PRIVACY POLICY

 

JupiterOne, Inc. (“JupiterOne,” “we,” “our,” “us”) respects your privacy. This Privacy Policy describes how we collect, use and disclose Personal Information through our website, https://jupiterone.com/ (the “Website”), or any of our related websites, applications, or services that link to this Privacy Policy (each a “Service”) that are owned and controlled by JupiterOne.  As used in this Privacy Policy, “Personal Information” means information that identifies or that could be used to identify you, and “Services” means, collectively, the Website and the Services.

This Privacy Policy does not apply to information that our customers collect, create, or provide to JupiterOne when they are engaged in cybersecurity asset discovery, tracking and configuration management through use of the JupiterOne platform.  We refer to this information as “Customer Data.”  Customer Data, which may include Personal Information contained in customer’s own technology environment, is owned and controlled by the customer.  Our use and disclosure of Customer Data is governed by our agreements with customers.  If you have questions about the information practices of customers that use the JupiterOne platform, please review the customer’s privacy policy or contact the customer directly.

Information We Collect About You & How We Use It

The Personal Information we collect and how we use it depends on the context of your interactions with us.  As explained below, we collect Personal Information when you provide it directly to us and when we receive it from third parties.  We also collect certain information automatically when you interact with the Services.

Information You Provide Us

We collect Personal Information that you choose to share with us when you use the Services, as described below.

Account Information

If you visit our Website or sign up to use our Services, such as the JupiterOne platform, we will collect Personal Information that you choose to share with us, including through forms presented on the Website and through the Services.

This Personal Information may include:

  • name,
  • email address,
  • password,
  • company name and job title/position, and
  • phone number.

Payment Information

If you make a payment through the Website or our Services, we will need to collect your payment card number, expiration date, CVV, credit card type, and billing name and address.

Additional Information

If you contact us or participate in a survey, contest, or promotion, we collect the information you submit such as your name, email address, contact information, and message.

Additionally, if you apply for a job through the “Careers” page on our Website, we will collect information necessary to evaluate and contact you about your application, which may include your contact details, your resume/CV, employment history, job preferences, educational background, achievements, career trajectory and interests, immigration status and entitlement to work; as well as information for diversity monitoring, such as your gender, race, disability or veteran status.

Information We Collect Automatically

In addition to the information you share with us, we collect some information automatically when you use the Services.  The types of information that we collect automatically may include:

  • Technical information about your computer, device, hardware, or software you use to access the Internet or our Services, such as IP address or other transactional or identifier information for your device (such as device make and model, information about device operating systems and browsers, or other device or system related specifications);
  • Usage information and statistics about your interaction with the Services which may include the URLs of the Services that you have visited, URLs of referring and exiting pages, page views, time spent on a page, number of clicks, the applications and features you use, when and how long you use those applications and features, and other usage statistics;
  • Information that facilitates a safer and more personalized experience with the Services, such as user identification information, saved preferences, and device identifiers or usage information for authentication and fraud prevention purposes; and
  • Information about your approximate location, which we may derive from device information such as IP address.
  • We collect some of this information through tracking technologies such as cookies and web beacons. For more information, please see the How We Use Cookies and Other Tracking Technologies section below.

Information We Collect From Third Parties

In some cases, we receive Personal information from third parties.  For instance, while using our Services, individuals may provide information about another individual, or an authorized user (such as an account administrator) creating an account on your behalf may provide information about you.

We may also receive Personal Information from other third-party sources, including:

  • Our service providers, such as online analytics providers;
  • Data brokers from which we purchase demographic data to supplement the data we collect;
  • Publicly available sources, such as business registries.
  • When one individual provides us with information (including Personal Information) about another individual, we assume that the individual has permission and authority to do so and to consent on behalf of that individual to the collection and use of personal information as described in this Privacy Policy. Please contact us immediately if you become aware of an individual providing us with Personal Information about another individual without being authorized to do so.

