websites you visit know that you do not want the websites collecting your personal data.

We may track your online activities over time and across third-party websites or online services. For example, we might use web beacons to help us determine what links or advertisers brought you to our Site. We then track your activities on our Site. However, we will not engage in tracking if you select the DNT browser setting.

Information Third Parties Provide About You

We supplement the information we collect about you through the Site with records received from third parties in order to enhance our ability to serve you, to tailor our content to you, and to offer you information that we believe may be of interest to you.

2. PURPOSES FOR WHICH WE USE THE PERSONAL DATA WE COLLECT

We use the information we collect to serve you and improve your experience on the Site. These purposes include:

  • Responding to requests for information
  • Responding to requests for service quotes
  • Providing users free white papers
  • Registering users for Coalfire promotional materials and events
  • Contacting users for marketing, advertising, and sales purposes
  • Responding to questions and feedback
  • Conducting market research and analysis
  • Continuously evaluating and improving the online user experience

Data Retention

We retain your personal data for the duration of the customer relationship, if any. We also retain your personal data for 12 months after our last interaction with you.

3. HOW WE SHARE THE PERSONAL DATA WE COLLECT

We do not sell or rent your personal data to third parties. The following are some of the ways we share your personal data:

  • Required Disclosures: We may be required to share personal data in a court proceeding, in response to a court order, subpoena, civil discovery request, other legal process, or as otherwise required by law.
  • Legal Compliance and Protections: We may disclose account and other personal data when we believe disclosure is necessary to comply with the law or to protect the rights, property, or safety of Coalfire, our users, or others. This includes exchanging personal data with other companies and organizations for fraud protection and credit risk reduction.
  • Corporate Transactions: We reserve the right to disclose and transfer your data, including your personal data:
    • To a subsequent owner, co-owner, or operator of the Site or successor database.
    • In connection with a corporate merger, consolidation, bankruptcy, the sale of substantially all of our membership interests and/or assets or other corporate change, including to any prospective purchasers.

4. HOW WE PROTECT THE PERSONAL DATA WE COLLECT

The security and confidentiality of your personal data is important to us. We have technical, administrative, and physical security measures in place to protect your personal data from unauthorized access or disclosure and improper use.

For example, we use Transport Security Layer (TSL) encryption to protect the data collection forms on our Site. In addition, access to customer information is restricted to authorized personnel only. Only employees who need the personal data to perform a specific job (for example, a customer service representative) are granted access to personal data. Employees with access to personal data are kept up-to-date on our security and privacy practices. Credit card numbers are used for payment processing and automatic renewals where applicable, and are not retained for other purposes.

It is important for you to protect against unauthorized access to your password and to your computer. Be sure to close your browser after you have completed your visit to the Site.

Please note that despite our reasonable efforts, no security measure is ever perfect or impenetrable, so we cannot guarantee the security of your personal data.

5. YOUR CHOICES REGARDING YOUR PERSONAL DATA

You may contact privacy@Coalfire.com to access, update, correct, and delete your personal data.

Managing Cookies and Other Data Collection Technologies: You have a number of options to control or limit how we and our vendors use Cookies and other technologies including for advertising:

  • To prevent your data from being used by Google Analytics, you can install Google’s opt-out browser add-on.
  • To opt out of interest-based advertising, you can visit http://optout.networkadvertising.org/#!/ and follow NAI’s on-screen instructions. Note that if you opt out through the NAI, you will still receive advertising, but the advertising will not be tailored to your interests. In addition, if you opt out through NAI and later delete your cookies, use a different browser, or buy a new device, you will need to opt out of interest-based advertising again.
    • To opt out of ads on Facebook or Google that are targeted to your interests, use your Facebook, LinkedIn, or Google Ads settings.
  • Check your mobile device for settings that control ads based on your interactions with the applications on your device. For example, on your iOS device, enable the "Limit Ad Tracking" setting, and on your Android device, enable the "Opt out of Ads Personalization" setting.

HAVE QUESTIONS

If you have any questions about this Privacy Policy, we'll do our best to answer them promptly. You can contact us at: privacy@Coalfire.com

CALIFORNIA ONLINE PRIVACY PROTECTION ACT COMPLIANCE/YOUR CALIFORNIA PRIVACY RIGHTS
California residents who use the Site may request that we provide certain information regarding our disclosure of your personal data to third parties for their direct marketing purposes. You can make such a request by e-mail to privacy@Coalfire.com.

