Sola Security Ltd. – Site – Privacy Policy
Last updated: August 2024This privacy policy (" PP ") explains how Sola Security Ltd. and its affiliates (" Company ") collect, process and share personal data of you (“ Users ”) in connection with Company websites, Company events or webinars and Company landing pages (collectively, " Site "). This PP is an integral part of any terms of use of the Site (" TOU " together with the PP, the “ Terms ”). For the purpose of this PP " Personal Data " shall mean personal data or personal information pursuant to the applicable data protection law.
- APPLICABILITY.
- User is not under any legal obligation to submit personal data to Company. However, if User chooses not to do so, certain Services (as defined in the TOU) might not be available to User.
- By attempting to use or access, or by using or accessing the Site, User agrees to be bound by the Terms. If User does not agree with the Terms, User must not access and/or use the Site.
- Company may change this PP from time to time. Any amended PP will come into effect when posted on the Site. Company will seek User's prior consent to any material changes, if and where this is required by applicable data protection law.
- Capitalized terms not defined herein shall have the meaning assigned to them in the TOU.
- PERSONAL DATA COLLECTED BY COMPANY.
- Information provided by User. Company may collect any information User provides Company with, including but not limited to name, email address, CV, etc.
- Information collected automatically. Company may automatically collect data when User visits, interacts with, or uses the Site, including but not limited to by:
- Identifiers and information contained in cookies;
- User's settings preferences, backup information;
- Content User viewed or searched for, page response times, and page interaction information (such as scrolling, clicks, and mouse-overs);
- Network and connection information, such as the Internet protocol (IP) address and information about User's Internet service provider;
- Device information, such as browser type and version, operating system, or time zone setting; location of the device, encounters with other devices using the Site.
- COOKIES AND TRACKING TECHNOLOGIES.
- Company may use tracking mechanisms such as cookies on the Site so that Company may: (i) Facilitate, analyze, personalize and customize the User's experience of the Site; and (ii) track User's use of the Site.
- A cookie is a small text file that is stored on User’s computer for record-keeping purposes which contains information about that User. Most browsers automatically accept cookies, but User may be able to modify its browser settings to decline cookies. Please note that if User declines or deletes these cookies, some parts of the Site may not work properly. This PP does not apply to any products, services, websites, links or any other content that may be offered by third parties on the Site (e.g., pop-up additions).
- Without derogating from the generality of the foregoing, the Company uses Google Analytics, Segment (Twilio) and PostHogfor marketing purposes and to learn via the information collected how often Users visit the Services, which pages they visit and which other sites they used before reaching our Site.
- Google Analytics
To learn about how Google Analytics collects and processes data, click here and here. Visit this page to find out about Users’ option to opt-out of Google’s analytics services. - Segment (Twilio)
To learn about how Segment (Twilio) collects and processes data, click here and here. - PostHog
To learn about how PostHog collects and processes data, click here and here.
- To learn more about our cookie practices, please visit our cookie consent banner.
- THIRD-PARTIES SERVICES.
- This PP does not apply any products, services, websites, links or any other content that are offered by third parties. User is advised to check the applicable third-party policies. Company has no control over such third parties' privacy practices, or the technology used by such third parties. Each User is advised to thoroughly review such third parties' privacy policies before making any use of such third party's products and services.
- Without derogating from the generality of the foregoing, if Users upload CVs to the Site they will be directly uploaded to the Company’s HR portal (Comeet) and any processing of Users’ CVs and any information contained therein will be subject to the Company’s job candidate privacy policy and Comeet’s privacy terms.
- By clicking on a link to a third-party website or service on the Site, a third party may transmit cookies to User. This PP does not cover the use of cookies by any third parties, and Company is not responsible for such third parties' privacy policies and practices.
- COMPANY'S USE OF PERSONAL DATA.
- Company may process User's personal data to operate, provide, and improve the Site, including but not limited to:
- contacting User and communicating with User with respect to the Site and/or Company's services;
- identifying User's interests and recommending offers that might be of interest to User;
- marketing and promoting Company's services;
- providing assistance, notification and support;
- fulfilling User requests; meeting contractual or legal obligations;
- protecting Users security, e.g. preventing and detecting fraud;
- internal purposes, e.g. trouble shooting, data analysis, testing and statistical purposes.
- Except as provided herein, Company does not use any personal data obtained hereunder, without obtaining User's prior consent.
SHARING PERSONAL DATA OF USER.
- Company may be required to retain or disclose personal data in the following cases:
- Company may be required to retain or disclose personal data in the following cases:
- Provide User’s with the Services;
- comply with applicable laws or regulations;
- comply with a court order, subpoena or other legal process;
- respond to a lawful request by a government authority, law enforcement agency or similar government body;
- engage with third-party service providers and/or sub-contractors which provide services for Company's business operations, a list of which can be received upon request;
- disclose and/or transfer data to another entity if Company is acquired by or merged with another entity, if Company sells or transfer a business unit or assets to another entity, as part of a bankruptcy proceeding, or as part of any other similar business transfer;
- Company believes release is appropriate to comply with the law, enforce or apply Company's terms and other agreements, or protect the rights, property, or security of Company, Users, or others. This includes exchanging information with other companies and organizations for fraud prevention and detection and credit risk reduction.