How We Use Personal Information

We may use the Personal Information that we collect or receive through the Services for the following purposes:

  • To respond to your inquiries and requests and communicate with you about the Services;
  • To operate and provide support for your use of the Services;
  • To store information about your preferences and customize your experience on the Services;
  • To analyze usage trends and patterns and measure the effectiveness of the Services;
  • To perform our agreements with customers, including fulfilling orders and requests and processing payments;
  • To promote our products and services, including by sending you newsletters, special offers, and other information we think may be of interest to you;
  • To administer, evaluate, and improve our business and the Services (including developing new products and services; managing our communications; and performing accounting, auditing, billing, reconciliation and collection activities);
  • To comply with legal or regulatory requirements, judicial process, and our company policies (including due diligence and contracting activities);
  • To secure the Services, including by protecting against and responding to fraud, illegal activity (such as incidents of hacking or misuse of the Services), and claims and other liabilities, including by enforcing our customer agreements and Terms of Service;
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, including as part of bankruptcy, liquidation, or similar proceeding;
  • To demonstrate and verify compliance with our internal policies and procedures, and applicable privacy and data security laws and regulations; and
  • For any other purpose that you may authorize or direct at the time we collect your Personal Information.

How We Use Cookie and Other Tracking Technologies

We collect information about your use of the Services through tracking technologies such as cookies and web beacons. A “cookie” is a unique numeric code that is transferred to your computer to track your interests and preferences and to recognize you as a return visitor. A “Web beacon” is a transparent graphic image placed on a website, e-mail or advertisement that enables the monitoring of things such as user activity and site traffic.

We and third parties with whom we work may use cookies and web beacons on the Services to improve user experience, to help remember your preferences and allow us to bring you the content and features that are likely to be of interest to you, and to analyze the use of our Services and to improve the Services’ functionality. These third parties may collect information about your online activities over time and across different Web sites. One of the ways we do this is through the use of Google Analytics. For more information about how Google Analytics uses and processes data, please visit https://www.google.com/policies/privacy/partners/.

Most web browsers accept cookies automatically, but can be configured not to do so or to notify the user when a cookie is being sent. If you wish to disable cookies, refer to your browser help menu to learn how to disable cookies. Please note that if you disable cookies, you may not be able to use some customized features available through the Services.

How We Share Personal Information

To accomplish the purposes set out above, we may share your Personal Information with other parties that may include the following:

  • With your employer company that subscribes to the JupiterOne platform, when you register for an account on the platform to access that subscription;
  • Service providers that perform services on our behalf and under our direction;
  • Other third parties as necessary to (a) protect or defend our interests and the legal rights or property; (b) protect the rights, interest and safety and security of the Services, our organization, or members of the public; (c) protect against fraud, and (d) investigate and prosecute users who engage in behavior that is illegal or harmful to others or to others’ property;
  • A buyer or other successor or organization in the event of an actual or potential merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, including as part of bankruptcy, liquidation, or similar proceeding; and
  • Such other parties, or for such other purposes, as you may authorize or direct when we collect your Personal Information.

Your Choices

You can always choose whether or not to provide information to the Services. However, if you choose not to disclose certain information, you may not be able to establish an account on the Services, which may limit your access to certain functions of the Services. Other examples of your choices include:

  • You can browse our website without registering or directly submitting any information to us (although we may still collect some limited information automatically, as described above);
  • You may opt out of receiving our messages at any time by using the opt-out mechanism provided in the message; and
  • You may change your browser settings or take other steps to block, manage, or delete cookies. Our Services do not currently respond to browser “do not track” signals, so you will need to use your browser settings to effectively manage cookies. In some cases, blocking or disabling cookies may cause the Services not to work as intended and some features may not be available.

Links to Other Websites and Services

The Services may contain links to other third-party websites and services. These websites and services are not subject to this Privacy Policy. They are not controlled by JupiterOne and JupiterOne is not responsible for their content or their privacy policies, which may differ from ours. We have not reviewed and make no representations about the accuracy of information on third-party websites, or about their information handling practices. Visits you make to these websites are at your own risk, and we encourage you to review their privacy policies.