6. INFORMATION SPECIFIC TO NON-U.S. USERS

a) All locations outside of the United States

The personal data collected through the Site is downloaded to a server maintained by Coalfire. Coalfire is located at AWS-East-01 in the United States. Coalfire will comply with requests to exercise individual data rights in accordance with applicable law. You can contact privacy@Coalfire.com to request to exercise your data rights.

b) European Economic Area and Switzerland

The information in this section, as well as the information in the section above titled “All locations outside of the United States”, applies to users in the European Economic Area and Switzerland (collectively, the "EEA").

Individuals in the EEA ("EEA Individuals") are not required by statute or by contract to provide any personal data to the Site. Coalfire sometimes uses EEA Individuals’ personal data submitted through the Site for automated decision-making. For example, Coalfire may display advertisements and send emails to you containing content automatically chosen based on the products you have ordered from us in the past. However, Coalfire will not use EEA Individuals’ personal data submitted through the Site for automated decision-making, including profiling, which produces legal effects or similarly significantly affects the EEA Individual.

Cross-Border Data Transfers:
The personal data collected through the Site will be transferred to the United States. The recipients of personal data collected through the Site (listed in Section 3 above) are located in the United States or in the country where the data was collected. The European Commission has not issued a determination that the United States ensures an adequate level of protection for personal data.

Legal Bases For Processing:
Coalfire processes your personal data with your consent and as required by law. In addition, Coalfire processes your personal data as necessary for the performance of the sales contract, for example, when processing your requests, and to take steps, at your request, before entering into a contract with you. For example, if you ask us for quotes for products and services you are interested in buying, we may send them to you. Coalfire also processes personal data as necessary for its legitimate interests as follows:

  • Marketing and advertising: Unless you opt out as described below, we use your personal data regarding products and services you have ordered, or in which you have otherwise demonstrated an interest, as necessary to provide you information about the products and services that we think might interest you in accordance with applicable law.
  • Network and information security, fraud prevention, and reporting suspected criminal acts: In the event of fraud, a security incident, or a suspected criminal act, we would examine personal data that appeared to be linked to the incident as necessary to determine what happened, remediate, report to the authorities, and prevent a recurrence.

Right to Object to Processing for Direct Marketing or Legitimate Interests: EEA Individuals have the right to object to the processing of their personal data for purposes of Coalfire’s direct marketing or legitimate interests by contacting Coalfire at privacy@Coalfire.com.

Data Retention: We retain your personal data for the duration of the customer relationship, if any. We also retain your personal data for 12 months after our last interaction with you.

Individual Rights: EEA Individuals have the right to access their personal data collected by the Site and to request that Coalfire update, correct, or delete their personal data as provided by applicable law. EEA Individuals also have the right to object to, or restrict, Coalfire’s processing of their personal data.

In addition, EEA Individuals have the right to data portability concerning their personal data. Subject to certain limitations, the right to data portability allows EEA Individuals to obtain from Coalfire, or to ask Coalfire to send to a third party, a digital copy of the personal data that they provided to the Site. EEA Individuals’ right to access their personal data includes their right to receive a copy of all, or a portion, of their personal data in Coalfire’s possession as long as Coalfire’s providing the personal data would not adversely affect the rights and freedoms of others.

EEA Individuals can exercise these rights by contacting privacy@Coalfire.com. Coalfire will respond to such requests in accordance with applicable data protection law. If EEA Individuals believe that their personal data has been processed in violation of applicable data protection law, they have the right to lodge a complaint with the relevant data protection authority in the country where they reside, where they work, or where the alleged violation occurred.

EEA Individuals may use the contact information above, at any time, to withdraw their consent for the processing of their personal data where Coalfire requires their consent as a legal basis for processing their personal data. Any withdrawal will apply only prospectively, and Coalfire will continue to retain the personal data that EEA Individuals provided before they withdrew their consent for as long as allowed or required by applicable law.

In addition, you may cancel or modify the email communications you have chosen to receive from Coalfire by following the instructions contained in emails from us. Alternatively, you may visit http://www2.coalfire.com/unsubscribe/u/21732 and if your IP address is linked to your email address, you will instantly be unsubscribed from email communications. You may also revisit the link to resubscribe at any time.