- When Company shares User's data with third parties as specified above, Company makes reasonable efforts to require such recipients to agree to only use the personal data Company shares with them in accordance with this PP and Company's contractual specifications and for no other purpose than those determined by Company in line with this PP.
DIRECT MARKETING AND ADVERTISEMENT.
- Company may provide Users with direct marketing, as such term is defined in the Israeli Privacy Protection Law, 1981.
- Company may also send Users advertisements, as such term is defined in the Israeli Media Law (Bezeq and Broadcasting), 1982.
- User can opt out of receiving these direct marketing and/or advertisements from Company at any time by unsubscribing, using the unsubscribe link within each of the above communications, or by emailing the Company at: privacy@sola.security to have User's contact information removed from Company's email list.
- SECURITY.
Company has taken appropriate technical and organizational measures to protect the information Company collects about User from loss, misuse, unauthorized access, disclosure, alteration, destruction, and any other form of unauthorized processing. User should be aware, however, that no data protection and security measures can guarantee 100% protection and security of any data stored either with Company or with any third parties.
- USERS IN THE EUROPEAN ECONOMIC AREA (EEA)
- Definition. “Personal Data” means data that may be used, either alone or together with other information, to identify an individual user, including, without limitation, a user’s name, address, telephone number, username, email address, city and country, geolocation, unique identifiers, picture, or other similar information and includes personal data as defined in the General Data Protection Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 ("GDPR").
- Legal Basis for Processing of Personal Data
Company will only process User's Personal Data if it has one or more of the following legal bases for doing so:
- Contractual Necessity: processing of Personal Data is necessary to enter into a contract with User, to perform Company's contractual obligations to User under the TOU, to respond to requests from User, or to provide User with customer support;
- Legitimate Interest: Company has a legitimate interest to process User's Personal Data;
- Legal Obligation: processing of User's Personal Data is necessary to comply with relevant law and legal obligations, including to respond to lawful requests and orders; or
- Consent: processing of User's Personal Data with User's consent.
- User's Rights regarding Personal Data
- Subject to applicable law, User has certain rights with respect to User's Personal Data, including the following:
- User may ask whether Company holds Personal Data about User and request copies of such Personal Data and information about how it is processed;
- User may request that inaccurate Personal Data is corrected;
- User may request the deletion of certain Personal Data;
- User may request Company to cease or restrict the processing of Personal Data where the processing is inappropriate;
- When User consents to processing User's Personal Data for a specified purpose by Company, User may withdraw User's consent at any time, and Company will stop any further processing of User's data for that purpose.
- In certain circumstances, Company may not be able to fully comply with User's request, such as if it is frivolous or extremely impractical, if it jeopardizes the rights of others, or if it is not required by law, however, in those circumstances, Company will still respond to notify User of such a decision.
- User can exercise User's rights of access, rectification, erasure, restriction, objection, and data portability by contacting Company at the email address set forth below. In some cases, Company may need User to provide Company with additional information, which may include Personal Data, if necessary to verify User's identity and the nature of User's request.
- Transfer of User's Personal Data outside of the EEA
- The data that Company processes in relation to Users may be transferred to, and stored at a destination outside the European Economic Area (“ EEA“), e.g., Israel and the USA, that may not be subject to equivalent data protection law. It may also be processed by staff situated outside the EEA who works for us or for one of our service providers: (i) in order to store it; (ii) where we are legally required to do so; (iii) in order to facilitate the operation of our businesses, where it is in our legitimate interests and we have concluded these are not overridden by User's rights.
- Where Personal Data is transferred by Company or Company's affiliates in relation to providing the services Company will take all steps reasonably necessary to ensure that it is subject to appropriate safeguards, such as relying on a recognized legal adequacy mechanism, which may include by entering into European Commission approved standard contractual clauses relevant to transfers of Personal Data and that it is treated securely and in accordance with this PP.
- INTERNATIONAL STORAGE
Each User is advised to be aware that personal data Company collects may be transferred to, processed and stored outside User's jurisdiction, and that data protection laws in the jurisdiction where the information is collected stored and/or processed may differ from User's jurisdiction including in Israel, the EU, and the US, as reasonably necessary for the proper performance and delivery of the Company services, or as may be required by law. Each User hereby gives User's consent to this transfer, processing and storage of User's information outside User’s jurisdiction.
- RETENTION
Company will retain users Personal Data for a period of time consistent with the original purpose of collection (see Section 3, “Company's Use of Personal Data”). Company determines the appropriate retention period for Personal Data on the basis of the amount, nature and sensitivity of Users’ Personal Data processed, the potential risk of harm from unauthorized use or disclosure of Users’ Personal Data, and whether Company can achieve the purposes of the processing through other means, as well as on the basis of applicable data protection law requirements (such as applicable minimum statutory retention requirements). After the expiration of the applicable retention periods, Company will delete Company Personal Data. If there is any data that Company are unable, for technical reasons, to delete entirely from Company’s systems, Company will put in place appropriate measures to prevent any further use of such Personal Data.
- QUESTIONS REGARDING USER'S PERSONAL DATA?
If User has any questions about this PP or Company's privacy and/or data protection practices in general, please contact us at privacy@sola.security .