Our Global Practices

We may process and store your Personal Information in the United States and in any other country where we or our or service providers operate. By your use of the Services you acknowledge that we will maintain your Personal Information in jurisdictions which may have different data protection rules than in your country, and that your Personal Information may become accessible as permitted by law in those jurisdictions, including to law enforcement or national security authorities.

Additional Information for Residents of California

This section of the Privacy Policy applies solely to consumers who reside in the State of California and to the Personal Information of a particular California consumer or household (“California Personal Information”).  It describes how we collect, use, and share California Personal Information to the extent we act as a “business” under the California Consumer Privacy Act of 2018 (“CCPA”), and the rights that consumers have under the CCPA.  California Personal Information does not include, and this section of the Privacy Policy does not apply to:

  • Personal information that is exempt from the CCPA;
  • Personal information we collect in connection with communications or transactions with consumers who are acting as representatives of companies and other organizations that occur solely within the context of conducting due diligence regarding, or providing or receiving a product or service to or from such companies or organizations; or
  • Personal Information we collect, use, and share on behalf of our customers as a “service provider” under the CCPA.

California Personal Information We Collect

We may have collected the following categories of California Personal Information regarding consumers within the last 12 months:

  • Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)), such as name, signature, address, telephone number, bank account number, credit card number, debit card number, or any other financial information. Some Personal Information included in this category may overlap with other categories;
  • Identifiers such as your real name, alias, postal address, zip code, telephone number, email address and account name;
  • Unique and online identifiers such as device identifiers, internet protocol addresses, cookie identifiers, beacon identifiers, pixel tags or mobile ad identifiers or similar technology, or other forms of persistent or probabilistic identifiers that can be used to identify a particular consumer or device;
  • Commercial information that identifies or could reasonably be linked to you, such as products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies;
  • Internet or other electronic network activity information identifies or could reasonably be linked to you, such as browsing history, search history and information regarding an individual’s interaction with an internet website, application, or advertisement;
  • Professional or employment-related information, such as current or past job history;
  • Sensory data, such as audio, electronic, visual, thermal, olfactory, or similar information;
  • Protected classification characteristics under California or federal law, which includes age if 40 years or older, race, color, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, pregnancy or childbirth and related medical conditions), veteran or military status, genetic information (including familial genetic information); and
  • Inferences drawn from Personal Information, such as person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, or aptitudes.

Sources of California Personal Information

We may obtain the categories of California Personal Information that we collect as indicated above from the following categories of sources:

  • Directly from you. For example, through website forms you complete or ordering our products and services.
  • Automatically and indirectly from you, such as through logging and analytics tools, cookies, pixel tags, and other automatic data collection.
  • From third parties, such as our service providers, consumer data resellers, services that make user-generated content available to others, communications services, and social networks and social media online services.

Use of California Personal Information

We may use the categories of California Personal Information that we collect, as described above, for one or more of the business purposes and commercial purposes described in the How We Use Personal Information section above.

Sharing California Personal Information

We may disclose the categories of California Personal Information that we collect as indicated above to the categories of third parties described in the How We Share Personal Information section above. In the preceding 12 months, we may have disclosed all of the categories of California Personal Information listed above to our service providers and other third parties when you direct us to do so, or when you use our Services to do so.

In the preceding 12 months, we have not sold California Personal Information. We do not sell California Personal Information, and we do not have actual knowledge that we sell the California Personal Information of Consumers under the age of 16.

California Personal Information Rights and Choices

The CCPA and other California laws provide consumers with specific rights regarding their California Personal Information. This section describes the rights you may have and explains how to exercise those rights.