EU Representative: Coalfire’s representative in the European Union is Andrew Barratt. You can reach our representative at Suite 28 A, City Tower, Piccadilly Plaza, Manchester, UK, M1 4BT

7. CHANGES TO THIS PRIVACY POLICY

If we change this Privacy Policy, we will post those changes on this page and update the Privacy Policy modification date above. If we materially change this Privacy Policy in a way that affects how we use or disclose your personal data, we will provide a prominent notice of such changes and the effective date of the changes before making them.

8. GENERAL

This web site contains proprietary notices and copyright information, the terms of which must be observed and followed. This site and all content in this site may not be copied, reproduced, republished, uploaded, posted, transmitted, distributed, or used for the creation of derivative works without Coalfire's prior written consent, except that Coalfire grants you non-exclusive, non-transferable, limited permission to access and display the Web pages within this site, solely on your computer and for your personal, non-commercial use of this Web site. This permission is conditioned on your not modifying the content displayed on this site, your keeping intact all copyright, trademark, and other proprietary notices, and your acceptance of any terms, conditions, and notices accompanying the content or otherwise set forth in this site. Notwithstanding the foregoing, any software and other materials that are made available for downloading, access, or other use from this site with their own license terms, conditions, and notices will be governed by such terms, conditions, and notices.

Your failure to comply with the terms, conditions, and notices on this site will result in automatic termination of any rights granted to you, without prior notice, and you must immediately destroy all copies of downloaded materials in your possession or control. Except for the limited permission in the preceding paragraph, Coalfire does not grant you any express or implied rights or licenses under any patents, trademarks, copyrights, or other proprietary or intellectual property rights. You may not mirror any of the content from this site on another Web site or in any other media.

Certain Disclaimers

Information on this web site is not promised or guaranteed to be correct, current, or complete, and this site may contain technical inaccuracies or typographical errors. Coalfire assumes no responsibility (and expressly disclaims responsibility) for updating this site to keep information current or to ensure the accuracy or completeness of any posted information. Accordingly, you should confirm the accuracy and completeness of all posted information before making any decision related to any services, products, or other matters described in this site.

Coalfire provides no assurances that any reported problems will be resolved by Coalfire, even if Coalfire elects to provide information with the goal of addressing a problem.

Use of Trademarks and Logos

All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

Use of certain reference documents, collateral and use cases

Coalfire is solely responsible for the contents of Coalfire authored documents as of the date of publication. The contents of these documents are subject to change at any time based on revisions to the applicable regulations and standards (HIPAA, PCI DSS et.al). Consequently, any forward-looking statements are not predictions and are subject to change without notice. While Coalfire has endeavored to ensure that the information contained in these documents have been obtained from reliable sources, there may be regulatory, compliance, or other reasons that prevent us from doing so. Consequently, Coalfire is not responsible for any errors or omissions, or for the results obtained from the use of this information. Coalfire reserves the right to revise any or all of this document to reflect an accurate representation of the content relative to the current technology landscape. In order to maintain contextual accuracy of these documents, all references to these documents must explicitly reference the entirety of these documents inclusive of the title and publication date; Neither party will publish references to these documents without prior written approval. If you have questions with regard to any legal or compliance matters referenced herein you should consult legal counsel, your security advisor and/or your relevant standard authority.

California and Virginia Privacy Policy

Effective Date: January 1, 2023

This California and Virginia Privacy Policy (the "Policy") is adopted by Coalfire Systems, Inc. and its subsidiaries ("Coalfire") to comply with the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020 (collectively, the "CCPA") and the Virginia Consumer Data Protection Act. This Policy supplements the information contained in the Privacy Policy published by Coalfire at www.coalfire.com (the "Website"), and it applies only to visitors who browse our Website and users who voluntarily provide Coalfire with contact information in order to receive certain content or marketing emails who reside in the states of California or Virginia (each a "consumer" or "you").

I. INFORMATION WE COLLECT

Coalfire (including through our website) collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device (collectively, "Personal Information").