  • Direct Marketing Disclosure Request Right. California residents who have an established business relationship with us may request information regarding third parties, if any, to whom we may have disclosed Personal Information (as defined by Cal. Civ. Code. § 1798.83(e)(7)) for the direct marketing purposes of those third parties during the preceding calendar year. Requests may be made only once per year per person. To submit a request, send an email or letter to the addresses provided in the How to Contact Us section of this Privacy Policy.
  • Access to Specific Information and Data Portability Rights. You have the right to request that we disclose certain information to you about our collection, use, and disclosure of your California Personal Information over the past 12 months. If we receive and confirm a verifiable consumer request from you pursuant to the Exercising Access, Data Portability, and Deletion Rights section below, we will disclose one or all of the following depending on the scope of the request:
  • The categories of California Personal Information we collected about you over the past 12 months.
  • The categories of sources for the California Personal Information we collected about you over the past 12 months.
  • Our business or commercial purpose for collecting California Personal Information about you over the past 12 months.
  • The categories of third parties with whom we shared California Personal Information over the past 12 months.
  • The specific pieces of California Personal Information we collected about you over the past 12 months.
  • The categories of California Personal Information about you that we disclosed for a business purpose, to the extent we have made such disclosures.
  • Deletion Request Rights. Subject to certain exceptions, you have the right to request that we delete the California Personal Information that we have collected about you. Once we receive and confirm your verifiable consumer request, we will delete your California Personal Information from our records, unless an exception applies.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by sending an email to info@jupiterone.com, or sending your request by mail as set out in the How to Contact Us section below, with your first name, last name, and email address, and a detailed explanation of your request.

Only you, or an authorized agent registered with the California Secretary of State that you provide written permission authorize to act on your behalf, may make a verifiable consumer request related to your California Personal Information. If an authorized agent makes a request on your behalf, prior to responding we may require the authorized agent to present written and signed proof of authorization to act on your behalf, verify your identity, and confirm the authorized agent’s permission to act on your behalf directly.  You may also make a verifiable consumer request on behalf of your minor child.

You may only make a verifiable consumer request for access or data portability twice within a 12-month period. Your request must provide information sufficient to permit us to reasonably verify you are the person about whom we collected California Personal Information, or an authorized agent.  To verify your request, we may ask you to provide information such as your first and last name, email address, mailing address, telephone number, or any other information necessary to verify your identity representative of that person. Your request also must include sufficient detail for us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with California Personal Information if we cannot verify your identity or authority to make the request and confirm the California Personal Information relates to you.

If you have an online account with us, we may deliver our written response to that online account. If you do not have an online account with us, we will deliver our written response by mail or electronically.

Making a verifiable consumer request does not require you to create an account with us. However, if you have a password-protected account with us we consider requests made through that account sufficiently verified when the request relates to California Personal Information associated with that specific account.

Any disclosures we provide will only cover the 12-month period preceding our receipt of the verifiable request. If we cannot fulfill, or are permitted to decline, your request then we will alert you or your authorized agent. For data portability requests, we will select a format to provide your California Personal Information that is readily usable.

If your request is manifestly unfounded, repetitive, or excessive, including if you have made several repetitive requests, we may charge a reasonable fee to respond. We also may decline to respond, in which case we will notify you.

Non-Discrimination

Subject to certain exceptions, you have a right to not receive discriminatory treatment for exercising your access, data portability, and deletion rights described above.

How to Contact Us

If you have any questions or comments about this Privacy Policy, if you need to report a problem, or if you would like to exercise one of your rights under this policy, please contact us at or using the information below. Please include your name, contact information, and the nature of your request so that we can respond appropriately and promptly to your communication.

Email: info@jupiterone.com
Postal Mail:
Attn: Privacy Office
1500 Perimeter Park Dr.
Suite 310
Morrisville, NC 27560

Modifications and Updates To This Privacy Policy

We reserve the right to change the terms of this Privacy Policy at any time. Any changes to this Privacy Policy will be reflected on this page with a new “Last Updated” date. We encourage you to review this Privacy Policy regularly for any changes. Your continued use of the Services after we post changes is deemed to be acceptance of those changes.

Effective Date: 2/18/2021
Last Updated: 8/19/2021

Update History:
8/19/2021 – Updated mailing address

Get the Gartner Hype Cycle for Security Operations