In particular, we collect the following categories of Personal Information:

Category Examples
A. Identifiers A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, or other similar identifiers.
B. Personal Information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) A name, signature, physical address, telephone number, email address, or other similar identifiers.
C. Commercial Information Records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
D. Internet or other similar network activity Browsing history, search history, and information about how the consumer or device interacts with the Website and our services.
E. Geolocation Data Physical location or movements.

Personal information does not include:

  • Publicly available information from government records.
  • Deidentified or aggregated consumer information.
  • Health or medical information covered by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the California Confidentiality of Medical Information Act (CMIA) or clinical trial data.
  • Personal information covered by certain sector-specific privacy laws, including the Fair Credit Reporting Act (FRCA), the Gramm-Leach-Bliley Act (GLBA) or California Financial Information Privacy Act (FIPA), and the Driver's Privacy Protection Act of 1994.

Coalfire obtains the categories of Personal Information listed above from the following categories of sources:

  • Directly from you. For example, from forms or surveys you complete.
  • Indirectly from you. For example, from observing your actions on our Website using ‘cookies’ and other similar tools deployed on parts of the Website.
  • From third party service providers.

II. USE OF PERSONAL INFORMATION

We may use or disclose the Personal Information we collect for one or more of the following business purposes:

  • To fulfill or meet the reason you provided the information.
  • To respond to requests for information, including service quotes and free white papers.
  • To register you for Coalfire promotional materials and events.
  • To contact you for marketing, advertising, and sales purposes.
  • To provide you with support and to respond to your inquiries.
  • To help maintain the safety, security, and integrity of our Website, products and services, databases and other technology assets and business.
  • For testing, research, analysis and product development.
  • To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Coalfire’s assets.
  • To comply with the law or to protect the rights, property, or safety of Coalfire, our users, or others.

Coalfire will not collect additional categories of Personal Information or use the Personal Information we collect for materially different, unrelated or incompatible purposes without providing you notice.

III. DISCLOSURES OF PERSONAL INFORMATION

Coalfire may disclose your personal information to third parties for the business purposes described in the section above entitled “Use of Personal Information.”

We disclose personal information to the following categories of third parties:

  • Service providers
  • Attorneys and other professional advisors
  • Potential buyers of Coalfire and acquisition targets
  • As required by law, regulation or court order

In the preceding twelve (12) months, Coalfire has disclosed the following categories of personal information for the business purposes described above:

  • Identifiers.
  • California Customer Records personal information categories.
  • Internet or other similar network activity.

IV. HOW LONG WE RETAIN PERSONAL INFORMATION

In general, we keep personal information for as long as we need it to carry out the purposes described above. We also keep personal information as we reasonably determine to be necessary to exercise or preserve our legal rights, or comply with other legal obligations we might have, such as in connection with litigation.

V. NO SALES OR SHARING OF PERSONAL INFORMATION

We do not sell and have not sold personal information or shared personal information for cross-context behavioral advertising purposes within the preceding 12 months, as “sale” and “share” are defined under applicable law.

Without limiting the foregoing, we do not sell or share the personal information, including the sensitive personal information, of minors under age 16.

VI. YOUR RIGHTS AND CHOICES

For residents of California

Pursuant to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, the “CCPA”), if you are a California resident, you have the right to make the following requests:

  1. Request to Know
    You may request that we disclose to you:
    • The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
    • The specific pieces of Personal Information we collected about you;
    • The categories of Personal information about you that we “shared” (as defined under the CCPA) and the categories of third parties with whom we “shared” such personal information;
    • The business or commercial purpose for collecting or “sharing” (if applicable) Personal Information about you; and
    • The categories of Personal Information about you that we otherwise disclosed, and the categories of third parties to whom we disclosed such Personal Information (if applicable).
  2. Request to Delete
    • You may request that we delete Personal Information we collected from you.
  3. Request to Correct
    • You may request that we correct inaccuracies in your Personal Information.
  4. Request to Opt Out of “Sharing”
    • You may request to opt out of any future “sharing” or your Personal Information for purposes of cross-context behavioral advertising.

To exercise the rights described above, please submit a verifiable consumer request to us by either:

Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your Personal Information. You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:

  • Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative.
  • Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you.

Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to Personal Information associated with that specific account.

We will only use Personal Information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.

You have the right to be free from unlawful discrimination or retaliation for exercising these. Coalfire will not discriminate against you for exercising these rights. Unless permitted by applicable law, we will not:

  • Deny you any products or services.
  • Charge you different prices for products or services, including through denying benefits or imposing penalties.
  • Provide you with a different level or quality of products or services.
  • Threaten you with any of the above.

Authorized Agents: If you want to make a request as an authorized agent on behalf of a California resident, you may use the submission methods noted above. As part of our verification process, we may request that you provide, as applicable:

  • Proof of your registration with the California Secretary of State to conduct business in California;
  • A power of attorney from the California resident pursuant to Probate Code sections 4121-4130;
  • Written permission that the California resident has authorized you to make a request on the resident’s behalf. This permission must be signed (via physical or e-signature) by the California resident.

If you are making a Request to Know, Correct or Delete on behalf of a California resident and have not provided us with a power of attorney from the resident pursuant to Probate Code sections 4121-4130, we may also require the resident to:

  • Verify the resident’s own identity directly with us; or
  • Directly confirm with us that the resident provided you with permission to submit the request.

For residents of Virginia

Virginia law grants Virginia residents certain rights and imposes restrictions on particular business practices as set forth below.

  • Right to Access: Virginia residents have the right to confirm whether or not we are processing their personal information and to access such personal information.
  • Right to Correction: Virginia residents have a right to correct inaccuracies in their personal information, taking into account the nature of the personal information and our purpose for processing their personal information.
  • Right to Delete: Virginia residents have the right to request the deletion of their personal information that we have collected about them and to have such personal information deleted.
  • Right to Data Portability: Virginia residents have a right to obtain a copy of their personal information previously provided to us in a portable and, if feasible, readily usable format.
  • Right to Opt-Out: Virginia residents have a right to opt-out of the processing of their personal information for purposes of (i) targeted advertising; (ii) the sale of personal information; or (iii) profiling in furtherance of decisions that produce legal or similarly significant effects. Under Virginia law, “sale” means only if we exchange personal information for monetary consideration with a third party.
  • Right to Non-Discrimination: Under Virginia law, we are prohibited from discriminating against Virginia residents for exercising their rights listed above.

Submitting Requests: To make a request to exercise one of these rights, please contact us at privacy@coalfire.com, or our toll free telephone number: (877) 224-8077.

VII. RESPONSE TO REQUESTS

We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. We may need to request additional Personal Information from you, such as email address, state of residency, or mailing address, in order to verify your identity and protect against fraudulent requests. If you maintain a password-protected account with us, we may verify your identity through our existing authentication practices for your account and require you to re-authenticate yourself before disclosing or deleting your Personal Information. If you make a Request to Delete, we may ask you to confirm your request before we delete your Personal Information.

To request to opt out of any future “sharing” of your Personal Information for purposes of cross-context behavioral advertising, click on the “Do Not Share My Personal Information” options for the applicable webpage containing your Notice of Right to Opt-Out and enabling consumers to opt out, or contact us at privacy@coalfire.com or our toll free telephone number (877) 224-8077.

VIII. RESPONSE TIMING AND FORMAT

  • We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing.
  • If you have an account with us, we will deliver our written response to that account. If you do not have an account with us, we will deliver our written response by mail or electronically, at your option.
  • Any disclosures we provide will only cover the 12-month period preceding the date we receive your verifiable consumer request. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance.
  • We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

IX. OTHER CALIFORNIA PRIVACY RIGHTS

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our Website that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an email or write to us at the addresses set out in the “Contact Information” section below.

X. CHANGES TO OUR PRIVACY POLICY

Coalfire reserves the right to amend this Policy at our discretion and at any time. When we make changes to this Policy, we will post the updated notice on the Website and update the notice's effective date. Your continued Contact or Use of our Website following the posting of changes constitutes your acceptance of such changes.

XI. CONTACT INFORMATION

If you have any questions or comments about this Policy, the ways in which Coalfire collects and uses your information, or your choices and rights regarding such use, or if you wish to exercise your rights under California or Virginia law, please contact us at:

Email: privacy@coalfire.com
Toll Free Telephone Number: (877) 224-8077
Website: www.coalfire.com

Postal Address:
Coalfire Systems, Inc.
Attn: Privacy c/o Legal
330 N Wabash Ave, Suite 1430
Chicago, IL, 60611